<?php

use Illuminate\Foundation\Application;
use Illuminate\Foundation\Configuration\Exceptions;
use Illuminate\Foundation\Configuration\Middleware;

return Application::configure(basePath: dirname(__DIR__))
    ->withRouting(
        web: __DIR__.'/../routes/domains.php',
        commands: __DIR__.'/../routes/console.php',
        health: '/up',
    )
    ->withMiddleware(function (Middleware $middleware) {
        // Traefik Reverse-Proxy vertraut die X-Forwarded-Proto/For Headers
        // damit $request->url() korrekt https:// zurückgibt (nötig für signierte Upload-URLs)
        $middleware->trustProxies(at: '*');

        // Domain-URL Konfiguration - muss ganz am Anfang ausgeführt werden
        // um sicherzustellen, dass url() und asset() die richtige Domain verwenden
        $middleware->prepend(\App\Http\Middleware\SetDomainUrl::class);

        // Sprachwechsel aus Session anwenden
        $middleware->appendToGroup('web', \App\Http\Middleware\SetLocale::class);

        // Partner Setup-Zwang für eingeloggte User
        $middleware->alias([
            'partner.setup' => \App\Http\Middleware\EnsurePartnerSetupCompleted::class,
        ]);

        // BasicAuth ganz am Ende, nach Session-Middleware
        if (env('BASIC_AUTH_ENABLED', true)) {
            $middleware->append(\App\Http\Middleware\BasicAuthMiddleware::class);
        }
    })
    ->withExceptions(function (Exceptions $exceptions) {
        //
    })->create();