// middleware.ts
import { NextRequest, NextResponse } from "next/server";

export function middleware(req: NextRequest) {
  const session = req.cookies.get("session");
  const pathname = req.nextUrl.pathname;

  // Redirect to login if no session and trying to access protected routes
  if (!session && (pathname.startsWith("/app") || pathname.startsWith("/dashboard") || pathname.startsWith("/billing"))) {
    return NextResponse.redirect(new URL("/login", req.url));
  }
}

export const config = {
  matcher: ["/app/:path*", "/dashboard/:path*", "/billing/:path*"],
};