defmodule DaProductAppWeb.Plugs.MypinpadAuth do
  import Plug.Conn
  import Phoenix.Controller

  alias DaProductApp.Mypinpad

  def init(opts), do: opts

  def call(conn, _opts) do
    with ["Bearer " <> token] <- get_req_header(conn, "authorization"),
         %{} = valid_token <- Mypinpad.get_valid_token(token) do
      conn
      |> assign(:mypinpad_host_id, valid_token.host_id)
    else
      _ ->
        conn
        |> put_status(:unauthorized)
        |> json(%{error: "unauthorized", message: "Invalid or expired Bearer token"})
        |> halt()
    end
  end
end