import type { NextAuthConfig } from 'next-auth';

export const authConfig = {
  pages: {
    signIn: '/login',
    newUser: '/register',
  },
  secret: "csQFtfYvQ8YtatEYSUFyslXdk2vJhZFt9D5gav/RJQg=",
  trustHost: true,
  session: {
    strategy: 'jwt',
  },
  callbacks: {
    authorized({ auth, request: { nextUrl } }) {
      const isLoggedIn = !!auth?.user;
      const isAdmin = (auth?.user as any)?.role === 'ADMIN';
      const isDashboardPage = nextUrl.pathname === '/' || 
                             nextUrl.pathname.startsWith('/reminders') || 
                             nextUrl.pathname.startsWith('/archive') || 
                             nextUrl.pathname.startsWith('/trash') ||
                             nextUrl.pathname.startsWith('/settings');
      const isAdminPage = nextUrl.pathname.startsWith('/admin');

      if (isAdminPage) {
        return isLoggedIn && isAdmin;
      }

      if (isDashboardPage) {
        if (isLoggedIn) return true;
        return false;
      } else if (isLoggedIn && (nextUrl.pathname === '/login' || nextUrl.pathname === '/register')) {
        return Response.redirect(new URL('/', nextUrl));
      }
      return true;
    },
    async jwt({ token, user }) {
      if (user) {
        token.id = user.id;
        token.role = (user as any).role;
      }
      return token;
    },
    async session({ session, token }) {
      if (token && session.user) {
        (session.user as any).id = token.id;
        (session.user as any).role = token.role;
      }
      return session;
    },
  },
  providers: [], 
} satisfies NextAuthConfig;