package com.gtis.cms.action.member;

import com.gtis.cms.Constants;
import com.gtis.cms.entity.main.CmsSite;
import com.gtis.cms.manager.main.CmsUserMng;
import com.gtis.cms.web.CmsUtils;
import com.gtis.cms.web.FrontUtils;
import com.gtis.common.security.BadCredentialsException;
import com.gtis.common.security.DisabledException;
import com.gtis.common.security.UsernameNotFoundException;
import com.gtis.common.web.CookieUtils;
import com.gtis.common.web.RequestUtils;
import com.gtis.common.web.session.SessionProvider;
import com.gtis.core.entity.Authentication;
import com.gtis.core.entity.Config;
import com.gtis.core.manager.AuthenticationMng;
import com.gtis.core.manager.ConfigMng;
import com.gtis.core.manager.UnifiedUserMng;
import com.gtis.core.web.WebErrors;
import com.octo.captcha.service.CaptchaServiceException;
import com.octo.captcha.service.image.ImageCaptchaService;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.lang.math.NumberUtils;
import org.apache.log4j.spi.LocationInfo;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.BeanFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.servlet.view.UrlBasedViewResolver;

@Controller
/* loaded from: input_file:WEB-INF/classes/com/gtis/cms/action/member/CasLoginAct.class */
public class CasLoginAct {
    private static final Logger log = LoggerFactory.getLogger(CasLoginAct.class);
    public static final String COOKIE_ERROR_REMAINING = "_error_remaining";
    public static final String LOGIN_INPUT = "tpl.loginInput";
    public static final String LOGIN_STATUS = "tpl.loginStatus";

    @Autowired
    private CmsUserMng cmsUserMng;

    @Autowired
    private ConfigMng configMng;

    @Autowired
    private AuthenticationMng authMng;

    @Autowired
    private UnifiedUserMng unifiedUserMng;

    @Autowired
    private ImageCaptchaService imageCaptchaService;

    @Autowired
    private SessionProvider session;

    @RequestMapping(value = {"/login.htm"}, method = {RequestMethod.GET})
    public String input(HttpServletRequest httpServletRequest, ModelMap modelMap) {
        Authentication retrieve;
        CmsSite site = CmsUtils.getSite(httpServletRequest);
        String solutionPath = site.getSolutionPath();
        String queryParam = RequestUtils.getQueryParam(httpServletRequest, com.gtis.core.action.front.LoginAct.PROCESS_URL);
        String queryParam2 = RequestUtils.getQueryParam(httpServletRequest, "returnUrl");
        String queryParam3 = RequestUtils.getQueryParam(httpServletRequest, "message");
        String str = (String) this.session.getAttribute(httpServletRequest, AuthenticationMng.AUTH_KEY);
        if (str != null && (retrieve = this.authMng.retrieve(str)) != null) {
            String view = getView(queryParam, queryParam2, retrieve.getId());
            if (view != null) {
                return view;
            }
            FrontUtils.frontData(httpServletRequest, modelMap, site);
            modelMap.addAttribute("auth", retrieve);
            return FrontUtils.getTplPath(httpServletRequest, solutionPath, Constants.TPLDIR_MEMBER, LOGIN_STATUS);
        }
        FrontUtils.frontData(httpServletRequest, modelMap, site);
        if (!StringUtils.isBlank(queryParam)) {
            modelMap.addAttribute(com.gtis.core.action.front.LoginAct.PROCESS_URL, queryParam);
        }
        if (!StringUtils.isBlank(queryParam2)) {
            modelMap.addAttribute("returnUrl", queryParam2);
        }
        if (!StringUtils.isBlank(queryParam3)) {
            modelMap.addAttribute("message", queryParam3);
        }
        return FrontUtils.getTplPath(httpServletRequest, solutionPath, Constants.TPLDIR_MEMBER, "tpl.loginInput");
    }

