package net.roseboy.jeee.admin.web;

import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.roseboy.jeee.admin.config.ShiroConfig;
import net.roseboy.jeee.admin.service.InstitutionService;
import net.roseboy.jeee.admin.service.UserService;
import net.roseboy.jeee.admin.util.CacheUtils;
import net.roseboy.jeee.admin.util.ConstUtils;
import net.roseboy.jeee.admin.util.DictUtils;
import net.roseboy.jeee.admin.util.UserUtils;
import net.roseboy.jeee.core.common.ApiJson;
import net.roseboy.jeee.core.common.BaseJeeeController;
import net.roseboy.jeee.core.util.EncryptUtils;
import net.roseboy.jeee.core.util.ExceptionUtils;
import net.roseboy.jeee.core.util.RSAEncryptUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.DisabledAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Controller;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

@Controller
/* loaded from: input_file:net/roseboy/jeee/admin/web/LoginController.class */
public class LoginController extends BaseJeeeController {

    @Value("${jeee.name}")
    private String jeeeName;

    @Autowired
    private UserService userService;

    @Autowired
    private InstitutionService institutionService;

    @RequestMapping({"/login"})
    public String login(String str, String str2, String str3, String str4, String str5) {
        setAttr("appname", this.jeeeName);
        if (!"GET".equalsIgnoreCase(getRequest().getMethod()) && ((String) getSessionAttr("refreshToken", "")).equals(str4)) {
            removeSessionAttr("refreshToken");
            HashMap hashMap = new HashMap();
            hashMap.put("username", str);
            hashMap.put("password", str2);
            hashMap.put("pubKey", str3);
            hashMap.put("setCookie", "yes");
            hashMap.put("instId", str5);
            ApiJson doLogin = doLogin(hashMap);
            if (doLogin.getCode().intValue() == 0) {
                return "redirect:" + HomeController.INDEX_URL;
            }
            setAttr("msg", doLogin.getMsg());
            return loginPage();
        }
        return loginPage();
    }

    @RequestMapping({"/1ogin"})
    @ResponseBody
    public ApiJson doLogin(@RequestBody Map<String, String> map) {
        String str = null;
        String str2 = null;
        String str3 = null;
        String str4 = null;
        boolean z = false;
        if (map != null) {
            str = map.get("username");
            str2 = map.get("password");
            str4 = map.get("instId");
            str3 = map.get("pubKey");
            z = "N0tEnCrYpt090!#@".equals(str3);
        }
        setAttr("username", str);
        Integer valueOf = Integer.valueOf(Integer.parseInt(CacheUtils.Redis().get("login:error:" + str, "0")));
        try {
            if (StringUtils.isEmpty(str) || StringUtils.isEmpty(str2)) {
                ExceptionUtils.throwProjectException("请填写完整");
            }
            if ("yes".equals(CacheUtils.Redis().get("login:error:lock:" + str, "no"))) {
                ExceptionUtils.throwProjectException("连续登录失败次数过多，请稍后再试");
            }
            if (!z) {
                String str5 = CacheUtils.Redis().get("login:keys:" + str3, (String) null);
                if (null == str5) {
                    ExceptionUtils.throwProjectException("登录失败:Invalid pubKey");
                }
                str2 = RSAEncryptUtils.decrypt(str2, str5);
            }
            UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken(str, str2);
            usernamePasswordToken.setHost(str4);
            SecurityUtils.getSubject().login(usernamePasswordToken);
            CacheUtils.Redis().del(new String[]{"login:keys:" + str3});
            CacheUtils.Redis().del(new String[]{"login:error:" + str, "login:error:lock:" + str});
            String makeToken = UserUtils.makeToken(UserUtils.getUser().getUsername());
            CacheUtils.Redis().set("login:token:" + makeToken, SecurityUtils.getSubject().getSession().getId().toString(), ShiroConfig.SESSION_TIMEOUT.intValue());
            HashMap hashMap = new HashMap();
            hashMap.put("token", makeToken);
            HashMap hashMap2 = new HashMap();
            hashMap2.put("username", UserUtils.getUser().getUsername());
            hashMap2.put("name", UserUtils.getUser().getRealname());
            hashMap2.put("roleName", UserUtils.getUser().getRoleName());
            hashMap2.put("theme", UserUtils.getUser().getTheme());
            hashMap.put("user", hashMap2);
            return apiJson("登录成功", ApiJson.CODE_SUCCESS, hashMap);
        } catch (AuthenticationException e) {
            Integer valueOf2 = Integer.valueOf(valueOf.intValue() + 1);
            CacheUtils.Redis().set("login:error:" + str, String.valueOf(valueOf2));
            if (valueOf2.intValue() >= 10) {
                CacheUtils.Redis().set("login:error:lock:" + str, "yes", 3600);
            }
            return apiJson("用户名或密码错误", ApiJson.CODE_FAIL, null);
        } catch (DisabledAccountException e2) {
            return apiJson("账户已被禁用", ApiJson.CODE_FAIL, null);
        } catch (Exception e3) {
            e3.printStackTrace();
            return apiJson(StringUtils.isEmpty(e3.getMessage()) ? "登录失败" : e3.getMessage(), ApiJson.CODE_FAIL, null);
        }
    }

