<?php

namespace App\Http\Middleware;

use Closure;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Symfony\Component\HttpFoundation\Response;

class ForcePasswordChange
{
    public function handle(Request $request, Closure $next): Response
    {
        // Cek jika user login DAN wajib ganti password
        if (Auth::check() && Auth::user()->must_change_password) {
            
            // Pengecualian agar tidak terjebak dalam loop: 
            // Izinkan akses ke rute ganti password dan rute logout
            $allowedRoutes = ['password.force-change', 'password.force-update', 'logout'];
            
            if (!in_array($request->route()->getName(), $allowedRoutes)) {
                return redirect()->route('password.force-change');
            }
        }

        return $next($request);
    }
}