import { NextResponse } from 'next/server';
import { verifySession } from './lib/auth';

// Define which paths should trigger this middleware
export const config = {
  matcher: [
    '/dashboard/:path*', 
    '/api/state', 
    '/api/trades'
  ],
};

export async function middleware(req) {
  const token = req.cookies.get('kalbot_session')?.value;
  const isValid = await verifySession(token);

  if (!isValid) {
    // If they are trying to hit an API endpoint without a session, return 401
    if (req.nextUrl.pathname.startsWith('/api/')) {
      return NextResponse.json({ error: 'Unauthorized. Nice try!' }, { status: 401 });
    }
    
    // Otherwise, boot them back to the login page
    return NextResponse.redirect(new URL('/', req.url));
  }

  // Session is valid, allow the request to proceed
  return NextResponse.next();
}