import type { NextConfig } from 'next';

const isProduction = process.env.NODE_ENV === 'production';
const distDir = process.env.NEXT_DIST_DIR?.trim() || '.next';
const authorizeNetOrigins = [
  'https://accept.authorize.net',
  ...(isProduction ? [] : ['https://test.authorize.net']),
];

const contentSecurityPolicy = [
  "default-src 'self'",
  "script-src 'self' 'unsafe-inline' https://www.googletagmanager.com https://www.google-analytics.com https://*.google-analytics.com https://analytics.tiktok.com https://ads.tiktok.com",
  "style-src 'self' https://fonts.googleapis.com",
  "style-src-elem 'self' https://fonts.googleapis.com",
  "style-src-attr 'unsafe-inline'",
  "font-src 'self' data: https://fonts.gstatic.com",
  "img-src 'self' data: blob: https:",
  `connect-src 'self' https://rainmakersports.app https://www.googletagmanager.com https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com https://analytics.tiktok.com https://ads.tiktok.com https://business-api.tiktok.com ${authorizeNetOrigins.join(' ')}`,
  `frame-src 'self' ${authorizeNetOrigins.join(' ')}`,
  `form-action 'self' ${authorizeNetOrigins.join(' ')}`,
  "manifest-src 'self'",
  "worker-src 'self' blob:",
  "base-uri 'self'",
  "object-src 'none'",
  "frame-ancestors 'none'",
].join('; ');

const securityHeaders = [
  { key: 'Content-Security-Policy', value: contentSecurityPolicy },
  { key: 'Permissions-Policy', value: 'accelerometer=(), autoplay=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), usb=()' },
  { key: 'Referrer-Policy', value: 'strict-origin-when-cross-origin' },
  { key: 'Strict-Transport-Security', value: 'max-age=31536000; includeSubDomains; preload' },
  { key: 'X-Content-Type-Options', value: 'nosniff' },
  { key: 'X-Frame-Options', value: 'DENY' },
];

const nextConfig: NextConfig = {
  distDir,
  poweredByHeader: false,
  async redirects() {
    return [
      {
        source: '/daily-wire/:path*',
        destination: '/rain-wire/:path*',
        permanent: true,
      },
      {
        source: '/daily-wire',
        destination: '/',
        permanent: true,
      },
      {
        source: '/daily-blogs/:path*',
        destination: '/rain-wire/:path*',
        permanent: true,
      },
      {
        source: '/daily-blogs',
        destination: '/',
        permanent: true,
      },
    ];
  },
  async headers() {
    return [
      {
        // Prevent stale HTML/JS caching that causes "Failed to find Server Action" errors
        source: '/:path*',
        headers: [
          ...securityHeaders,
          { key: 'Cache-Control', value: 'no-cache, no-store, must-revalidate' },
        ],
      },
      {
        // Allow static assets to cache normally
        source: '/_next/static/:path*',
        headers: [
          ...securityHeaders,
          { key: 'Cache-Control', value: 'public, max-age=31536000, immutable' },
        ],
      },
      {
        source: '/logos/:path*',
        headers: [
          ...securityHeaders,
          { key: 'Cache-Control', value: 'public, max-age=86400' },
        ],
      },
    ];
  },
  async rewrites() {
    return [
      {
        source: '/feed.xml',
        destination: 'http://127.0.0.1:3021/api/blog/feed.xml',
      },
      {
        source: '/api/:path*',
        destination: 'http://127.0.0.1:3021/api/:path*',
      },
    ];
  },
};

export default nextConfig;