const requireAuth = (req, res, next) => {
  if (req.session && req.session.adminId) {
    return next();
  }
  res.redirect('/admin/login');
};

const requireRole = (allowedRoles) => {
  return (req, res, next) => {
    if (!req.session || !req.session.adminId) {
      return res.redirect('/admin/login');
    }
    const userRole = req.session.role || 'user';
    if (allowedRoles.includes(userRole)) {
      return next();
    }
    res.status(403).send('Access denied');
  };
};

const redirectIfAuth = (req, res, next) => {
  if (req.session && req.session.adminId) {
    return res.redirect('/admin/dashboard');
  }
  next();
};

module.exports = { requireAuth, requireRole, redirectIfAuth };