package com.bxm.acl.web.controller;

import com.alibaba.fastjson.JSONObject;
import com.bxm.acl.dal.model.User;
import com.bxm.acl.model.ResultModel;
import com.bxm.acl.model.dto.UserDto;
import com.bxm.acl.model.exception.AdaclCodeType;
import com.bxm.acl.model.vo.UserVo;
import com.bxm.acl.service.UserManagerService;
import com.bxm.acl.service.UserService;
import com.bxm.acl.service.author.AuthorService;
import com.bxm.acl.util.ImgValidateUtil;
import com.bxm.acl.util.MD5Util;
import java.util.concurrent.TimeUnit;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.data.redis.core.StringRedisTemplate;
import org.springframework.http.HttpStatus;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

@RefreshScope
@EnableAutoConfiguration
@RestController
/* loaded from: input_file:com/bxm/acl/web/controller/UserManagerFacadeController.class */
public class UserManagerFacadeController {
    private static final Logger log = LoggerFactory.getLogger(UserManagerFacadeController.class);

    @Resource
    private StringRedisTemplate stringRedisTemplate;

    @Autowired
    private UserManagerService userManagerService;

    @Autowired
    private UserService userService;

    @Resource
    private AuthorService authorService;

    @Value("${spring.profiles.active}")
    private String env;
    private static final String TOKEN = "3f1220b1a29a4c7da6ebb907bf6a654a";

    @RequestMapping(value = {"/user/manage/reg"}, method = {RequestMethod.POST})
    public ResultModel<UserVo> reg(@RequestBody User user) {
        ResultModel<UserVo> resultModel = new ResultModel<>();
        String checkUserParam = checkUserParam(user);
        if (checkUserParam.length() <= 0) {
            this.userService.addUser(user);
            return resultModel;
        }
        resultModel.setSuccessed(Boolean.FALSE.booleanValue());
        resultModel.setErrorDesc(checkUserParam);
        return resultModel;
    }

    @RequestMapping(value = {"/user/manage/auth"}, method = {RequestMethod.POST})
    public ResultModel<UserVo> auth(@RequestParam("token") String str, @RequestParam("systemId") Integer num, @RequestParam("urlAddress") String str2) {
        log.debug("请求权限管理系统,token={},systemId={},uri={}", new Object[]{str, num, str2});
        ResultModel<UserVo> resultModel = new ResultModel<>();
        if (("test".equals(this.env) || "dev".equals(this.env)) && TOKEN.equals(str)) {
            UserVo userVo = (UserVo) JSONObject.parseObject((String) this.stringRedisTemplate.opsForValue().get(str), UserVo.class);
            resultModel.setSuccessed(true);
            resultModel.setReturnValue(userVo);
            return resultModel;
        }
        if (StringUtils.isBlank(str2)) {
            resultModel.setSuccessed(false);
            resultModel.setErrorDesc("url为空");
            return resultModel;
        }
        String format = String.format("ACL:AUTH:%s", str);
        String str3 = (String) this.stringRedisTemplate.opsForValue().get(format);
        if (StringUtils.isNotBlank(str3)) {
            this.stringRedisTemplate.opsForValue().set(format, str3, 24L, TimeUnit.HOURS);
            UserVo userVo2 = (UserVo) JSONObject.parseObject(str3, UserVo.class);
            boolean isHasAuthorWithCache = this.authorService.isHasAuthorWithCache(num, userVo2.getId(), str, str2.replace("//", "/"));
            resultModel.setReturnValue(userVo2);
            if (!isHasAuthorWithCache) {
                resultModel.setErrorCode(HttpStatus.FORBIDDEN.value() + "");
                resultModel.setErrorDesc("无访问权限");
            }
        } else {
            resultModel.setErrorDesc(AdaclCodeType.USER_NOT_LOGIN.getErrorMsg());
            resultModel.setErrorCode(AdaclCodeType.USER_NOT_LOGIN.getErrorCode());
            resultModel.setSuccessed(false);
        }
        return resultModel;
    }

    @RequestMapping(value = {"/user/manage/syncUserInfo"}, method = {RequestMethod.POST})
    public ResultModel<UserVo> syncUserInfo(@RequestBody User user) {
        ResultModel<UserVo> resultModel = new ResultModel<>();
        String checkUserParam = checkUserParam(user);
        if (checkUserParam.length() > 0) {
            resultModel.setSuccessed(Boolean.FALSE.booleanValue());
            resultModel.setErrorDesc(checkUserParam);
            return resultModel;
        }
        User userInfoByMobile = this.userManagerService.getUserInfoByMobile(user.getMobile());
        if (null != userInfoByMobile) {
            user.setId(userInfoByMobile.getId());
            this.userService.updateUser(user);
        } else {
            this.userService.addUser(user);
        }
        return resultModel;
    }

