package com.centit.framework.tenant.controller;

import com.alibaba.fastjson2.JSONObject;
import com.aliyun.dysmsapi20170525.Client;
import com.aliyun.dysmsapi20170525.models.SendSmsRequest;
import com.aliyun.dysmsapi20170525.models.SendSmsResponseBody;
import com.aliyun.teaopenapi.models.Config;
import com.centit.framework.common.ResponseData;
import com.centit.framework.common.ResponseMapData;
import com.centit.framework.components.CodeRepositoryCache;
import com.centit.framework.core.controller.BaseController;
import com.centit.framework.core.controller.WrapUpResponseBody;
import com.centit.framework.model.adapter.NotificationCenter;
import com.centit.framework.model.adapter.PlatformEnvironment;
import com.centit.framework.model.basedata.NoticeMessage;
import com.centit.framework.model.basedata.UserInfo;
import com.centit.framework.model.security.CentitUserDetails;
import com.centit.framework.system.dao.UserInfoDao;
import com.centit.framework.tenant.constant.TenantConstant;
import com.centit.support.algorithm.CollectionsOpt;
import com.centit.support.algorithm.NumberBaseOpt;
import com.centit.support.security.SecurityOptUtils;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import java.net.InetAddress;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Random;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;

@RequestMapping({"/vateCode"})
@Api(value = "邮箱、手机号验证码接口", tags = {"邮箱、手机号验证码接口"})
@Controller
/* loaded from: input_file:com/centit/framework/tenant/controller/VateCodeController.class */
public class VateCodeController extends BaseController {

    @Value("${third.services.aliyun.access.key:}")
    private String accessKeyId;

    @Value("${third.services.aliyun.access.secret:}")
    private String accessKeySecret;

    @Autowired
    private NotificationCenter notificationCenter;

    @Autowired
    private UserInfoDao userInfoDao;

    @Autowired
    private PlatformEnvironment platformEnvironment;

    @Autowired(required = false)
    private RedisTemplate<String, JSONObject> redisTemplate;
    private static Pattern pattern = Pattern.compile("[0-9]*");

    @RequestMapping(value = {"/checkOnly"}, method = {RequestMethod.POST})
    @WrapUpResponseBody
    @ApiOperation(value = "验证唯一性", notes = "验证唯一性")
    public ResponseData checkOnly(@RequestParam("loginname") String str, HttpServletRequest httpServletRequest) throws Exception {
        String str2;
        UserInfo userByLoginName;
        Matcher matcher = pattern.matcher(str);
        if (str.indexOf(64) > 0) {
            str2 = "邮件";
            userByLoginName = this.userInfoDao.getUserByRegEmail(str);
        } else if (str.length() == 11 && matcher.matches()) {
            str2 = "手机号";
            userByLoginName = this.userInfoDao.getUserByRegCellPhone(str);
        } else {
            str2 = "账号";
            userByLoginName = this.userInfoDao.getUserByLoginName(str);
        }
        return userByLoginName != null ? ResponseData.makeErrorMessage("此" + str2 + "已被使用！") : ResponseData.successResponse;
    }

    @RequestMapping(value = {"/getEmailCode"}, method = {RequestMethod.POST})
    @WrapUpResponseBody
    @ApiOperation(value = "获取Email验证码", notes = "获取Email验证码")
    public ResponseData getEmailCode(@RequestParam("email") String str, HttpServletRequest httpServletRequest) {
        JSONObject jSONObject = (JSONObject) this.redisTemplate.boundValueOps(str).get();
        new HashMap();
        if (jSONObject != null) {
            if (System.currentTimeMillis() - jSONObject.getLong("createTime").longValue() < 60000) {
                return ResponseData.makeErrorMessage(611, "验证码发送时间小于1分钟，请稍后再试。");
            }
            this.redisTemplate.delete(str);
        }
        return this.userInfoDao.getUserByRegEmail(str) != null ? ResponseData.makeErrorMessage("此邮箱已被使用！") : sendEmail(str, httpServletRequest);
    }

