using System.Security.Claims;
using Aegis.Domain;

namespace Aegis.API.Auth;

public sealed class CurrentUserAccessor
{
    public UserId GetUserId(ClaimsPrincipal user)
    {
        var userId = user.FindFirstValue("aegis_uid");
        if (string.IsNullOrWhiteSpace(userId))
            throw new InvalidOperationException("Missing claim: aegis_uid (middleware not executed?)");

        return new UserId(userId);
    }
}