    @RequestMapping(value = {"/user/manage/changePassword"}, method = {RequestMethod.POST})
    public ResultModel<Boolean> changePassword(HttpServletRequest httpServletRequest, @RequestBody UserDto userDto) {
        ResultModel<Boolean> resultModel = new ResultModel<>();
        String checkChangePasswordParam = checkChangePasswordParam(userDto);
        if (checkChangePasswordParam.length() > 0) {
            resultModel.setReturnValue(Boolean.FALSE);
            resultModel.setSuccessed(Boolean.FALSE.booleanValue());
            resultModel.setErrorDesc(checkChangePasswordParam);
            return resultModel;
        }
        try {
            userDto.setOldPassword(MD5Util.md5(userDto.getOldPassword()));
            userDto.setNewPassword(MD5Util.md5(userDto.getNewPassword()));
        } catch (Exception e) {
            log.error("获取md5信息摘要异常", e);
        }
        if (userDto.getIgnoreValidateCode() == null || !userDto.getIgnoreValidateCode().booleanValue()) {
            try {
                if (!ImgValidateUtil.validateIgnoreCase(httpServletRequest, userDto.getValidateCode(), "img_validate_code_key")) {
                    resultModel.setReturnValue(Boolean.FALSE);
                    resultModel.setSuccessed(Boolean.FALSE.booleanValue());
                    resultModel.setErrorDesc("验证码不正确");
                    return resultModel;
                }
            } catch (Exception e2) {
                log.error("验证validateCode出错", e2);
                resultModel.setReturnValue(Boolean.FALSE);
                resultModel.setSuccessed(Boolean.FALSE.booleanValue());
                resultModel.setErrorDesc("验证码异常");
                return resultModel;
            }
        }
        if (this.userManagerService.chagePassword(userDto) == 0) {
            resultModel.setReturnValue(Boolean.FALSE);
            resultModel.setErrorDesc("用户名或者密码错误");
        }
        return resultModel;
    }

    @RequestMapping(value = {"/user/manage/changePwd"}, method = {RequestMethod.POST})
    public ResultModel<Boolean> changePwd(HttpServletRequest httpServletRequest, @RequestParam("token") String str, @RequestParam("oldPassword") String str2, @RequestParam("newPassword") String str3, @RequestParam("newPasswordRepeat") String str4) {
        UserDto userDto = new UserDto();
        UserVo userVo = (UserVo) JSONObject.parseObject((String) this.stringRedisTemplate.opsForValue().get(String.format("ACL:AUTH:%s", str)), UserVo.class);
        if (null == userVo) {
            ResultModel<Boolean> resultModel = new ResultModel<>();
            resultModel.setReturnValue(Boolean.FALSE);
            resultModel.setSuccessed(Boolean.FALSE.booleanValue());
            resultModel.setErrorDesc("用户未登录");
            return resultModel;
        }
        userDto.setMobile(userVo.getMobile());
        userDto.setOldPassword(str2);
        userDto.setNewPassword(str3);
        userDto.setNewPasswordRepeat(str4);
        userDto.setIgnoreValidateCode(Boolean.TRUE);
        return changePassword(httpServletRequest, userDto);
    }

    private String checkUserParam(User user) {
        StringBuilder sb = new StringBuilder();
        if (null == user) {
            return "参数不能为空;";
        }
        if (StringUtils.isBlank(user.getMobile())) {
            sb.append("手机号不能为空;");
        }
        if (StringUtils.isBlank(user.getPassword())) {
            sb.append("密码不能为空;");
        }
        if (StringUtils.isBlank(user.getName())) {
            sb.append("姓名不能为空;");
        }
        if (null == user.getIsEnable()) {
            sb.append("启用状态不能为空;");
        }
        return sb.toString();
    }

    private String checkChangePasswordParam(UserDto userDto) {
        StringBuilder sb = new StringBuilder();
        if (null == userDto) {
            return "参数不能为空;";
        }
        if (StringUtils.isBlank(userDto.getMobile())) {
            sb.append("手机号不能为空;");
        }
        if (StringUtils.isBlank(userDto.getOldPassword())) {
            sb.append("旧密码不能为空;");
        }
        if (StringUtils.isBlank(userDto.getNewPassword())) {
            sb.append("新密码不能为空;");
        }
        if (!StringUtils.equals(userDto.getNewPassword(), userDto.getNewPasswordRepeat())) {
            sb.append("新密码两次输入不一致;");
        }
        return sb.toString();
    }
}
