<?php

namespace App\Http\Middleware;

use App\User;
use Closure;
use Illuminate\Http\Request;

class CheckAuth
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        if ($request->header('authorization')) {
            $token = substr($request->header('authorization'), 7);
            $userCheck = User::where('token', $token)->first();
            if ($userCheck) {
                return $next($request);
            } else {
                return response()->json(["status" => false, "message" => "Permission denied"])->setStatusCode(403, 'Permission denied');
            }
        } else {
            return response()->json(["status" => false, "message" => "Permission denied"])->setStatusCode(403, 'Permission denied');
        }
    }
}