package com.bstek.urule.console.admin.user;

import com.bstek.urule.console.ApiServletHandler;
import com.bstek.urule.console.IllegalOperationException;
import com.bstek.urule.console.InfoException;
import com.bstek.urule.console.RequestHolder;
import com.bstek.urule.console.Transactional;
import com.bstek.urule.console.admin.RegisterInfo;
import com.bstek.urule.console.admin.log.SystemLogUtils;
import com.bstek.urule.console.anonymous.captcha.CaptchaBuilder;
import com.bstek.urule.console.config.Configure;
import com.bstek.urule.console.database.manager.invite.InviteManager;
import com.bstek.urule.console.database.model.Invite;
import com.bstek.urule.console.database.model.User;
import com.bstek.urule.console.database.service.group.GroupService;
import com.bstek.urule.console.database.service.user.PersistUserService;
import com.bstek.urule.console.database.service.user.UserServiceImpl;
import com.bstek.urule.console.database.service.user.UserServiceManager;
import com.bstek.urule.console.security.SecurityUtils;
import com.bstek.urule.console.security.URuleAuthAnonymous;
import com.bstek.urule.console.security.provider.SecurityProvider;
import com.bstek.urule.console.util.MailInfo;
import com.bstek.urule.console.util.MailUtils;
import com.bstek.urule.console.util.StringUtils;
import com.bstek.urule.exception.RuleException;
import java.sql.Timestamp;
import java.util.Date;
import java.util.HashMap;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.math.RandomUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:com/bstek/urule/console/admin/user/UserServletHandler.class */
public class UserServletHandler extends ApiServletHandler {
    private static final Log e = LogFactory.getLog(UserServletHandler.class);

    @URuleAuthAnonymous
    @Transactional
    public void register(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        if (!(UserServiceManager.getUserService() instanceof PersistUserService)) {
            throw new IllegalOperationException();
        }
        String captchResult = CaptchaBuilder.ins.getCaptchResult(httpServletRequest);
        if (StringUtils.isBlank(captchResult)) {
            throw new InfoException("验证码过期，请刷新页面重试<br>Captcha is Expired");
        }
        RegisterInfo registerInfo = (RegisterInfo) a().readValue(httpServletRequest.getParameter("register"), RegisterInfo.class);
        String captcha = registerInfo.getCaptcha();
        if (StringUtils.isBlank(captcha)) {
            throw new InfoException("验证码不能为空<br>Captcha can not be null");
        }
        if (!captcha.contentEquals(captchResult)) {
            throw new InfoException("验证码不正确<br>Captcha is Invalid");
        }
        String account = registerInfo.getAccount();
        if (account.length() < 3) {
            throw new InfoException("账号的至少3个字符<br>Account must be at least three characters");
        }
        if (registerInfo.getPassword().length() < 8) {
            throw new InfoException("密码的至少8个字符<br>Password must be at least three characters");
        }
        if (null != ((UserServiceImpl) UserServiceManager.getUserService()).get(account)) {
            throw new InfoException("用户账号  " + account + "  已存在<br>Account is already exist.");
        }
        User user = new User();
        user.setId(registerInfo.getAccount());
        user.setEnable(true);
        user.setName(registerInfo.getUsername());
        user.setPassword(registerInfo.getPassword());
        user.setCreateUser(account);
        ((UserServiceImpl) UserServiceManager.getUserService()).add(user);
        CaptchaBuilder.ins.cleanCaptch(httpServletRequest);
    }

