66 lines
2.1 KiB
PHP
66 lines
2.1 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Middleware;
|
|
|
|
use Closure;
|
|
use Illuminate\Http\Request;
|
|
use Symfony\Component\HttpFoundation\Response;
|
|
|
|
class EmployerMiddleware
|
|
{
|
|
/**
|
|
* Handle an incoming request.
|
|
*/
|
|
public function handle(Request $request, Closure $next): Response
|
|
{
|
|
$user = null;
|
|
// Prefer Laravel's built-in auth (survives page refresh reliably via remember cookie)
|
|
if (auth()->check() && auth()->user()->role === 'employer') {
|
|
$user = auth()->user();
|
|
} else {
|
|
// Fallback: check custom session key (used during registration auto-login)
|
|
$sessionUser = session('user');
|
|
$role = is_array($sessionUser)
|
|
? ($sessionUser['role'] ?? null)
|
|
: ($sessionUser->role ?? null);
|
|
|
|
if ($sessionUser && $role === 'employer') {
|
|
$sessId = is_array($sessionUser) ? ($sessionUser['id'] ?? null) : ($sessionUser->id ?? null);
|
|
if ($sessId) {
|
|
$user = \App\Models\User::find($sessId);
|
|
}
|
|
}
|
|
}
|
|
|
|
if (!$user) {
|
|
session()->forget('user');
|
|
auth()->logout();
|
|
return redirect()->route('employer.login');
|
|
}
|
|
|
|
// Automatically activate queued pending plans if current active has expired
|
|
\App\Models\User::checkAndActivatePendingSubscriptions($user->id);
|
|
$user->refresh();
|
|
|
|
// Enforce active subscription check
|
|
$hasActiveSub = ($user->subscription_status === 'active' || $user->subscription_status === 'none');
|
|
|
|
if (!$hasActiveSub) {
|
|
$allowedRoutes = [
|
|
'employer.subscription',
|
|
'employer.subscription.purchase',
|
|
'employer.logout',
|
|
];
|
|
|
|
$currentRouteName = $request->route() ? $request->route()->getName() : null;
|
|
|
|
if (!in_array($currentRouteName, $allowedRoutes)) {
|
|
return redirect()->route('employer.subscription')
|
|
->with('error', 'Your subscription has expired. Please purchase or renew a subscription plan.');
|
|
}
|
|
}
|
|
|
|
return $next($request);
|
|
}
|
|
}
|