    @RequestMapping(value = {"/getPhoneCode"}, method = {RequestMethod.POST})
    @WrapUpResponseBody
    @ApiOperation(value = "获取手机验证码", notes = "获取手机验证码")
    public ResponseData getPhoneCode(@RequestParam(value = "userCode", required = false) String str, @RequestParam("phone") String str2, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        JSONObject jSONObject = (JSONObject) this.redisTemplate.boundValueOps(str2).get();
        if (jSONObject != null) {
            if (System.currentTimeMillis() - jSONObject.getLong("createTime").longValue() < 60000) {
                return ResponseData.makeErrorMessage(611, "验证码发送时间小于1分钟，请稍后再试。");
            }
            this.redisTemplate.delete(str2);
        }
        if (str2 != null && !str2.equals("") && this.userInfoDao.getUserByRegCellPhone(str2) != null) {
            return ResponseData.makeErrorMessage(611, "此手机号已被使用");
        }
        SendSmsResponseBody sendPhone = sendPhone(str2, str);
        if (sendPhone != null && sendPhone.getCode() != null && sendPhone.getCode().equals("OK")) {
            sendPhone.setCode("0");
        }
        ResponseMapData makeResponseData = ResponseData.makeResponseData(CollectionsOpt.createHashMap(new Object[]{"x-auth-token", httpServletRequest.getSession().getId()}));
        makeResponseData.setCode(NumberBaseOpt.castObjectToInteger(sendPhone.getCode(), 500).intValue());
        makeResponseData.setMessage(sendPhone.getMessage());
        return makeResponseData;
    }

    @RequestMapping(value = {"/checkCode"}, method = {RequestMethod.POST})
    @WrapUpResponseBody
    @ApiOperation(value = "校验和更新", notes = "校验和更新")
    public ResponseData checkCode(@RequestParam(value = "userCode", required = false) String str, @RequestParam("key") String str2, @RequestParam("code") String str3, HttpServletRequest httpServletRequest) {
        UserInfo userByCode;
        try {
            if (str3 == null) {
                return ResponseData.makeErrorMessage(500, "请输入验证码！");
            }
            JSONObject jSONObject = (JSONObject) this.redisTemplate.boundValueOps(str2).get();
            if (jSONObject == null) {
                jSONObject = JSONObject.parseObject(httpServletRequest.getHeader("verifyCode"));
            }
            if (jSONObject == null) {
                return ResponseData.makeErrorMessage(500, "未发送验证码！");
            }
            String string = jSONObject.getString("verifyCode");
            Long l = jSONObject.getLong("createTime");
            String string2 = jSONObject.getString("email");
            String string3 = jSONObject.getString("phone");
            if (!string.equals(str3)) {
                return ResponseData.makeErrorMessage(500, "验证码错误！");
            }
            if (System.currentTimeMillis() - l.longValue() > 300000) {
                return ResponseData.makeErrorMessage(500, "验证码已过期！");
            }
            if (StringUtils.isNotBlank(str) && (userByCode = this.userInfoDao.getUserByCode(str)) != null) {
                if (StringUtils.isNotBlank(string2)) {
                    userByCode.setRegEmail(string2);
                    this.logger.info("用户:{}修改用户信息邮箱", str);
                } else if (StringUtils.isNotBlank(string3)) {
                    userByCode.setRegCellPhone(string3);
                    this.logger.info("用户:{}修改用户信息手机", str);
                }
                this.userInfoDao.updateUser(userByCode);
                reloadAuthentication(userByCode.getUserCode());
                CodeRepositoryCache.evictCache("UserInfo");
            }
            this.redisTemplate.delete(str2);
            return ResponseData.makeSuccessResponse();
        } catch (Exception e) {
            e.printStackTrace();
            return ResponseData.errorResponse;
        }
    }

    @RequestMapping(value = {"/findPwd"}, method = {RequestMethod.POST})
    @WrapUpResponseBody
    @ApiOperation(value = "找回密码(发送验证码 手机/邮箱)", notes = "找回密码(发送验证码 手机/邮箱)")
    public ResponseData findPwd(@RequestParam("loginname") String str, HttpServletRequest httpServletRequest) throws Exception {
        HashMap hashMap = new HashMap();
        try {
            if (str.indexOf(64) > 0) {
                if (this.userInfoDao.getUserByRegEmail(str) == null) {
                    return ResponseData.makeErrorMessage("用户不存在");
                }
                sendEmail(str, httpServletRequest);
            } else {
                if (this.userInfoDao.getUserByRegCellPhone(str) == null) {
                    return ResponseData.makeErrorMessage("用户不存在");
                }
                sendPhone(str, "");
            }
            hashMap.put("x-auth-token", httpServletRequest.getSession().getId());
            return ResponseData.makeResponseData(hashMap);
        } catch (Exception e) {
            e.printStackTrace();
            return ResponseData.errorResponse;
        }
    }

