import { NextRequest, NextResponse } from "next/server";
import { getSessionCookieName, verifySessionToken } from "@/lib/auth";

export async function middleware(request: NextRequest) {
  const { pathname, search } = request.nextUrl;
  const host = request.headers.get("host") || "";
  const crmHost = process.env.CRM_HOST || "crm.workparking.ru";

  if (!pathname.startsWith("/admin")) {
    return NextResponse.next();
  }

  if (host !== crmHost) {
    const redirectUrl = new URL(request.url);
    redirectUrl.host = crmHost;
    redirectUrl.protocol = "https:";
    return NextResponse.redirect(redirectUrl);
  }

  const cookieName = getSessionCookieName();
  const token = request.cookies.get(cookieName)?.value;
  const isAuthed = await verifySessionToken(token);

  const isLoginPage = pathname === "/admin/login";

  if (!isAuthed && !isLoginPage) {
    const loginUrl = new URL("/admin/login", request.url);
    loginUrl.searchParams.set("next", `${pathname}${search}`);
    return NextResponse.redirect(loginUrl);
  }

  if (isAuthed && isLoginPage) {
    return NextResponse.redirect(new URL("/admin/leads", request.url));
  }

  return NextResponse.next();
}

export const config = {
  matcher: ["/admin/:path*"],
};