package com.goldgov.pd.elearning.basic.ouser.user.web;

import com.goldgov.kcloud.core.cache.CacheHolder;
import com.goldgov.kcloud.core.json.JsonErrorObject;
import com.goldgov.kcloud.core.json.JsonObject;
import com.goldgov.kcloud.core.json.JsonSuccessObject;
import com.goldgov.pd.elearning.basic.ouser.user.exception.CustomerUserException;
import com.goldgov.pd.elearning.basic.ouser.user.service.account.AccountBindingService;
import com.goldgov.pd.elearning.basic.ouser.user.service.account.AccountSafe;
import com.goldgov.pd.elearning.basic.ouser.user.service.account.AccountService;
import com.goldgov.pd.elearning.basic.ouser.user.service.account.AuthServerConstants;
import com.goldgov.pd.elearning.basic.ouser.user.service.account.BindingType;
import com.goldgov.pd.elearning.basic.ouser.user.service.user.LoginUser;
import com.goldgov.pd.elearning.basic.ouser.user.service.user.LoginUserService;
import com.goldgov.pd.elearning.basic.ouser.user.service.user.UserService;
import com.goldgov.pd.elearning.basic.ouser.user.utils.AuthServerProperties;
import com.goldgov.pd.elearning.basic.ouser.user.utils.VerifyCodeUtils;
import com.goldgov.pd.elearning.basic.ouser.user.web.model.OrgUserModel;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiImplicitParams;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;
import java.io.IOException;
import java.io.OutputStream;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.Date;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.codec.digest.DigestUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.ui.Model;
import org.springframework.util.Base64Utils;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.PutMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

@RequestMapping({"/portal/user"})
@Api("前台用户管理")
@RestController
/* loaded from: input_file:com/goldgov/pd/elearning/basic/ouser/user/web/PcUserController.class */
public class PcUserController extends UserController {

    @Autowired
    private UserService userService;

    @Autowired
    private AccountBindingService abService;

    @Autowired
    private AccountService accountService;

    @Autowired
    private LoginUserService loginUserService;

    @Autowired
    private AuthServerProperties authServerProperties;
    BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();

    @PostMapping({"/open/registerUser"})
    @ApiOperation(value = "注册用户", notes = "portal用户注册")
    public JsonObject<Object> registerUser(@RequestBody OrgUserModel orgUserModel) {
        try {
            if (orgUserModel.getCreateUser() == null || "".equals(orgUserModel.getCreateUser().trim())) {
                orgUserModel.setCreateUser("-1");
            }
            this.userService.saveUser(orgUserModel);
            return new JsonSuccessObject(orgUserModel);
        } catch (CustomerUserException e) {
            return new JsonErrorObject(e.getMessage());
        }
    }

    private boolean getValiaCode(String str, String str2, String str3) {
        if (!StringUtils.isEmpty(str3)) {
            SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
            try {
                if ((simpleDateFormat.parse(simpleDateFormat.format(new Date())).getTime() - simpleDateFormat.parse(str3).getTime()) / 1000 > this.authServerProperties.getCaptchaTimeout().intValue()) {
                    return false;
                }
            } catch (ParseException e) {
                return false;
            }
        }
        return (StringUtils.isEmpty(str) || StringUtils.isEmpty(str2) || !str.toUpperCase().equals(str2.toUpperCase())) ? false : true;
    }

    @GetMapping({"/open/generateCaptchaImage"})
    public void generateCaptchaNumImage(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Model model) throws IOException {
        String generateVerifyCode = VerifyCodeUtils.generateVerifyCode(this.authServerProperties.getCaptchaSize().intValue());
        httpServletRequest.getSession().setAttribute(AuthServerConstants.SESSION_KEY_CAPTCHA, generateVerifyCode);
        httpServletRequest.getSession().setAttribute(AuthServerConstants.SESSION_KEY_CAPTCHA_TIME, new SimpleDateFormat("yyyy-MM-dd HH:mm:ss").format(new Date()));
        httpServletResponse.setContentType("image/jpeg");
        VerifyCodeUtils.outputImage(120, 40, (OutputStream) httpServletResponse.getOutputStream(), generateVerifyCode);
    }

    @GetMapping({"/open/getLoginUser"})
    @ApiOperation("根据登录名查询用户")
    public JsonObject getLoginUser(HttpServletRequest httpServletRequest, @RequestParam("captcha") String str, @RequestParam("userName") @ApiParam(name = "userName", value = "用户名", required = true) String str2) {
        if (!getValiaCode(str, (String) httpServletRequest.getSession().getAttribute(AuthServerConstants.SESSION_KEY_CAPTCHA), (String) httpServletRequest.getSession().getAttribute(AuthServerConstants.SESSION_KEY_CAPTCHA_TIME))) {
            return new JsonSuccessObject("验证码校验失败");
        }
        httpServletRequest.getSession().removeAttribute(AuthServerConstants.SESSION_KEY_CAPTCHA);
        httpServletRequest.getSession().removeAttribute(AuthServerConstants.SESSION_KEY_CAPTCHA_TIME);
        LoginUser loginUserByUserName = this.loginUserService.getLoginUserByUserName(str2);
        if (loginUserByUserName == null) {
            return new JsonErrorObject("用户不存在");
        }
        if (loginUserByUserName.getState() == 4) {
            return new JsonErrorObject("用户尚未激活");
        }
        AccountSafe accountSafe = this.abService.getAccountSafe(loginUserByUserName.getAccountID(), BindingType.MOBILE.name());
        return accountSafe == null ? new JsonSuccessObject(3000, "2000", "用户尚未绑定手机号") : new JsonSuccessObject(Base64Utils.encodeToString(accountSafe.getBindAccount().getBytes()));
    }

    @PutMapping({"/open/account/resetPasswd"})
    @ApiImplicitParams({@ApiImplicitParam(name = "loginID", value = "账号id", paramType = "query", required = false), @ApiImplicitParam(name = "newPassword", value = "新密码", paramType = "query", required = false)})
    @ApiOperation(value = "重置密码", notes = "重置密码")
    public JsonObject<Object> resetPasswd(@RequestParam("loginID") String str, @RequestParam("newPassword") String str2) {
        String bindAccount;
        LoginUser loginUserByUserName = this.loginUserService.getLoginUserByUserName(str);
        AccountSafe accountSafe = this.accountService.getAccountSafe(loginUserByUserName.getAccountID(), BindingType.MOBILE.name());
        if (accountSafe != null && (bindAccount = accountSafe.getBindAccount()) != null && !"".equals(bindAccount)) {
            if (CacheHolder.get("phoneStatus_" + bindAccount) == null) {
                throw new RuntimeException("验证超时");
            }
            this.accountService.resetPasswd(new String[]{loginUserByUserName.getAccountID()}, str2);
            CacheHolder.remove("phoneStatus_" + bindAccount);
        }
        return new JsonSuccessObject(true);
    }

    @PutMapping({"/account/checkWeakPasswd"})
    @ApiImplicitParams({@ApiImplicitParam(name = "loginID", value = "账号id", paramType = "query", required = false)})
    @ApiOperation(value = "验证密码是否为弱密码", notes = "验证密码是否为弱密码")
    public JsonObject<Object> checkWeakPasswd(@RequestParam("loginID") String str) {
        return !this.encoder.matches(DigestUtils.md5Hex(this.authServerProperties.getDefaultPasswd()), this.loginUserService.getLoginUserByUserName(str).getPasswd()) ? new JsonSuccessObject(false) : new JsonSuccessObject(true);
    }
}