    @URuleAuthAnonymous
    public void login(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        String parameter = httpServletRequest.getParameter("key");
        Invite invite = null;
        if (StringUtils.isNotBlank(parameter)) {
            invite = InviteManager.ins.get(parameter);
            if (invite == null || System.currentTimeMillis() - invite.getExpirDate().getTime() > 1800000) {
                throw new InfoException("链接无效或已经过期,请重新获取链接!");
            }
        }
        SecurityProvider securityProvider = SecurityUtils.getSecurityProvider();
        boolean z = Configure.getConfigure().getBoolean("urule.login.useCaptcha", true);
        if (!SecurityUtils.isCustomProvider() && z) {
            String captchResult = CaptchaBuilder.ins.getCaptchResult(httpServletRequest);
            if (StringUtils.isBlank(captchResult)) {
                throw new InfoException("验证码过期，请刷新页面重试<br>Captcha is Expired");
            }
            String parameter2 = httpServletRequest.getParameter("captcha");
            if (StringUtils.isBlank(parameter2)) {
                throw new InfoException("验证码不能为空<br>Captcha can not be null");
            }
            if (!parameter2.contentEquals(captchResult)) {
                throw new InfoException("验证码不正确<br>Captcha is Invalid");
            }
        }
        String parameter3 = httpServletRequest.getParameter("account");
        String parameter4 = httpServletRequest.getParameter("password");
        try {
            HashMap hashMap = new HashMap();
            securityProvider.login(httpServletRequest, parameter3, parameter4);
            if (StringUtils.isNotBlank(parameter)) {
                GroupService.ins.addGroupUser(invite.getGroupId(), parameter3);
            }
            SystemLogUtils.addLoginLog(RequestHolder.getRequest());
            hashMap.put("user", SecurityUtils.getLoginUser(httpServletRequest));
            e.debug("登录成功,登录用户:" + parameter3);
            CaptchaBuilder.ins.cleanCaptch(httpServletRequest);
            a(httpServletResponse, hashMap);
        } catch (Exception e2) {
            throw new RuleException(e2);
        }
    }

    public void get(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        User user = UserServiceManager.getUserService().get(SecurityUtils.getLoginUsername(httpServletRequest));
        user.setPassword("******");
        a(httpServletResponse, user);
    }

    public void getUserInfo(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put("user", SecurityUtils.getLoginUser(httpServletRequest));
        a(httpServletResponse, hashMap);
    }

    @URuleAuthAnonymous
    public void logout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        SecurityUtils.getSecurityProvider().logout(httpServletRequest);
    }

    @URuleAuthAnonymous
    public void forgetPass(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        if (!(UserServiceManager.getUserService() instanceof PersistUserService)) {
            throw new IllegalOperationException();
        }
        String parameter = httpServletRequest.getParameter("account");
        User user = ((UserServiceImpl) UserServiceManager.getUserService()).get(parameter);
        if (null == user) {
            throw new InfoException("Account not exist!");
        }
        if (StringUtils.isBlank(user.getEmail())) {
            throw new InfoException("Mail is not bound!");
        }
        try {
            Timestamp timestamp = new Timestamp(System.currentTimeMillis() + 1800000);
            if (user.getExpirDate() != null && timestamp.getTime() - user.getExpirDate().getTime() < 60000) {
                throw new InfoException("Operation not supported!");
            }
            String str = RandomUtils.nextInt(10) + "" + RandomUtils.nextInt(10) + "" + RandomUtils.nextInt(10) + "" + RandomUtils.nextInt(10) + "" + RandomUtils.nextInt(10) + "" + RandomUtils.nextInt(10);
            user.setSecretKey(str);
            user.setExpirDate(timestamp);
            user.setUpdateUser(parameter);
            ((UserServiceImpl) UserServiceManager.getUserService()).update(user);
            String str2 = ((("<b>亲爱的用户:您好!</b><br/><b>您正在修改密码，请在验证码输入框中输入： " + str + "，以完成操作。</b><br/>") + "注意：此操作可能会修改您的密码。如非本人操作，请及时登录并修改密码以保证帐户安全 \n（工作人员不会向你索取此验证码，请勿泄漏！)") + "<hr/>") + "此为系统邮件，请勿回复\n请保管好您的邮箱，避免账号被他人盗用";
            MailInfo mailInfo = new MailInfo();
            mailInfo.setToAddress(user.getEmail());
            mailInfo.setSubject("Retrieve Password");
            mailInfo.setContent(str2);
            try {
                MailUtils.sendHtmlMail(mailInfo);
            } catch (Exception e2) {
                throw new RuleException("'Retrieve Password' Mail sending failed！", e2);
            }
        } catch (Exception e3) {
            throw new RuleException("Retrieve Password Error!", e3);
        }
    }

