package com.codefans.training.controller;

import com.centit.support.algorithm.BooleanBaseOpt;
import com.centit.support.algorithm.StringBaseOpt;
import com.centit.support.algorithm.UuidOpt;
import com.centit.support.common.ObjectException;
import com.centit.support.image.CaptchaImageUtil;
import com.centit.support.security.SecurityOptUtils;
import com.codefans.training.dto.AutoLoginDto;
import com.codefans.training.dto.LoginDto;
import com.codefans.training.framework.auth.CertificateFilter;
import com.codefans.training.framework.auth.PasswordEncoderUtils;
import com.codefans.training.framework.common.ResponseData;
import com.codefans.training.framework.controller.BaseController;
import com.codefans.training.framework.controller.WrapUpContentType;
import com.codefans.training.framework.controller.WrapUpResponseBody;
import com.codefans.training.framework.session.CentitSessionRepo;
import com.codefans.training.framework.session.SessionDataUtils;
import com.codefans.training.module.UserInfo;
import com.codefans.training.service.UserInfoManager;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.tags.Tag;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.awt.image.RenderedImage;
import java.util.Random;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;

@RequestMapping({"/auth"})
@Tag(name = "登录、权限、安全控制等接口", description = "框架中用户权限相关的接口，用户登录接口，第三方认证接口，安全接口")
@Controller
/* loaded from: input_file:BOOT-INF/classes/com/codefans/training/controller/AuthController.class */
public class AuthController extends BaseController {
    public static String AJAX_CHECK_CAPTCHA_RESULT = SessionDataUtils.AJAX_CHECK_CAPTCHA_RESULT;

    @Autowired
    protected CentitSessionRepo centitSessionRepo;

    @Autowired
    protected UserInfoManager userInfoManager;

    @RequestMapping(value = {"/captcha"}, method = {RequestMethod.GET})
    @WrapUpResponseBody(contentType = WrapUpContentType.IMAGE)
    @Operation(summary = "获取验证码", description = "获取验证码")
    public RenderedImage captchaImage(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String str;
        String valueOf;
        httpServletResponse.setHeader("Cache-Control", "no-cache");
        String parameter = httpServletRequest.getParameter("imageType");
        httpServletRequest.getSession().setAttribute(AJAX_CHECK_CAPTCHA_RESULT, false);
        if (!"formula".equals(parameter)) {
            String randomString = CaptchaImageUtil.getRandomString();
            httpServletRequest.getSession().setAttribute(CaptchaImageUtil.SESSIONCHECKCODE, randomString);
            return CaptchaImageUtil.generateCaptchaImage(randomString);
        }
        Random random = new Random();
        int nextInt = random.nextInt(100);
        int nextInt2 = random.nextInt(100);
        if (random.nextInt(100) % 2 == 1) {
            if (nextInt < nextInt2) {
                nextInt = nextInt2;
                nextInt2 = nextInt;
            }
            str = String.valueOf(nextInt) + "-" + String.valueOf(nextInt2);
            valueOf = String.valueOf(nextInt - nextInt2);
        } else {
            str = String.valueOf(nextInt) + "+" + String.valueOf(nextInt2);
            valueOf = String.valueOf(nextInt + nextInt2);
        }
        httpServletRequest.getSession().setAttribute(CaptchaImageUtil.SESSIONCHECKCODE, valueOf);
        return CaptchaImageUtil.generateCaptchaImage(str);
    }

    @PostMapping({"/checkcaptcha"})
    @WrapUpResponseBody
    @Operation(summary = "校验验证码", description = "异步校验验证码，系统同时支持异步和同步校验验证码")
    public ResponseData checkCaptchaImage(@RequestBody String str, HttpServletRequest httpServletRequest) {
        Boolean valueOf = Boolean.valueOf(CaptchaImageUtil.checkcodeMatch(StringBaseOpt.objectToString(httpServletRequest.getSession().getAttribute(CaptchaImageUtil.SESSIONCHECKCODE)), str));
        httpServletRequest.getSession().setAttribute(CaptchaImageUtil.SESSIONCHECKCODE, CaptchaImageUtil.getRandomString(6));
        httpServletRequest.getSession().setAttribute(AJAX_CHECK_CAPTCHA_RESULT, valueOf);
        return ResponseData.makeResponseData(valueOf);
    }

