<?php

namespace app\middleware;

use app\support\AppAuthService;
use Webman\Http\Request;
use Webman\Http\Response;
use Webman\MiddlewareInterface;

class AppAuthMiddleware implements MiddlewareInterface
{
    public function process(Request $request, callable $handler): Response
    {
        $path = $request->path();
        if (!str_starts_with($path, '/api/app')) {
            return $handler($request);
        }

        if ($request->method() === 'OPTIONS') {
            return $handler($request);
        }

        $authService = new AppAuthService();
        $userInfo = $authService->current($request);
        if ($userInfo) {
            $request->appUser = $userInfo;
        }

        if ($this->isPublicPath($path)) {
            return $handler($request);
        }

        if (!$userInfo) {
            return api_error('未登录或登录已过期', 401);
        }

        return $handler($request);
    }

    private function isPublicPath(string $path): bool
    {
        return in_array($path, [
            '/api/app/home/index',
            '/api/app/content/page-visuals',
            '/api/app/catalog/brands',
            '/api/app/help-center',
            '/api/app/help-article/detail',
            '/api/app/report/detail',
            '/api/app/report/anti-counterfeit/verify',
            '/api/app/verify',
            '/api/app/material-tag',
            '/api/app/material-tag/verify',
            '/api/app/auth/send-code',
            '/api/app/auth/login/code',
            '/api/app/auth/login/password',
        ], true);
    }
}