<?php

namespace App\Http\Middleware;

use Closure;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\DB;
use App\Models\Member;
use Laravel\Sanctum\PersonalAccessToken;

class ApiKeyMiddleware
{
    public function handle(Request $request, Closure $next)
    {
        $apiKey = $request->header('X-API-KEY');

        $validApiKey = false;

        // 1. API 키가 유효한지 확인
        if ($apiKey) {
            $validApiKey = DB::table('api_keys')
                ->where('key', $apiKey)
                ->where('is_active', true)
                ->exists();

            // 2. 회원 인증 (remember_token으로)
            if (!$validApiKey) {
                $user = Member::where('remember_token', $apiKey)->first();

                if ($user) {
                    $validApiKey = true;

                    // ✅ 세션에 유저 정보 저장
                    session(['Adm' => [
                        'idx' => $user->mb_num,
                        'id' => $user->mb_id,
                        'name' => $user->mb_name,
                        'level' => $user->mb_level,
                        'token' => $user->remember_token,
                    ]]);
                }
            }
        }

        if (!$validApiKey) {
            return response()->json(['message' => 'Unauthorized. Invalid or missing API key or token'], 401);
        }

        // Bearer 인증 (Sanctum)
        $user = [];
        if($token = $request->bearerToken()) {
            $accessToken = PersonalAccessToken::findToken($token);
            if ($accessToken && $accessToken->tokenable instanceof Member) {
                $user = $accessToken->tokenable;
            }
        }
        if ($user) {
            $request->setUserResolver(fn() => $user);
        }


        return $next($request);
    }
}