    @RequestMapping(value = {"/login.htm"}, method = {RequestMethod.POST})
    public String submit(String str, String str2, String str3, String str4, String str5, String str6, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ModelMap modelMap) {
        Integer errorRemaining = this.unifiedUserMng.errorRemaining(str);
        CmsSite site = CmsUtils.getSite(httpServletRequest);
        String solutionPath = site.getSolutionPath();
        WebErrors validateSubmit = validateSubmit(str, str2, str3, errorRemaining, httpServletRequest, httpServletResponse);
        if (!validateSubmit.hasErrors()) {
            try {
                String ipAddr = RequestUtils.getIpAddr(httpServletRequest);
                Authentication login = this.authMng.login(str, str2, ipAddr, httpServletRequest, httpServletResponse, this.session);
                this.cmsUserMng.updateLoginInfo(login.getUid(), ipAddr);
                if (this.cmsUserMng.findById(login.getUid()).getDisabled().booleanValue()) {
                    this.authMng.deleteById(login.getId());
                    this.session.logout(httpServletRequest, httpServletResponse);
                    throw new DisabledException("user disabled");
                }
                removeCookieErrorRemaining(httpServletRequest, httpServletResponse);
                String view = getView(str4, str5, login.getId());
                if (view != null) {
                    return view;
                }
                FrontUtils.frontData(httpServletRequest, modelMap, site);
                return "redirect:login.htm";
            } catch (BadCredentialsException e) {
                validateSubmit.addErrorString(e.getMessage());
            } catch (DisabledException e2) {
                validateSubmit.addErrorString(e2.getMessage());
            } catch (UsernameNotFoundException e3) {
                validateSubmit.addErrorString(e3.getMessage());
            }
        }
        writeCookieErrorRemaining(errorRemaining, httpServletRequest, httpServletResponse, modelMap);
        validateSubmit.toModel(modelMap);
        FrontUtils.frontData(httpServletRequest, modelMap, site);
        if (!StringUtils.isBlank(str4)) {
            modelMap.addAttribute(com.gtis.core.action.front.LoginAct.PROCESS_URL, str4);
        }
        if (!StringUtils.isBlank(str5)) {
            modelMap.addAttribute("returnUrl", str5);
        }
        if (!StringUtils.isBlank(str6)) {
            modelMap.addAttribute("message", str6);
        }
        return FrontUtils.getTplPath(httpServletRequest, solutionPath, Constants.TPLDIR_MEMBER, "tpl.loginInput");
    }

    @RequestMapping({"/logout.htm"})
    public String logout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String str = (String) this.session.getAttribute(httpServletRequest, AuthenticationMng.AUTH_KEY);
        if (str == null) {
            String view = getView(RequestUtils.getQueryParam(httpServletRequest, com.gtis.core.action.front.LoginAct.PROCESS_URL), RequestUtils.getQueryParam(httpServletRequest, "returnUrl"), str);
            return view != null ? view : "redirect:login.htm";
        }
        this.authMng.deleteById(str);
        this.session.logout(httpServletRequest, httpServletResponse);
        return null;
    }

    private WebErrors validateSubmit(String str, String str2, String str3, Integer num, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        WebErrors create = WebErrors.create(httpServletRequest);
        if (!create.ifOutOfLength(str, "username", 1, 100) && !create.ifOutOfLength(str2, "password", 1, 32)) {
            if (!StringUtils.isBlank(str3) || (num != null && num.intValue() < 0)) {
                if (create.ifBlank(str3, "captcha", 100)) {
                    return create;
                }
                try {
                    if (!this.imageCaptchaService.validateResponseForID(this.session.getSessionId(httpServletRequest, httpServletResponse), str3).booleanValue()) {
                        create.addErrorCode("error.invalidCaptcha");
                        return create;
                    }
                } catch (CaptchaServiceException e) {
                    create.addErrorCode("error.exceptionCaptcha");
                    log.warn("", (Throwable) e);
                    return create;
                }
            }
            return create;
        }
        return create;
    }

    private String getView(String str, String str2, String str3) {
        if (StringUtils.isBlank(str)) {
            if (StringUtils.isBlank(str2)) {
                return null;
            }
            return UrlBasedViewResolver.REDIRECT_URL_PREFIX + str2;
        }
        StringBuilder sb = new StringBuilder(UrlBasedViewResolver.REDIRECT_URL_PREFIX);
        sb.append(str).append(LocationInfo.NA).append(AuthenticationMng.AUTH_KEY).append("=").append(str3);
        if (!StringUtils.isBlank(str2)) {
            sb.append(BeanFactory.FACTORY_BEAN_PREFIX).append("returnUrl").append("=").append(str2);
        }
        return sb.toString();
    }

    private void writeCookieErrorRemaining(Integer num, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ModelMap modelMap) {
        Integer cookieErrorRemaining = getCookieErrorRemaining(httpServletRequest, httpServletResponse);
        Config.ConfigLogin configLogin = this.configMng.getConfigLogin();
        Integer errorInterval = configLogin.getErrorInterval();
        if (num != null && (cookieErrorRemaining == null || num.intValue() < cookieErrorRemaining.intValue())) {
            cookieErrorRemaining = num;
        }
        int intValue = configLogin.getErrorTimes().intValue();
        Integer valueOf = (cookieErrorRemaining == null || cookieErrorRemaining.intValue() > intValue) ? Integer.valueOf(intValue) : cookieErrorRemaining.intValue() <= 0 ? 0 : Integer.valueOf(cookieErrorRemaining.intValue() - 1);
        modelMap.addAttribute("errorRemaining", valueOf);
        CookieUtils.addCookie(httpServletRequest, httpServletResponse, "_error_remaining", valueOf.toString(), Integer.valueOf(errorInterval.intValue() * 60), null);
    }

    private Integer getCookieErrorRemaining(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Cookie cookie = CookieUtils.getCookie(httpServletRequest, "_error_remaining");
        if (cookie == null) {
            return null;
        }
        String value = cookie.getValue();
        if (NumberUtils.isDigits(value)) {
            return Integer.valueOf(Integer.parseInt(value));
        }
        return null;
    }

    private void removeCookieErrorRemaining(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        CookieUtils.cancleCookie(httpServletRequest, httpServletResponse, "_error_remaining", null);
    }
}
