import { redirect, type Handle } from '@sveltejs/kit';
import { getSession } from '$lib/server/auth';

export const handle: Handle = async ({ event, resolve }) => {
    const session = getSession(event.cookies);
    event.locals.user = session;

    const path = event.url.pathname;

    // Public routes that don't need auth
    const publicRoutes = ['/login', '/register', '/api/auth'];
    const isPublicRoute = publicRoutes.some(route => path.startsWith(route));

    if (!event.locals.user && !isPublicRoute && path !== '/') {
        throw redirect(303, '/login');
    }

    const response = await resolve(event);
    return response;
};