export default defineNuxtRouteMiddleware(async (to, from) => {
  const guestPaths = ['/signin', '/select-role', '/login', '/register', '/verify-email', '/forgot-password', '/reset-password']

  if(!guestPaths.includes(from.path)) {
    const user = useCookie('logship_user')

    try {
      const authenticated = await $fetch('/api/idempiere-auth/authenticated', {
        headers: useRequestHeaders(['cookie'])
      })
      if(authenticated.user?.id === undefined || user.value?.id === undefined) {
        return navigateTo('/signin')
      }
    } catch (error: any) {
      // On mobile, don't logout on network errors - just check the cookie
      const isMobilePage = to.path.startsWith('/mobile')

      if (isMobilePage) {
        // For mobile pages, only logout if user cookie is actually missing
        // Network errors should not trigger logout
        if (!user.value?.id) {
          console.warn('[Auth] Mobile auth check failed, no user cookie:', error?.message)
          return navigateTo('/signin')
        }
        // User cookie exists, allow navigation despite API error
        console.warn('[Auth] Mobile auth API error, but user cookie exists - continuing:', error?.message)
        return
      }

      // For non-mobile pages, redirect on any auth error
      console.error('[Auth] Authentication check failed:', error?.message)
      return navigateTo('/signin')
    }
  }
})