function requireLogin(req, res, next) {
  if (!req.session.user) {
    return res.redirect("/");
  }

  req.user = req.session.user;
  next();
}

// ✅ NEU: Arzt-only (das war früher dein requireAdmin)
function requireArzt(req, res, next) {
  console.log("ARZT CHECK:", req.session.user);

  if (!req.session.user) {
    return res.redirect("/");
  }

  if (req.session.user.role !== "arzt") {
    return res
      .status(403)
      .send(
        "⛔ Kein Zugriff (Arzt erforderlich). Rolle: " + req.session.user.role,
      );
  }

  req.user = req.session.user;
  next();
}

// ✅ NEU: Admin-only
function requireAdmin(req, res, next) {
  console.log("ADMIN CHECK:", req.session.user);

  if (!req.session.user) {
    return res.redirect("/");
  }

  if (req.session.user.role !== "admin") {
    return res
      .status(403)
      .send(
        "⛔ Kein Zugriff (Admin erforderlich). Rolle: " + req.session.user.role,
      );
  }

  req.user = req.session.user;
  next();
}

module.exports = {
  requireLogin,
  requireArzt,
  requireAdmin,
};