import arcjet, { detectBot } from "@arcjet/next";
import { NextRequest, NextResponse } from "next/server";

export const config = {
  // matcher tells Next.js which routes to run the middleware on.
  // This runs the middleware on all routes except for static assets.
  matcher: ["/((?!_next/static|_next/image|favicon.ico).*)"],
};

const aj = arcjet({
  key: process.env.ARCJET_KEY!,
  rules: [
    detectBot({
      mode: "LIVE",
      allow: [
        "CATEGORY:SEARCH_ENGINE",
        "CATEGORY:PREVIEW",
        "CATEGORY:SOCIAL",
      ],
    }),
  ],
});

export default async function middleware(request: NextRequest) {
  console.log(request.headers);

  // const decision = await aj.protect(request);
  //
  // if (
  //   // If this deny comes from a bot rule then block the request. You can
  //   // customize this logic to fit your needs e.g. changing the status code.
  //   decision.isDenied() &&
  //   decision.reason.isBot()
  // ) {
  //   return NextResponse.json({ error: "Unauthorized" }, { status: 403 });
  // } else if (decision.isErrored()) {
  //   console.warn("Arcjet error", decision.reason.message);
  //   return NextResponse.json({ error: "Bad request" }, { status: 400 });
  // } else {
  //   return NextResponse.next();
  // }
}