import { NextResponse } from "next/server";
import type { NextRequest } from "next/server";

export function middleware(req: NextRequest) {
  const protectedPaths = [
    "/dashboard","/drawings","/rfas","/transmittals","/correspondences",
    "/contracts-volumes","/users","/reports","/workflow","/health","/admin"
  ];
  const { pathname } = req.nextUrl;
  const isProtected = protectedPaths.some(p => pathname.startsWith(p));
  if (!isProtected) return NextResponse.next();
  const hasToken = req.cookies.get("access_token");
  if (!hasToken) {
    const url = req.nextUrl.clone();
    url.pathname = "/login";
    return NextResponse.redirect(url);
  }
  return NextResponse.next();
}

export const config = { matcher: [
  "/dashboard/:path*","/drawings/:path*","/rfas/:path*","/transmittals/:path*","/correspondences/:path*",
  "/contracts-volumes/:path*","/users/:path*","/reports/:path*","/workflow/:path*","/health/:path*","/admin/:path*"
] };