    @RequestMapping(value = {"/checkCodeUser"}, method = {RequestMethod.POST})
    @WrapUpResponseBody
    @ApiOperation(value = "校验并返回用户信息", notes = "校验并返回用户信息")
    public ResponseData checkCodeUser(@RequestParam("key") String str, @RequestParam("code") String str2, HttpServletRequest httpServletRequest) {
        try {
            if (str2 == null) {
                return ResponseData.makeErrorMessage(500, "请输入验证码！");
            }
            JSONObject jSONObject = (JSONObject) this.redisTemplate.boundValueOps(str).get();
            if (jSONObject == null) {
                jSONObject = JSONObject.parseObject(httpServletRequest.getHeader("verifyCode"));
            }
            if (jSONObject == null) {
                return ResponseData.makeErrorMessage(500, "未发送验证码！");
            }
            String string = jSONObject.getString("verifyCode");
            Long l = jSONObject.getLong("createTime");
            String string2 = jSONObject.getString("email");
            String string3 = jSONObject.getString("phone");
            if (!string.equals(str2)) {
                return ResponseData.makeErrorMessage(500, "验证码错误！");
            }
            if (System.currentTimeMillis() - l.longValue() > 300000) {
                return ResponseData.makeErrorMessage(500, "验证码已过期！");
            }
            UserInfo userInfo = new UserInfo();
            if (StringUtils.isNotBlank(string2)) {
                userInfo = this.userInfoDao.getUserByRegEmail(string2);
            } else if (StringUtils.isNotBlank(string3)) {
                userInfo = this.userInfoDao.getUserByRegCellPhone(string3);
            }
            this.redisTemplate.delete(str);
            return ResponseData.makeResponseData(userInfo);
        } catch (Exception e) {
            e.printStackTrace();
            return ResponseData.errorResponse;
        }
    }

    public ResponseData sendEmail(String str, HttpServletRequest httpServletRequest) {
        String valueOf = String.valueOf(new Random().nextInt(899999) + 100000);
        String str2 = "您的验证码为:" + valueOf + "，该码有效期为5分钟，该码只能使用一次!";
        ArrayList arrayList = new ArrayList();
        arrayList.add(str);
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("email", str);
        jSONObject.put("verifyCode", valueOf);
        jSONObject.put("createTime", Long.valueOf(System.currentTimeMillis()));
        ResponseData sendMessage = this.notificationCenter.sendMessage(TenantConstant.SYSTEM_TENANT_TOP_UNIT_CODE, arrayList, NoticeMessage.create().operation("email").method("post").subject("您有新邮件").content(str2));
        if (sendMessage.getCode() == 0) {
            this.redisTemplate.boundValueOps(str).set(jSONObject);
        }
        return sendMessage;
    }

    public SendSmsResponseBody sendPhone(String str, String str2) throws Exception {
        String valueOf = String.valueOf(new Random().nextInt(899999) + 100000);
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("code", valueOf);
        if (str2 == null || str2.equals("")) {
            jSONObject.put("product", "用户");
        } else {
            UserInfo userByCode = this.userInfoDao.getUserByCode(str2);
            if (userByCode != null) {
                jSONObject.put("product", "用户" + userByCode.getUserName());
            } else {
                jSONObject.put("product", "用户");
            }
        }
        Client createClient = createClient();
        SendSmsRequest templateParam = new SendSmsRequest().setSignName("身份验证").setTemplateCode("SMS_65920066").setPhoneNumbers(str).setTemplateParam(jSONObject.toString());
        JSONObject jSONObject2 = new JSONObject();
        jSONObject2.put("phone", str);
        jSONObject2.put("verifyCode", valueOf);
        jSONObject2.put("createTime", Long.valueOf(System.currentTimeMillis()));
        jSONObject2.put("IP", InetAddress.getLocalHost().getHostAddress());
        SendSmsResponseBody body = createClient.sendSms(templateParam).getBody();
        if (body.getCode().equals("OK")) {
            this.redisTemplate.boundValueOps(str).set(jSONObject2);
        }
        return body;
    }

    private Client createClient() throws Exception {
        Config accessKeySecret = new Config().setAccessKeyId(SecurityOptUtils.decodeSecurityString(this.accessKeyId)).setAccessKeySecret(SecurityOptUtils.decodeSecurityString(this.accessKeySecret));
        accessKeySecret.endpoint = "dysmsapi.aliyuncs.com";
        return new Client(accessKeySecret);
    }

    private void reloadAuthentication(String str) {
        CentitUserDetails loadUserDetailsByUserCode = this.platformEnvironment.loadUserDetailsByUserCode(str);
        loadUserDetailsByUserCode.setLoginIp(getUserIp());
        SecurityContextHolder.getContext().setAuthentication(loadUserDetailsByUserCode);
    }

    private String getUserIp() {
        Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal();
        return principal instanceof CentitUserDetails ? ((CentitUserDetails) principal).getLoginIp() : "";
    }
}
