crewli/api/app/Http/Middleware/BindSentryRouteContext.php

<?php

declare(strict_types=1);

namespace App\Http\Middleware;

use Closure;
use Illuminate\Http\Request;
use Sentry\State\Scope;
use Symfony\Component\HttpFoundation\Response;

use function Sentry\configureScope;

/**
 * Binds route-scope context to Sentry events on every API request.
 *
 * Auth-scope tags (user_id, actor_type, organisation_id, impersonation.*,
 * actor_scope) live in {@see \App\Listeners\Observability\AuthScopeContextListener}
 * so they bind on Authenticated event rather than route entry. That keeps
 * the auth-scope binding uniform across Sanctum, portal-tokens, and any
 * future authenticator without per-route middleware-attachment.
 *
 * RFC-WS-7 §3.6.
 */
final class BindSentryRouteContext
{
    public function handle(Request $request, Closure $next): Response
    {
        configureScope(static function (Scope $scope) use ($request): void {
            $scope->setTag('app', 'api');
            $scope->setTag('http.method', $request->method());

            $routeName = $request->route()?->getName();
            if (is_string($routeName) && $routeName !== '') {
                $scope->setTag('route_name', $routeName);
            }
        });

        return $next($request);
    }
}