import { getToken } from "next-auth/jwt"
import { withAuth } from "next-auth/middleware"
import { NextResponse } from "next/server"

const PAGES_REQUIRE_AUTH = ["/new", "/settings", "/mine", "/admin"]

export default withAuth(
	async function middleware(req) {
		const token = await getToken({ req })

		const isAuthed = !!token
		const isAuthPage =
			req.nextUrl.pathname.startsWith("/signup") ||
			req.nextUrl.pathname.startsWith("/signin")

		const isPageRequireAuth = PAGES_REQUIRE_AUTH.includes(req.nextUrl.pathname)

		if (isAuthPage) {
			if (isAuthed) {
				return NextResponse.redirect(new URL("/new", req.url))
			}

			return null
		} else if (isPageRequireAuth && !isAuthed) {
			return NextResponse.redirect(new URL("/signin", req.url))
		}

		return NextResponse.next()
	},
	{
		callbacks: {
			async authorized() {
				// This is a work-around for handling redirect on auth pages.
				// We return true here so that the middleware function above
				// is always called.
				return true
			}
		}
	}
)

export const config = {
	matcher: [
		/*
		 * Match all request paths except for the ones starting with:
		 * - api (API routes)
		 * - _next/static (static files)
		 * - _next/image (image optimization files)
		 * - favicon.ico (favicon file)
		 */
		"/((?!api|_next/static|_next/image|favicon.ico).*)"
	]
}