<?php
/**
 * Created by PhpStorm.
 * User: robin
 * Date: 10/19/15
 * Time: 9:14 PM
 */

namespace Luticate\Auth\Business;

use Closure;
use Illuminate\Http\Request;
use Luticate\Auth\DBO\LuticatePermissions;
use Luticate\Auth\DBO\LuticateUsersDbo;
use Luticate\Utils\LuBusiness;
use Luticate\Utils\LuController;

class LuticateMiddleware
{
    const TOKEN_HEADER = "X-Authorization";

    /**
     * @param $request Request
     * @param Closure $next
     * @param ...$permissions
     * @return null|string
     */
    public function handle($request, Closure $next, ...$permissions)
    {
        /**
         * @var $user LuticateUsersDbo
         */
        $user = null;
        $token = $request->header(self::TOKEN_HEADER);
        if ($token != null && $token != "") {
            $data = JwtHelper::decode($token);
            if ($data != null) {
                $user_id = $data[LuticateUsersBusiness::KEY_USER_ID];
                $salt = $data[LuticateUsersBusiness::KEY_SALT];
                $user = LuticateUsersBusiness::getById($user_id);
                if ($user->getSalt() != $salt) {
                    $user = null;
                }
            }
        }
        if (is_null($user)) {
            if ($token != null && $token != "") {
                abort(401, "Invalid token");
            }
            $user = LuticateUsersBusiness::getById(0);
        }

        LuticateBusiness::setCurrentUser($user);
        LuBusiness::$parameters["_user"] = $user;

        $permissions[] = LuticatePermissions::USER_LOGIN;
        foreach ($permissions as $permission) {
            try {
                $perm = LuticatePermissionsBusiness::getEffectivePermission($user->getId(), $permission);
                if (!$perm->getValue()) {
                    abort(401, "Permission denied");
                }
            } catch (\Exception $e)
            {
                abort(401, "Permission denied");
            }
        }
        return $next($request);
    }
}