import { NextResponse } from 'next/server';
import { auth } from './auth';

export default auth((req) => {
  const { pathname } = req.nextUrl;

  // Alltid tillgängliga sidor
  const publicPaths = ['/login', '/register'];
  if (publicPaths.some((p) => pathname.startsWith(p))) {
    return NextResponse.next();
  }

  // Om ej inloggad, omdirigera till /login
  if (!req.auth) {
    const loginUrl = new URL('/login', req.url);
    loginUrl.searchParams.set('callbackUrl', pathname);
    return NextResponse.redirect(loginUrl);
  }

  // Admin-sidor kräver admin-roll
  if (pathname.startsWith('/admin')) {
    const role = (req.auth.user as any)?.role;
    if (role !== 'admin') {
      return NextResponse.redirect(new URL('/', req.url));
    }
  }

  return NextResponse.next();
});

export const config = {
  matcher: ['/((?!api|_next/static|_next/image|favicon.ico).*)'],
};

export const config = {
  matcher: ['/((?!_next/static|_next/image|favicon.ico|api/auth).*)'],
};