package com.xdja.eoa.business.filter;

import com.alibaba.fastjson.JSON;
import com.xdja.eoa.api.CompanyAuthorityAccount;
import com.xdja.eoa.business.Constants;
import com.xdja.eoa.conf.ConfigLoadSystem;
import com.xdja.eoa.constants.RedisConstants;
import com.xdja.eoa.util.RedisUtil;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;

@Component("security")
/* loaded from: input_file:WEB-INF/classes/com/xdja/eoa/business/filter/SecurityFilter.class */
public class SecurityFilter implements Filter {

    @Autowired
    private RedisUtil redisUtil;
    protected Logger logger = LoggerFactory.getLogger(getClass());
    private static final String[] public_pref = {"h5/background", "admin/base"};

    @Override // javax.servlet.Filter
    public void init(FilterConfig filterConfig) throws ServletException {
        if (this.redisUtil == null) {
            this.logger.error("系统启动异常Redis加载异常请检查配置项");
            System.exit(0);
        }
    }

    @Override // javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        Cookie[] cookies;
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        String substring = httpServletRequest.getRequestURI().substring(httpServletRequest.getContextPath().length() + 1);
        this.logger.debug(substring);
        boolean z = false;
        String[] strArr = public_pref;
        int length = strArr.length;
        int i = 0;
        while (true) {
            if (i >= length) {
                break;
            }
            if (substring.startsWith(strArr[i])) {
                z = true;
                break;
            }
            i++;
        }
        if (z) {
            String header = httpServletRequest.getHeader("token");
            if (StringUtils.isEmpty(header)) {
                header = httpServletRequest.getParameter("token");
            }
            if (StringUtils.isEmpty(header) && (cookies = httpServletRequest.getCookies()) != null && cookies.length > 0) {
                for (Cookie cookie : cookies) {
                    if ("EOA_H5_JSESSIONID".equals(cookie.getName())) {
                        header = cookie.getValue();
                    }
                }
            }
            if (StringUtils.isEmpty(header)) {
                this.logger.error("非法访问，token为空---------");
                httpServletResponse.setStatus(401);
                return;
            }
            String str = header;
            try {
                if (this.logger.isDebugEnabled()) {
                    this.logger.debug("token----{}------------", str);
                }
                String str2 = this.redisUtil.STRINGS.get(RedisConstants.getWebExpireTimeKeyPrefixKey(str));
                if (StringUtils.isEmpty(str2)) {
                    this.logger.warn("token信息已经失效了");
                    httpServletResponse.setStatus(401);
                    return;
                }
                Long valueOf = Long.valueOf(Long.parseLong(str2));
                if (valueOf == null || valueOf.longValue() - System.currentTimeMillis() <= 0) {
                    httpServletResponse.setStatus(401);
                    return;
                }
                if (valueOf.longValue() - System.currentTimeMillis() <= (ConfigLoadSystem.getIntValue("EXPIRE_TIME") * 1000) / 3) {
                    this.redisUtil.STRINGS.setEx(RedisConstants.getWebExpireTimeKeyPrefixKey(str), ConfigLoadSystem.getIntValue("EXPIRE_TIME"), (System.currentTimeMillis() + (ConfigLoadSystem.getIntValue("EXPIRE_TIME") * 1000)) + "");
                    this.redisUtil.expire(RedisConstants.getWebCacheTokenKey(str), ConfigLoadSystem.getIntValue("EXPIRE_TIME"));
                }
                CompanyAuthorityAccount companyAuthorityAccount = (CompanyAuthorityAccount) JSON.parseObject(this.redisUtil.STRINGS.get(RedisConstants.getWebCacheTokenKey(str)), CompanyAuthorityAccount.class);
                if (companyAuthorityAccount == null) {
                    this.logger.warn("用户信息反序列化失败");
                    httpServletResponse.setStatus(401);
                    return;
                }
                httpServletRequest.setAttribute(Constants.CURRENT_USER, companyAuthorityAccount);
            } catch (Exception e) {
                this.logger.warn("权限验证异常", (Throwable) e);
                httpServletResponse.setStatus(401);
                return;
            }
        }
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }

    @Override // javax.servlet.Filter
    public void destroy() {
    }
}
