<?php

namespace App\Http\Middleware;

use App\Models\SysModels\User;
use App\Servers\Common\PermissionServer;
use App\Servers\Common\RedisDataServer;
use Closure;

class AdminApiAuthMiddleware
{
    private $noAuth = [
        'adminApi.login',
        'adminApi.logout',
    ];
    /**
     * Handle an incoming request.
     *
     * @param \Illuminate\Http\Request $request
     * @param \Closure $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        $clientRoute = request()->route()->getName();//获取当前路由

        if (in_array($clientRoute, $this->noAuth)) {//不需要验证的路由
            return $next($request);
        }

        //获取token
        $api_token = $request->input('api_token');
        if(empty($api_token)) $api_token = $request->header('ApiToken');
        if(empty($api_token)){
            return response()->json([
                'msg'   => '缺少认证信息',
                'code'  => 401,
                'data' => []
            ]);
        }

        //获取当前用户
        $user = RedisDataServer::creatServer()->getData( 'gw_adminLogin_' . $api_token, 'json');
        if(!$user){
            //数据库查找当前用户
            $user = User::where('api_token', $api_token)->where('is_del', 0)->first();
            if($user){
                //用户信息缓存
                RedisDataServer::creatServer()->setData('gw_adminLogin_' . $api_token, $user, 'json', 300);
            }else{
                return response()->json([
                    'msg'   => '身份验证失败',
                    'code'  => 401,
                    'data' => []
                ]);
            }

        }
        //状态验证
        if($user['status'] == 2){
            return response()->json([
                'msg'   => '账号已关闭',
                'code'  => 402,
                'data' => []
            ]);
        }
        //进行路由验证
        $ret = PermissionServer::verifyAuth($user['role_id'], $clientRoute);
        if (empty($ret) && $user['id'] != 1) {
            return response()->json([
                'msg' => '暂无权限',
                'code' => 402,
                'data' => []
            ]);
        }

        return $next($request);
    }
}