package net.hlinfo.pbp.controller;

import cn.dev33.satoken.annotation.SaCheckLogin;
import cn.dev33.satoken.annotation.SaCheckPermission;
import cn.dev33.satoken.stp.StpUtil;
import cn.hutool.core.util.StrUtil;
import cn.hutool.crypto.SmUtil;
import cn.hutool.crypto.asymmetric.KeyType;
import cn.hutool.crypto.asymmetric.SM2;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.TimeUnit;
import javax.servlet.http.HttpServletRequest;
import javax.validation.Valid;
import net.hlinfo.opt.Func;
import net.hlinfo.opt.HashUtils;
import net.hlinfo.opt.QueryPages;
import net.hlinfo.opt.RedisUtils;
import net.hlinfo.opt.pager.MPager;
import net.hlinfo.pbp.entity.AdminInfo;
import net.hlinfo.pbp.etc.EnvConfig;
import net.hlinfo.pbp.opt.PbpRedisKey;
import net.hlinfo.pbp.opt.PwdUtils;
import net.hlinfo.pbp.opt.Resp;
import net.hlinfo.pbp.opt.dto.AdminLoginResultDTO;
import net.hlinfo.pbp.opt.vo.LoginParam;
import net.hlinfo.pbp.opt.vo.ResetPwdParam;
import net.hlinfo.pbp.service.PbpPermissionService;
import net.hlinfo.pbp.usr.auth.AuthType;
import org.nutz.dao.Cnd;
import org.nutz.dao.Dao;
import org.nutz.lang.Lang;
import org.nutz.lang.Strings;
import org.nutz.lang.util.NutMap;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

@Api(tags = {"管理员模块"})
@RequestMapping({"/system/pbp/admin"})
@RestController
/* loaded from: input_file:net/hlinfo/pbp/controller/PbpAdminController.class */
public class PbpAdminController extends BaseController {

    @Autowired
    private Dao dao;

    @Autowired
    private RedisUtils redisCache;

    @Autowired
    private EnvConfig env;
    private PbpPermissionService permissionService;

    @PostMapping({"/save"})
    @SaCheckPermission({AuthType.Root.PERM, AuthType.Admin.PERM})
    @ApiOperation("管理员添加|编辑")
    @SaCheckLogin
    public Resp<AdminInfo> save(@Valid @RequestBody AdminInfo adminInfo) {
        Cnd and = Cnd.where("isdelete", "=", 0).and("account", "=", adminInfo.getAccount());
        if (Func.isNotBlank(adminInfo.getId())) {
            and.and("id", "!=", adminInfo.getId());
        }
        if (this.dao.count(AuthType.Admin.class, and) > 0) {
            return new Resp().error("账号不能重复");
        }
        AdminInfo adminInfo2 = (AdminInfo) adminInfo.insertOrUpdateIgnoreNull(this.dao);
        return adminInfo2 != null ? new Resp().ok("保存成功", adminInfo2) : new Resp().error("保存失败");
    }

    @RequestMapping(value = {"/delete"}, method = {RequestMethod.DELETE, RequestMethod.GET})
    @SaCheckPermission({AuthType.Root.PERM, AuthType.Admin.PERM})
    @ApiOperation("管理员删除")
    @SaCheckLogin
    public Resp delete(@RequestParam("id") String str, HttpServletRequest httpServletRequest) {
        if (Func.isBlank(str)) {
            return new Resp().error("id不能为空");
        }
        AdminInfo adminInfo = (AdminInfo) this.dao.fetch(AdminInfo.class, str);
        return adminInfo == null ? new Resp().error("该数据已经被删除了") : Resp.OBJ_O(Integer.valueOf(adminInfo.deletedSoft(this.dao)));
    }

