package com.zxkxc.cloud.extension.interceptor;

import com.zxkxc.cloud.admin.entity.SysParams;
import com.zxkxc.cloud.admin.entity.SysUserLogin;
import com.zxkxc.cloud.admin.service.SysParamsService;
import com.zxkxc.cloud.admin.service.SysUserLoginService;
import com.zxkxc.cloud.common.dto.AjaxResult;
import com.zxkxc.cloud.common.entity.VerifyTmp;
import com.zxkxc.cloud.common.entity.VerifyTmpPk;
import com.zxkxc.cloud.common.enums.ResultCode;
import com.zxkxc.cloud.common.enums.UserLoginType;
import com.zxkxc.cloud.common.enums.VerifyCodeType;
import com.zxkxc.cloud.common.service.VerifyTmpService;
import com.zxkxc.cloud.common.utils.MD5Util;
import com.zxkxc.cloud.common.utils.RedisUtil;
import com.zxkxc.cloud.common.utils.ServletUtil;
import com.zxkxc.cloud.common.utils.StringsUtil;
import com.zxkxc.cloud.common.utils.date.LocalDateUtil;
import java.time.LocalDateTime;
import java.time.temporal.ChronoUnit;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.sf.json.JSONObject;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;

@Component
/* loaded from: input_file:com/zxkxc/cloud/extension/interceptor/PasswordLoginInterceptor.class */
public class PasswordLoginInterceptor implements HandlerInterceptor {
    private final RedisUtil redisUtil;
    private final SysParamsService paramsService;
    private final VerifyTmpService verifyTmpService;
    private final SysUserLoginService userLoginService;

    public PasswordLoginInterceptor(RedisUtil redisUtil, SysParamsService sysParamsService, VerifyTmpService verifyTmpService, SysUserLoginService sysUserLoginService) {
        this.redisUtil = redisUtil;
        this.paramsService = sysParamsService;
        this.verifyTmpService = verifyTmpService;
        this.userLoginService = sysUserLoginService;
    }

    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) {
        String parameter = httpServletRequest.getParameter("username");
        String parameter2 = httpServletRequest.getParameter("sources");
        return checkLoginAllow(httpServletResponse, parameter) && checkLoginCaptcha(httpServletRequest, httpServletResponse, parameter, parameter2) && checkLoginSmsCode(httpServletRequest, httpServletResponse, parameter, parameter2);
    }

    private boolean checkLoginAllow(HttpServletResponse httpServletResponse, String str) {
        String str2 = str + "_login_lock_time";
        Object obj = this.redisUtil.get(str2);
        SysParams paramByKey = this.paramsService.getParamByKey("system.password.lock.minutes");
        if (obj == null || paramByKey == null) {
            return true;
        }
        long chronoUnitBetween = LocalDateUtil.getChronoUnitBetween(LocalDateTime.now(), LocalDateUtil.parseLocalDateTime(String.valueOf(obj), "yyyy-MM-dd HH:mm:ss"), ChronoUnit.MINUTES);
        long parseLong = Long.parseLong(paramByKey.getParamValue().trim());
        if (chronoUnitBetween >= parseLong) {
            this.redisUtil.deleteObject(str2);
            return true;
        }
        ServletUtil.renderString(httpServletResponse, JSONObject.fromObject(AjaxResult.failure(ResultCode.USER_LOGIN_ERROR, "登录失败次数达到上限，请" + (parseLong - chronoUnitBetween) + "分钟后再试")).toString());
        return false;
    }

    private boolean checkLoginCaptcha(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2) {
        SysParams paramByKey;
        SysParams paramByKey2;
        SysParams paramByKey3;
        Object obj = this.redisUtil.get(str + "_login_retry_time");
        if (obj == null || (paramByKey = this.paramsService.getParamByKey("system.login.verify.sources")) == null || !paramByKey.getParamValue().contains(str2) || (paramByKey2 = this.paramsService.getParamByKey("system.login.captcha.enable")) == null || !Boolean.parseBoolean(paramByKey2.getParamValue().trim()) || (paramByKey3 = this.paramsService.getParamByKey("system.login.captcha.password.retry_time")) == null) {
            return true;
        }
        if (Integer.parseInt(String.valueOf(obj)) < Integer.parseInt(paramByKey3.getParamValue())) {
            return true;
        }
        String parameter = httpServletRequest.getParameter("captcha");
        String parameter2 = httpServletRequest.getParameter("checkkey");
        if (StringsUtil.isNotEmpty(parameter) && StringsUtil.isNotEmpty(parameter2)) {
            String lowerCase = parameter.toLowerCase();
            String MD5Encode = MD5Util.MD5Encode(lowerCase + parameter2, "utf-8");
            if (lowerCase.equals(this.redisUtil.get(MD5Encode))) {
                this.redisUtil.deleteObject(MD5Encode);
                return true;
            }
        }
        ServletUtil.renderString(httpServletResponse, JSONObject.fromObject(AjaxResult.failure(ResultCode.PARAM_IS_INVALID, "验证码错误")).toString());
        return false;
    }

    private boolean checkLoginSmsCode(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2) {
        SysParams paramByKey;
        SysParams paramByKey2;
        SysParams paramByKey3;
        VerifyTmpPk verifyTmpPk;
        VerifyTmp findByPk;
        Object obj = this.redisUtil.get(str + "_login_retry_time");
        if (obj == null || (paramByKey = this.paramsService.getParamByKey("system.login.verify.sources")) == null || !paramByKey.getParamValue().contains(str2) || (paramByKey2 = this.paramsService.getParamByKey("system.login.smscode.enable")) == null || !Boolean.parseBoolean(paramByKey2.getParamValue().trim()) || (paramByKey3 = this.paramsService.getParamByKey("system.login.smscode.password.retry_time")) == null) {
            return true;
        }
        if (Integer.parseInt(String.valueOf(obj)) < Integer.parseInt(paramByKey3.getParamValue())) {
            return true;
        }
        String parameter = httpServletRequest.getParameter("mobile");
        String parameter2 = httpServletRequest.getParameter("smscode");
        if (StringsUtil.isEmpty(parameter)) {
            SysUserLogin userLoginByAccount = this.userLoginService.getUserLoginByAccount(str);
            if (userLoginByAccount != null) {
                userLoginByAccount = this.userLoginService.getUserLoginByByUserIdForAccountType(userLoginByAccount.getUserId(), UserLoginType.Mobile.getValue());
            }
            if (userLoginByAccount != null) {
                parameter = userLoginByAccount.getLoginAccount();
            }
        }
        if (StringsUtil.isNotEmpty(parameter) && StringsUtil.isNotEmpty(parameter2) && (findByPk = this.verifyTmpService.findByPk((verifyTmpPk = new VerifyTmpPk(parameter, VerifyCodeType.Login.getValue())))) != null && findByPk.getVerifyCode().equals(parameter2) && LocalDateUtil.getChronoUnitBetween(LocalDateTime.now(), findByPk.getInputDatetime(), ChronoUnit.MINUTES) < 10) {
            this.verifyTmpService.deleteVerifyTmp(verifyTmpPk);
            return true;
        }
        ServletUtil.renderString(httpServletResponse, JSONObject.fromObject(AjaxResult.failure(ResultCode.PARAM_IS_INVALID, "短信验证码错误")).toString());
        return false;
    }
}
