package com.xdja.hr.webconfig;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.google.common.net.HttpHeaders;
import com.xdja.hr.entity.AdminUser;
import com.xdja.hr.utils.JsonResult;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.util.StringUtils;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

/* loaded from: input_file:WEB-INF/classes/com/xdja/hr/webconfig/WebSecurityInterceptor.class */
public class WebSecurityInterceptor implements HandlerInterceptor {
    private Logger logger = LoggerFactory.getLogger(getClass());
    private WebSecurityManager webSecurityManager;
    private ObjectMapper objectMapper;

    public void setObjectMapper(ObjectMapper objectMapper) {
        this.objectMapper = objectMapper;
    }

    public void setWebSecurityManager(WebSecurityManager webSecurityManager) {
        this.webSecurityManager = webSecurityManager;
    }

    @Override // org.springframework.web.servlet.HandlerInterceptor
    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        AdminUser loginAdmin;
        String requestURI = httpServletRequest.getRequestURI();
        String contextPath = httpServletRequest.getContextPath();
        String substring = requestURI.substring(contextPath.length());
        if (!substring.startsWith("/api")) {
            if (!substring.startsWith("/admin") || substring.equalsIgnoreCase("/admin/login")) {
                return true;
            }
            HttpSession session = httpServletRequest.getSession(false);
            if (session != null && (loginAdmin = this.webSecurityManager.getLoginAdmin(session)) != null) {
                httpServletRequest.setAttribute("adminUser", loginAdmin);
                return true;
            }
            if (!isAjaxRequest(httpServletRequest)) {
                httpServletResponse.sendRedirect(contextPath + "/admin/login");
                return false;
            }
            JsonResult failure = JsonResult.failure("not login");
            failure.setCode(3);
            httpServletResponse.getWriter().write(this.objectMapper.writeValueAsString(failure));
            return false;
        }
        if (substring.equalsIgnoreCase("/api/login")) {
            return true;
        }
        String parameter = httpServletRequest.getParameter("token");
        if (!StringUtils.hasText(parameter)) {
            this.logger.debug("interceptor : " + substring);
            httpServletResponse.getWriter().write(this.objectMapper.writeValueAsString(JsonResult.failure("not login")));
            return false;
        }
        String clientLogin = this.webSecurityManager.clientLogin(parameter);
        if (StringUtils.hasText(clientLogin)) {
            httpServletRequest.setAttribute("employeeNo", clientLogin);
            return true;
        }
        this.logger.debug("interceptor : " + substring);
        JsonResult failure2 = JsonResult.failure("invalid token");
        failure2.setCode(2);
        httpServletResponse.getWriter().write(this.objectMapper.writeValueAsString(failure2));
        return false;
    }

    private boolean isAjaxRequest(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader(HttpHeaders.X_REQUESTED_WITH);
        return header != null && "XMLHttpRequest".equalsIgnoreCase(header.toString());
    }

    @Override // org.springframework.web.servlet.HandlerInterceptor
    public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, ModelAndView modelAndView) throws Exception {
    }

    @Override // org.springframework.web.servlet.HandlerInterceptor
    public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, Exception exc) throws Exception {
    }
}
