import { NextRequest, NextResponse } from "next/server";

export async function middleware(req: NextRequest) {
  const { pathname } = req.nextUrl;

  const publicRoutes = ["/login.html"];
  const isPublic = publicRoutes.some(route =>
    pathname.startsWith(route)
  );

  // EDGE-SAFE: read cookie only
  const token = req.cookies.get("ikoncloud_next_accessToken")?.value;
 

  if (!isPublic && !token) {
    const url = req.nextUrl.clone();
    url.pathname = "/login.html";
    return NextResponse.redirect(url);
  }

  return NextResponse.next();
}

export const config = {
  matcher: [
    "/((?!_next/static|_next/image|favicon.ico).*)",
  ],
};