    @URuleAuthAnonymous
    public void resetPass(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        if (!(UserServiceManager.getUserService() instanceof PersistUserService)) {
            throw new IllegalOperationException();
        }
        String parameter = httpServletRequest.getParameter("verifyCode");
        String parameter2 = httpServletRequest.getParameter("account");
        String parameter3 = httpServletRequest.getParameter("password");
        HashMap hashMap = new HashMap();
        if (StringUtils.isBlank(parameter) || StringUtils.isBlank(parameter2) || StringUtils.isBlank(parameter3)) {
            throw new InfoException("重置信息不完整<br>Invalid info");
        }
        User user = ((UserServiceImpl) UserServiceManager.getUserService()).get(parameter2);
        if (user == null) {
            throw new InfoException("无法找到匹配用户<br>Invalid user");
        }
        if (parameter3.equals(user.getPassword()) || parameter3.length() < 6) {
            throw new InfoException("无效密码<br>Invalid password");
        }
        Date expirDate = user.getExpirDate();
        if (expirDate == null || expirDate.getTime() <= System.currentTimeMillis()) {
            throw new InfoException("验证码已经过期,请重新获取验证码.<br>SecretKey is Expired");
        }
        user.setPassword(parameter3);
        user.setExpirDate(null);
        user.setSecretKey(null);
        user.setUpdateUser(parameter2);
        ((UserServiceImpl) UserServiceManager.getUserService()).update(user);
        e.debug("[" + parameter2 + "]密码修改成功!");
        a(httpServletResponse, hashMap);
    }

    public void changeName(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        if (!(UserServiceManager.getUserService() instanceof PersistUserService)) {
            throw new IllegalOperationException();
        }
        String loginUsername = SecurityUtils.getLoginUsername(httpServletRequest);
        String parameter = httpServletRequest.getParameter("name");
        User user = ((UserServiceImpl) UserServiceManager.getUserService()).get(loginUsername);
        user.setName(parameter);
        user.setUpdateUser(SecurityUtils.getLoginUser(httpServletRequest).getName());
        ((UserServiceImpl) UserServiceManager.getUserService()).update(user);
        SecurityUtils.getSecurityProvider().login(httpServletRequest, user.getId(), user.getPassword());
    }

    public void changeEMail(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        if (!(UserServiceManager.getUserService() instanceof PersistUserService)) {
            throw new IllegalOperationException();
        }
        String loginUsername = SecurityUtils.getLoginUsername(httpServletRequest);
        String parameter = httpServletRequest.getParameter("email");
        User user = ((UserServiceImpl) UserServiceManager.getUserService()).get(loginUsername);
        user.setEmail(parameter);
        user.setUpdateUser(SecurityUtils.getLoginUser(httpServletRequest).getName());
        ((UserServiceImpl) UserServiceManager.getUserService()).update(user);
        SecurityUtils.getSecurityProvider().login(httpServletRequest, user.getId(), user.getPassword());
    }

    public void changePwd(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        if (!(UserServiceManager.getUserService() instanceof PersistUserService)) {
            throw new IllegalOperationException();
        }
        String loginUsername = SecurityUtils.getLoginUsername(httpServletRequest);
        String parameter = httpServletRequest.getParameter("oldpwd");
        String parameter2 = httpServletRequest.getParameter("newpwd");
        User user = ((UserServiceImpl) UserServiceManager.getUserService()).get(loginUsername);
        if (!user.getPassword().equals(parameter)) {
            throw new InfoException("密码错误<br>Invalid password");
        }
        user.setPassword(parameter2);
        user.setUpdateUser(SecurityUtils.getLoginUser(httpServletRequest).getName());
        ((UserServiceImpl) UserServiceManager.getUserService()).update(user);
    }

    @Override // com.bstek.urule.console.ServletHandler
    public String url() {
        return "/user";
    }
}
