package noo.rest.security.processor;

import java.io.IOException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import noo.exception.AuthenticateException;
import noo.json.JsonObject;
import noo.rest.security.AbstractUser;
import noo.rest.security.SecueHelper;
import noo.util.ID;
import noo.util.S;
import org.springframework.http.HttpMethod;

/* loaded from: input_file:noo/rest/security/processor/LoginInterceptor.class */
public class LoginInterceptor extends RequestInterceptor {
    private String username = "username";
    private String password = "password";

    @Override // noo.rest.security.processor.RequestInterceptor
    public boolean process(String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        String method = httpServletRequest.getMethod();
        if (!this.us.isLoginUrl(str) || !HttpMethod.POST.matches(method)) {
            return false;
        }
        doLogin(httpServletRequest, httpServletResponse);
        return true;
    }

    protected void doLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String parameter = httpServletRequest.getParameter(this.username);
        String parameter2 = httpServletRequest.getParameter(this.password);
        if (S.isBlank(parameter)) {
            SecueHelper.writeResponse(httpServletResponse, new AuthenticateException("必须有用户名！").toString());
            return;
        }
        AbstractUser loadUserByName = this.us.loadUserByName(parameter);
        if (loadUserByName == null) {
            SecueHelper.writeResponse(httpServletResponse, new AuthenticateException("用户不存在！").toString());
            return;
        }
        String client = SecueHelper.getClient(httpServletRequest);
        if (!this.us.checkUserPassword(loadUserByName, parameter2, httpServletRequest) || !this.us.checkClient(parameter, parameter2, client)) {
            checkFailed(httpServletResponse);
        } else {
            loadUserByName.setClient(client);
            setupContextOnCheckSuccess(httpServletRequest, httpServletResponse, loadUserByName);
        }
    }

    protected void checkFailed(HttpServletResponse httpServletResponse) throws IOException {
        httpServletResponse.setStatus(405);
        SecueHelper.writeResponse(httpServletResponse, new AuthenticateException("用户名或密码错误！").toString());
    }

    protected void setupContextOnCheckSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AbstractUser abstractUser) throws IOException {
        String uuid = ID.uuid();
        abstractUser.setToken(uuid);
        SecueHelper.updateUser(abstractUser, this.redis);
        httpServletResponse.setCharacterEncoding("UTF-8");
        httpServletResponse.setContentType("text/html;charset=utf-8");
        httpServletResponse.addHeader(SecueHelper.HEADER_KEY, uuid);
        this.us.afterLoginSuccess(abstractUser, httpServletRequest);
        JsonObject responseJsonObject = abstractUser.toResponseJsonObject();
        responseJsonObject.put(SecueHelper.HEADER_KEY, uuid);
        httpServletResponse.getWriter().print(responseJsonObject.encode());
    }
}
