<?php

namespace App\Http\Middleware;

use Closure;
use Illuminate\Http\Request;
use Illuminate\Support\Carbon;
use Illuminate\Support\Facades\DB;

use Firebase\JWT\JWT;
use Firebase\JWT\Key;

use App\Http\Controllers\ResponseController;

class JWTMiddleware{
    private $responseController;
    private $publicKey = "zOgD0uF22+xg37nTmA+bg/6/E80BJYeHeByGpeTrNFw=";
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure(\Illuminate\Http\Request): (\Illuminate\Http\Response|\Illuminate\Http\RedirectResponse)  $next
     * @return \Illuminate\Http\Response|\Illuminate\Http\RedirectResponse
     */
    public function __construct($responseController = new ResponseController()){
        $this->responseController = $responseController;
    }

    public function handle(Request $request, Closure $next){
        $auth = $request->header('Authorization');
        if(is_null($auth)){
            return $this->responseController->makeResponse(true, "No se encontró el token de autorización.", [], 401);
        }else if(!str_contains($auth, "Bearer")){
            return $this->responseController->makeResponse(true, "No se encontró el token de autorización.", [], 401);
        }

        $token = str_replace("Bearer ", "", $auth);
        if(strlen($token) < 234){
            return $this->responseController->makeResponse(true, "Token inválido.", [], 401);
        }

        $decoded = JWT::decode($token, new Key($this->publicKey, 'EdDSA'));
        $now = Carbon::now('America/Mexico_city')->timestamp;

        $usr = DB::table('samusua')->where('USUA_EMAI', '=', $decoded->iss)->first();
        if(is_null($usr)){
            return $this->responseController->makeResponse(true, "El usuario que generó el token no está registrado en la base.", [], 401);
        }

        if($decoded->aud != "dominio.syp.mx"){
            return $this->responseController->makeResponse(true, "El token no fue generado en este sistema.", [], 401);
        }

        if($now > $decoded->cad){
            return $this->responseController->makeResponse(true, "Token expirado.", [], 401);
        }
        
        return $next($request);
    }
}