    @RequestMapping({"/10gin"})
    @ResponseBody
    public ApiJson login(@RequestBody Map<String, String> map) {
        if (map != null) {
            map.put("pubKey", "N0tEnCrYpt090!#@");
        }
        return doLogin(map);
    }

    @RequestMapping({"/keys"})
    @ResponseBody
    public ApiJson keys() {
        ApiJson apiJson = new ApiJson();
        Map genKeyPair = RSAEncryptUtils.genKeyPair();
        CacheUtils.Redis().set("login:keys:" + ((String) genKeyPair.get("pubKey")), (String) genKeyPair.get("priKey"), 1800);
        genKeyPair.remove("priKey");
        apiJson.setData(genKeyPair);
        return apiJson;
    }

    private String loginPage() {
        Map genKeyPair = RSAEncryptUtils.genKeyPair();
        CacheUtils.Redis().set("login:keys:" + ((String) genKeyPair.get("pubKey")), (String) genKeyPair.get("priKey"), 1800);
        setAttr("pubKey", genKeyPair.get("pubKey"));
        setAttr("modulus", genKeyPair.get("modulus"));
        setAttr("pubExep", genKeyPair.get("pubExep"));
        String md5 = EncryptUtils.md5("refreshToken" + System.currentTimeMillis());
        setSessionAttr("refreshToken", md5);
        setAttr("refreshToken", md5);
        if (!StringUtils.isEmpty(getPara("login"))) {
            return "login/" + getPara("login");
        }
        Map<String, String> dictOptions = DictUtils.getDictOptions("dict_background");
        setAttr("backgroundName", dictOptions.get("name"));
        setAttr("opacity", dictOptions.get("opacity"));
        setAttr("zoom", dictOptions.get("zoom"));
        setAttr("left", dictOptions.get("left"));
        setAttr("top", dictOptions.get("top"));
        if (!this.institutionService.openInstControl()) {
            return ConstUtils.getValue("page.login", "login/login3");
        }
        setAttr("instList", this.institutionService.getAllInst());
        return ConstUtils.getValue("page.login", "login/login5");
    }

    @RequestMapping({"/logout"})
    public String logout() {
        SecurityUtils.getSubject().logout();
        return "redirect:/login";
    }

    @RequestMapping({"/1ogout"})
    @ResponseBody
    public ApiJson logout(String str) {
        CacheUtils.Redis().del(new String[]{"login:token:" + getHeader("Authorization")});
        SecurityUtils.getSubject().logout();
        return apiJson("注销成功");
    }

    @RequestMapping({"/timeout"})
    public String timeout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        Subject subject = SecurityUtils.getSubject();
        if (subject != null) {
            subject.logout();
        }
        if (httpServletRequest.getHeader("Referer") == null) {
            return "redirect:/login";
        }
        String str = isNotEmpty(ConstUtils.getValue("page.home", "")) ? ConstUtils.getValue("page.home", "") + "#login" : "/login";
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("<script type=\"text/javascript\">");
        stringBuffer.append("alert('登录超时，请重新登录');");
        stringBuffer.append("top.location.href='" + str + "';");
        stringBuffer.append("</script>");
        httpServletResponse.setHeader("Content-Type", "text/html;charset=UTF-8");
        httpServletResponse.getWriter().print(stringBuffer.toString());
        return null;
    }
}
