<?php
namespace app\api\middleware;

use app\api\service\JWTService;
use think\Exception;
use think\Request;

class JWTAuth
{
    protected $jwtService;

    public function __construct(JWTService $jwtService)
    {
        $this->jwtService = $jwtService;
    }

    public function handle(Request $request, \Closure $next)
    {
        $token = $request->header('Authorization');

        if (!$token) {
            throw new Exception('Missing token');
        }

        $claims = $this->jwtService->verifyToken($token);

        if (empty($claims)) {
            throw new Exception('Invalid token');
        }

        // 将 claims 存储到 request 对象中
        $request->attributes->set('claims', $claims);

        return $next($request);
    }
}