import { NextResponse } from "next/server";
import type { NextRequest } from "next/server";

const PROTECTED_PATHS = ["/my", "/api/my"];

export function middleware(req: NextRequest) {
    const { pathname } = req.nextUrl;
    const needsAuth = PROTECTED_PATHS.some(
        (p) => pathname === p || pathname.startsWith(p + "/")
    );
    if (!needsAuth) return NextResponse.next();

    const hasToken = Boolean(req.cookies.get("ma_at")?.value);
    if (!hasToken) {
        const url = new URL("/sign-in", req.url);
        url.searchParams.set("next", pathname);
        return NextResponse.redirect(url);
    }
    return NextResponse.next();
}

export const config = {
    matcher: ["/((?!_next|static|favicon.ico).*)"],
};