<?php

namespace App\Http\Middleware;

use App\Models\AppSetting;
use Closure;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Inertia\Inertia;

class MaintenanceModeMiddleware
{
    private const BYPASS_PATHS = ['up', 'login', 'logout', 'blocked'];

    public function handle(Request $request, Closure $next)
    {
        // Admins always pass through
        if (Auth::check() && strtolower((string) Auth::user()->role) === 'admin') {
            return $next($request);
        }

        // Skip API webhooks and bypass paths
        if ($request->is('api/webhooks/*') || $this->shouldBypass($request)) {
            return $next($request);
        }

        // Skip admin routes for auth
        if (str_starts_with($request->path(), 'admin')) {
            return $next($request);
        }

        $settings = AppSetting::get('site.settings', []);

        if (!empty($settings['maintenance_mode'])) {
            return Inertia::render('Maintenance', [
                'message' => 'Wir führen gerade Wartungsarbeiten durch. Bitte komm später zurück.',
            ])->toResponse($request)->setStatusCode(503);
        }

        return $next($request);
    }

    private function shouldBypass(Request $request): bool
    {
        foreach (self::BYPASS_PATHS as $path) {
            if ($request->is($path) || $request->is($path . '/*')) return true;
        }
        return false;
    }
}