<?php

namespace App\Http\Middleware;

use Closure;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Cache;

class SipaAuth
{
    public function handle(Request $request, Closure $next)
    {
        $header = $request->header('Authorization');

        if (!$header || !str_starts_with($header, 'Bearer ')) {
            return response()->json(['message' => 'No autorizado'], 401);
        }

        $token = str_replace('Bearer ', '', $header);

        $email = Cache::get("sipa_token:{$token}");

        if (!$email) {
            return response()->json(['message' => 'Token inválido o expirado'], 401);
        }

        $request->merge(['sipa_email' => $email]);

        return $next($request);
    }
}