<?php

namespace App\Http\Middleware;

use Closure;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Symfony\Component\HttpFoundation\Response;

class CheckIfBuyer
{
    public function handle(Request $request, Closure $next): Response
    {

        $request->headers->set('Accept', 'application/json');

        // Ensure the request has an Authorization header with a Bearer token
        $authorizationHeader = $request->header('Authorization');
        if (!$authorizationHeader || !preg_match('/Bearer\s(\S+)/', $authorizationHeader, $matches)) {
            return response()->json(['message' => 'Unauthorized: Bearer token missing or malformed'], 401);
        }

        if ($request->user() && $request->user()->role != 'buyer') {
            return response()->json(['status' => 'error', 'message' => 'You are not authorized to perform this action'], 403);
        }
        return $next($request);
    }
}