<?php

declare(strict_types=1);

namespace App\Http\Middleware;

use App\Constants\ErrorCode;
use Closure;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Symfony\Component\HttpFoundation\Response;

class AdminAuthenticate
{
    public function handle(Request $request, Closure $next): Response
    {
        // 检查是否已登录
        if (!Auth::guard('admin')->check()) {
            return response()->json([
                'error' => ErrorCode::UNAUTHORIZED,
                'message' => '未授权，请先登录。',
            ], Response::HTTP_UNAUTHORIZED);
        }

        $admin = Auth::guard('admin')->user();

        // 检查是否是管理员
        if (!$admin || !in_array($admin->role, ['super', 'admin'])) {
            return response()->json([
                'error' => ErrorCode::FORBIDDEN,
                'message' => '无权访问管理员资源。',
            ], Response::HTTP_FORBIDDEN);
        }

        // Add admin information to the request
        $request->merge(['admin' => $admin]);

        return $next($request);
    }
}