import { useProfileSession, usePermissions } from "#imports";

export default defineNuxtRouteMiddleware(async (to) => {
  const { ensureSession, activeProfile } = useProfileSession();
  await ensureSession();

  const rawPath = to?.path ?? "";
  const normalizedPath = rawPath.startsWith("/") ? rawPath : `/${rawPath}`;
  const fullPath = to?.fullPath ?? normalizedPath;
  const routeName = typeof to?.name === "string" ? to.name : "";
  const isProfilesRoute =
    normalizedPath.startsWith("/profiles") ||
    fullPath.startsWith("/profiles") ||
    routeName.startsWith("profiles");

  // Redirect to login if no active profile
  if (!activeProfile.value && !isProfilesRoute) {
    return navigateTo("/profiles");
  }

  // Permission checks
  if (activeProfile.value) {
    const { isAdmin } = usePermissions();

    // Admin-only routes
    if (normalizedPath.startsWith("/admin")) {
      if (!isAdmin.value) {
        return navigateTo("/");
      }
    }

  }
});