package com.xdja.cssp.tpoms.web.security.action;

import com.xdja.cssp.tpoms.log.entity.SystemLog;
import com.xdja.cssp.tpoms.system.entity.TUser;
import com.xdja.cssp.tpoms.system.service.IFunctionService;
import com.xdja.cssp.tpoms.system.service.IUserService;
import com.xdja.cssp.tpoms.web.security.provider.UsernameCardIdToken;
import com.xdja.cssp.tpoms.web.util.CardUtil;
import com.xdja.cssp.tpoms.web.util.WebConstants;
import com.xdja.platform.rpc.consumer.refer.DefaultServiceRefer;
import com.xdja.platform.security.bean.Operator;
import com.xdja.platform.security.utils.OperatorUtil;
import com.xdja.platform.web.action.BaseAction;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.UnknownAccountException;
import org.aspectj.weaver.model.AsmRelationshipUtils;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;

@Controller
/* loaded from: input_file:WEB-INF/classes/com/xdja/cssp/tpoms/web/security/action/LoginAction.class */
public class LoginAction extends BaseAction {
    private IFunctionService functionService = (IFunctionService) DefaultServiceRefer.getServiceRefer(IFunctionService.class);
    private IUserService userService = (IUserService) DefaultServiceRefer.getServiceRefer(IUserService.class);

    @RequestMapping(value = {"/login"}, method = {RequestMethod.GET})
    public String login(ModelMap modelMap, HttpServletRequest httpServletRequest) {
        StringBuilder sb = new StringBuilder("https://");
        sb.append(httpServletRequest.getServerName()).append(":").append(WebConstants.HTTPS_PORT).append(httpServletRequest.getRequestURI());
        modelMap.addAttribute("loginUrl", sb.toString());
        return "login";
    }

    @RequestMapping(value = {"/login"}, method = {RequestMethod.POST})
    public String login(String str, String str2, ModelMap modelMap, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (StringUtils.isBlank(str)) {
            modelMap.addAttribute("message", "用户名不能为空");
        } else if (CardUtil.checkCardNo(str2, httpServletRequest)) {
            boolean z = true;
            try {
                UsernameCardIdToken usernameCardIdToken = new UsernameCardIdToken(str);
                usernameCardIdToken.setCardId(str2);
                SecurityUtils.getSubject().login(usernameCardIdToken);
            } catch (IncorrectCredentialsException e) {
                z = false;
                modelMap.addAttribute("message", "用户名或密码错误");
            } catch (LockedAccountException e2) {
                z = false;
                modelMap.addAttribute("message", "用户被锁定");
            } catch (UnknownAccountException e3) {
                z = false;
                modelMap.addAttribute("message", "用户名或密码错误");
            } catch (AuthenticationException e4) {
                z = false;
                modelMap.addAttribute("message", e4.getMessage());
            }
            if (z) {
                TUser userByUserName = this.userService.getUserByUserName(str);
                userByUserName.setCardId(str2);
                userByUserName.setLoginIp(httpServletRequest.getRemoteHost());
                OperatorUtil.setOperator(new Operator(str, this.functionService.queryAllFunctions(userByUserName), userByUserName));
                this.logger.info(SystemLog.LogType.loginLog.getValue().intValue(), "管理员{}登录成功", userByUserName.getUsername());
                return "redirect:/index.do";
            }
        } else {
            modelMap.addAttribute("message", "安全卡证书认证失败");
        }
        modelMap.addAttribute("userName", str);
        modelMap.addAttribute(AsmRelationshipUtils.DECLARE_ERROR, "true");
        return "login";
    }

    @RequestMapping({"/logout"})
    public String logout(HttpServletResponse httpServletResponse) {
        this.logger.info(SystemLog.LogType.loginLog.getValue().intValue(), "管理员{}退出成功", ((TUser) OperatorUtil.getOperator().getCurrUser()).getUsername());
        SecurityUtils.getSubject().logout();
        return "redirect:/login.do";
    }
}