    @RequestMapping(value = {"/login"}, method = {RequestMethod.POST})
    @WrapUpResponseBody
    @Operation(summary = "用户登录", description = "输入登录名、手机号或者邮箱 和 密码登录")
    public UserInfo login(@RequestBody LoginDto loginDto, HttpServletRequest httpServletRequest) {
        if (BooleanBaseOpt.castObjectToBoolean(httpServletRequest.getSession().getAttribute(AJAX_CHECK_CAPTCHA_RESULT), false).booleanValue()) {
            httpServletRequest.getSession().setAttribute(AJAX_CHECK_CAPTCHA_RESULT, false);
        } else {
            String castObjectToString = StringBaseOpt.castObjectToString(httpServletRequest.getSession().getAttribute(CaptchaImageUtil.SESSIONCHECKCODE));
            httpServletRequest.getSession().removeAttribute(CaptchaImageUtil.SESSIONCHECKCODE);
            if (!CaptchaImageUtil.checkcodeMatch(castObjectToString, loginDto.getCheckcode())) {
                throw new ObjectException(101, "验证码不正确！");
            }
        }
        loginDto.setUsername(SecurityOptUtils.decodeSecurityString(loginDto.getUsername()));
        loginDto.setPassword(SecurityOptUtils.decodeSecurityString(loginDto.getPassword()));
        UserInfo fetchLoginUser = this.userInfoManager.fetchLoginUser(loginDto.getUsername());
        if (fetchLoginUser == null) {
            throw new ObjectException(ObjectException.DATA_VALIDATE_ERROR, "用户不存在！");
        }
        if ("F".equals(fetchLoginUser.getUserStatus())) {
            throw new ObjectException(101, "该用户已被注销！");
        }
        if (!PasswordEncoderUtils.checkPassword(fetchLoginUser, loginDto.getPassword())) {
            throw new ObjectException(101, "用户名和密码不匹配！");
        }
        fetchLoginUser.setLastAccessToken(httpServletRequest.getSession().getId());
        this.centitSessionRepo.kickSessionByName(fetchLoginUser.getLoginName(), httpServletRequest.getSession().getId());
        SessionDataUtils.setSessionUser(httpServletRequest, fetchLoginUser);
        this.userInfoManager.saverUserAccessToken(fetchLoginUser.getUserCode(), fetchLoginUser.getLastAccessToken());
        fetchLoginUser.desensitize();
        return fetchLoginUser;
    }

    @RequestMapping(value = {"/autoLogin"}, method = {RequestMethod.POST})
    @WrapUpResponseBody
    @Operation(summary = "移动设备自动登录", description = "根据token自动登录")
    public UserInfo autoLogin(@RequestBody AutoLoginDto autoLoginDto, HttpServletRequest httpServletRequest) {
        UserInfo userById = this.userInfoManager.getUserById(autoLoginDto.getUserCode());
        if (userById == null) {
            throw new ObjectException(ObjectException.DATA_VALIDATE_ERROR, "用户不存在！");
        }
        if (!StringUtils.equals(userById.getLastAccessToken(), autoLoginDto.getLastAccessToken())) {
            throw new ObjectException(101, "用户token失效，请重新登录！");
        }
        userById.setLastAccessToken(httpServletRequest.getSession().getId());
        this.centitSessionRepo.kickSessionByName(userById.getLoginName(), httpServletRequest.getSession().getId());
        SessionDataUtils.setSessionUser(httpServletRequest, userById);
        this.userInfoManager.saverUserAccessToken(userById.getUserCode(), userById.getLastAccessToken());
        userById.desensitize();
        return userById;
    }

    @RequestMapping(value = {"/currentUser"}, method = {RequestMethod.GET})
    @CertificateFilter
    @WrapUpResponseBody
    @Operation(summary = "获取当前用户信息", description = "session中的用户信息")
    public UserInfo currentUser(HttpServletRequest httpServletRequest) {
        UserInfo assertGetSessionUser = SessionDataUtils.assertGetSessionUser(httpServletRequest);
        assertGetSessionUser.desensitize();
        return assertGetSessionUser;
    }

    @RequestMapping(value = {"/logout"}, method = {RequestMethod.POST})
    @WrapUpResponseBody
    @Operation(summary = "用户登出", description = "用户登出、返回到首页")
    public void logout(HttpServletRequest httpServletRequest) {
        UserInfo sessionUser = SessionDataUtils.getSessionUser(httpServletRequest);
        SessionDataUtils.clearSessionData(httpServletRequest);
        if (sessionUser != null) {
            this.userInfoManager.saverUserAccessToken(sessionUser.getUserCode(), UuidOpt.randomString(32));
        }
    }

    @RequestMapping(value = {"/heartbeat"}, method = {RequestMethod.GET})
    @WrapUpResponseBody
    @Operation(summary = "系统心跳", description = "系统心跳，有回复说明系统没有死机")
    public ResponseData heartbeat() {
        return ResponseData.makeErrorMessage(0, "Heartbeat is OK!");
    }
}
