import { NextResponse } from "next/server";
import type { NextRequest } from "next/server";

export function proxy(request: NextRequest) {
    // Only protect /api routes, but exclude status and health for polling
    if (request.nextUrl.pathname.startsWith("/api") &&
        !request.nextUrl.pathname.includes("/api/v1/health")) {
        const apiKey = request.headers.get("x-api-key");
        const validApiKey = process.env.API_KEY;

        // Check if API key matches (or if environment variable is not set, fail safe)
        if (!validApiKey || apiKey !== validApiKey) {
            return NextResponse.json(
                { error: "Unauthorized: Invalid or missing API Key" },
                { status: 401 }
            );
        }
    }

    return NextResponse.next();
}

export const config = {
    matcher: "/api/:path*",
};