package cn.gtmap.realestate.supervise.portal.web;

import cn.gtmap.realestate.supervise.common.BaseController;
import cn.gtmap.realestate.supervise.constant.Constant;
import cn.gtmap.realestate.supervise.entity.XtUser;
import cn.gtmap.realestate.supervise.portal.dao.XtUserMapper;
import cn.gtmap.realestate.supervise.portal.utils.LoginUserUtil;
import cn.gtmap.realestate.supervise.portal.utils.RSAUtils;
import cn.gtmap.realestate.supervise.utils.IpUtil;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.encoding.Md5PasswordEncoder;
import org.springframework.stereotype.Controller;
import org.springframework.util.ObjectUtils;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

@RequestMapping({"user-change"})
@Controller
/* loaded from: input_file:WEB-INF/classes/cn/gtmap/realestate/supervise/portal/web/XtUserChangeController.class */
public class XtUserChangeController extends BaseController {

    @Autowired
    private XtUserMapper xtUserMapper;
    private static final String MSG = "msg";
    private static final String SUCCESS = "success";
    private static final String FAILURE = "failure";
    private static final String CODE = "code";
    private CharSequence salt;

    @Autowired
    private LogController logController;

    @RequestMapping({"change-password"})
    @ResponseBody
    public Map<String, Object> changeXtUserLoginPassword(HttpServletRequest httpServletRequest, String str, String str2, String str3) {
        HashMap hashMap = new HashMap();
        if (ObjectUtils.isEmpty(getCurrentUser(httpServletRequest))) {
            hashMap.put("code", FAILURE);
            hashMap.put("msg", "当前用户已被登出，请重新登陆");
            return hashMap;
        }
        if (StringUtils.isNotBlank(str)) {
            str = RSAUtils.decryptDataOnJava(str);
        }
        if (StringUtils.isNotBlank(str2)) {
            str2 = RSAUtils.decryptDataOnJava(str2);
        }
        if (StringUtils.isNotBlank(str3)) {
            str3 = RSAUtils.decryptDataOnJava(str3);
        }
        String xtPropertiesByKey = this.xtUserMapper.getXtPropertiesByKey("sensitiveAccount");
        if (null != xtPropertiesByKey && xtPropertiesByKey.split(",").length != 0) {
            for (String str4 : xtPropertiesByKey.split(",")) {
                if (str.contains(str4)) {
                    hashMap.put("code", FAILURE);
                    hashMap.put("msg", "修改密码失败");
                    this.logController.log(str, "6", "修改密码失败：" + str, Constant.PORTAL, IpUtil.getIpAddr(httpServletRequest));
                    return hashMap;
                }
            }
        }
        if (StringUtils.equals(str, str3)) {
            hashMap.put("code", FAILURE);
            hashMap.put("msg", "密码不能与账号一致，请重新输入");
            return hashMap;
        }
        if (StringUtils.equals(str, StringUtils.reverse(str3))) {
            hashMap.put("code", FAILURE);
            hashMap.put("msg", "密码不能与账号逆序一致，请重新输入");
            return hashMap;
        }
        Md5PasswordEncoder md5PasswordEncoder = new Md5PasswordEncoder();
        String encodePassword = md5PasswordEncoder.encodePassword(str2, this.salt);
        if (StringUtils.isNotBlank(str) && StringUtils.isNotBlank(str2) && StringUtils.isNotBlank(str3)) {
            XtUser userByLoginName = this.xtUserMapper.getUserByLoginName(str);
            if (null != userByLoginName && StringUtils.isNotBlank(userByLoginName.getLoginPassword()) && userByLoginName.getLoginPassword().equals(encodePassword)) {
                String encodePassword2 = md5PasswordEncoder.encodePassword(str3, this.salt);
                boolean z = false;
                Iterator<Map<String, String>> it = this.xtUserMapper.getPasswordLogByLoginName(str, this.xtUserMapper.getXtPropertiesByKey("passwordDiffTime")).iterator();
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    if (StringUtils.equals(it.next().get("LOGINPASSWORD"), encodePassword2)) {
                        z = true;
                        break;
                    }
                }
                if (z) {
                    hashMap.put("code", FAILURE);
                    hashMap.put("msg", "修改的密码和前几次相同");
                    return hashMap;
                }
                XtUser xtUser = new XtUser();
                xtUser.setLoginName(str);
                xtUser.setLoginPassword(encodePassword2);
                this.xtUserMapper.updateUser(xtUser);
                this.xtUserMapper.saveNewPasswordLog(str, encodePassword2, new Date());
                hashMap.put("code", "success");
                LoginUserUtil.cleanUserPasswordTooSimple(str);
                this.logController.log(str, "6", "修改密码成功：" + str, Constant.PORTAL, IpUtil.getIpAddr(httpServletRequest));
            } else {
                hashMap.put("code", FAILURE);
                hashMap.put("msg", "修改密码失败");
                this.logController.log(str, "6", "修改密码失败：" + str, Constant.PORTAL, IpUtil.getIpAddr(httpServletRequest));
            }
        } else {
            hashMap.put("code", FAILURE);
            hashMap.put("msg", "修改密码失败");
            this.logController.log(str, "6", "修改密码失败：" + str, Constant.PORTAL, IpUtil.getIpAddr(httpServletRequest));
        }
        return hashMap;
    }
}
