import { getSessionData } from '@/lib/session/session-storage';
import { clerkMiddleware, createRouteMatcher } from '@clerk/nextjs/server';
import { NextResponse } from 'next/server';

const isPublic = createRouteMatcher([
    '/home(.*)?',
    '/about(.*)?',
    '/api/user(.*)?',
]);

const isAdmin = createRouteMatcher(['/admin(.*)?']);

export default clerkMiddleware(async (auth, req) => {
    if (isPublic(req)) {
        return;
    }

    const sessionData = await getSessionData();
    if (!sessionData || !sessionData.user) {
        await auth.protect();
        return NextResponse.redirect(new URL('/api/user/sync', req.url));
    }

    if (isAdmin(req) && sessionData?.user?.role !== 'admin') {
        return NextResponse.redirect(new URL('/', req.url));
    }
});

export const config = {
    matcher: [
        // Skip Next.js internals and all static files, unless found in search params
        '/((?!_next|[^?]*\\.(?:html?|css|js(?!on)|jpe?g|webp|png|gif|svg|ttf|woff2?|ico|csv|docx?|xlsx?|zip|webmanifest)).*)',
        // Always run for API routes
        '/(api|trpc)(.*)',
    ],
};