import NextAuth, { NextAuthConfig } from "next-auth";
import Authentik from "next-auth/providers/authentik";
import type { Provider } from "next-auth/providers";

const providers: Provider[] = [
	Authentik({
		clientId: process.env.AUTH_AUTHENTIK_CLIENT_ID,
		clientSecret: process.env.AUTH_AUTHENTIK_CLIENT_SECRET,
		issuer: process.env.AUTH_AUTHENTIK_ISSUER,
		authorization: {
			params: {
				scope: "openid email profile",
			},
		},
		profile(profile) {
			return {
				id: profile.sub,
				name: profile.name,
				email: profile.email,
				image: profile.picture,
			};
		},
	}),
];

export const providerMap = providers.map((provider) => {
	if (typeof provider === "function") {
		const providerData = provider();
		return { id: providerData.id, name: providerData.name };
	} else {
		return { id: provider.id, name: provider.name };
	}
});

const basePath = process.env.BASE_PATH ?? ''

const config = {
  basePath: `${basePath}/api/auth`,
	providers,
	pages: {
		signIn: "/signin",
		signOut: "/signout",
	},
	trustHost: true,
	// callbacks: {
	// 	authorized({ auth, request: { nextUrl } }) {
	// 		const isLoggedIn = !!auth?.user;
	// 		const isOnProtectedRoute = nextUrl.pathname.startsWith("/api/ai-event");
	//
	// 		if (isOnProtectedRoute) {
	// 			if (isLoggedIn) return true;
	// 			return false;
	// 		} else if (isLoggedIn) {
	// 			return Response.redirect(new URL("/api/ai-event", nextUrl));
	// 		}
	// 		return true;
	// 	},
	// },
} satisfies NextAuthConfig;
export const { handlers, signIn, signOut, auth } = NextAuth(config);