    @SaCheckPermission({AuthType.Root.PERM, AuthType.Admin.PERM})
    @ApiOperation("管理员列表")
    @SaCheckLogin
    @GetMapping({"/list"})
    public Resp<QueryPages<AdminInfo>> list(@RequestParam(name = "keywords", defaultValue = "") @ApiParam("姓名查找") String str, @RequestParam(name = "status", defaultValue = "-1") @ApiParam("状态：-1全部 0 启用 1禁用") int i, @RequestParam(name = "userLevel", defaultValue = "-1") @ApiParam("【可选】用户级别：-1全部,其他请自定义") int i2, @RequestParam(name = "userType", defaultValue = "-1") @ApiParam("【可选】用户类型：-1全部,其他请自定义") int i3, @RequestParam(name = "page", defaultValue = "1") @ApiParam("页数") int i4, @RequestParam(name = "limit", defaultValue = "20") @ApiParam("每页显示条数") int i5, HttpServletRequest httpServletRequest) {
        Cnd where = Cnd.where("isdelete", "=", 0);
        MPager mPager = new MPager(i4, i5);
        if (Strings.isNotBlank(str)) {
            where.and(Cnd.exps("realName", "like", "%" + str + "%").or("account", "like", "%" + str + "%").or("phone", "like", "%" + str + "%"));
        }
        if (i == 0 || i == 1) {
            where.and("status", "=", Integer.valueOf(i));
        }
        if (i2 >= 0) {
            where.and("userLevel", "=", Integer.valueOf(i2));
        }
        if (i3 >= 0) {
            where.and("userType", "=", Integer.valueOf(i3));
        }
        mPager.setRecordCount(this.dao.count(AdminInfo.class, where));
        return new Resp().ok("获取成功", new QueryPages(this.dao.query(AdminInfo.class, where.limit(i4, i5).desc("createtime")), mPager));
    }

    @PostMapping({"/login"})
    @ApiOperation(value = "账号密码登陆", notes = "密码用sm2加密")
    public Resp<AdminLoginResultDTO> accountLogin(@RequestBody LoginParam loginParam, HttpServletRequest httpServletRequest) {
        int i;
        if (Strings.isBlank(loginParam.getPwd()) || Strings.isBlank(loginParam.getAccount())) {
            return Resp.ERROR("出错了，参数不能为空");
        }
        String str = (String) this.redisCache.getObject(PbpRedisKey.VERIFYCODE + (Func.isBlank(loginParam.getTime()) ? Lang.getIP(httpServletRequest) : Lang.getIP(httpServletRequest) + ":" + loginParam.getTime()));
        if (this.env.isprod() && (Func.isBlank(str) || Func.notequals(str.toLowerCase(), loginParam.getVerifyCode().toLowerCase()))) {
            return new Resp().error("验证码不正确，请重新输入");
        }
        String str2 = (String) this.redisCache.getObject("sm2PublicKey:" + Func.Times.nowDateBasic());
        String str3 = (String) this.redisCache.getObject("sm2PrivateKey:" + Func.Times.nowDateBasic());
        if (Func.isBlank(str2) || Func.isBlank(str3)) {
            return Resp.FAIL("加密密钥过期，请刷新后重试");
        }
        String ipAddr = Func.getIpAddr(httpServletRequest);
        int cacheInt = this.redisCache.getCacheInt("accountErrorQty:" + ipAddr);
        if (cacheInt > 5 && this.redisCache.hashKeys("accountErrorQtyTimes:" + ipAddr)) {
            return new Resp().error("尝试超过失败次数限制，请于15分钟后再试");
        }
        AdminInfo adminInfo = (AdminInfo) this.dao.fetch(AdminInfo.class, Cnd.where("account", "=", loginParam.getAccount()).and("isdelete", "=", 0));
        if (adminInfo == null) {
            int i2 = cacheInt + 1;
            if (i2 > 5) {
                this.redisCache.resetCacheData("accountErrorQty:" + ipAddr, Integer.valueOf(i2), 15L);
                this.redisCache.setObject("accountErrorQtyTimes:" + ipAddr, Integer.valueOf(i2), 15, TimeUnit.MINUTES);
            } else {
                this.redisCache.setObject("accountErrorQty:" + ipAddr, Integer.valueOf(i2));
            }
            return new Resp().error("账号或密码错误");
        }
        if (!PwdUtils.passwdMatches(HashUtils.sm3(StrUtil.utf8Str(SmUtil.sm2(str3, str2).decryptFromBcd(loginParam.getPwd(), KeyType.PrivateKey))), adminInfo.getPassword())) {
            int i3 = cacheInt + 1;
            if (i3 > 5) {
                this.redisCache.resetCacheData("accountErrorQty:" + ipAddr, Integer.valueOf(i3), 15L);
                this.redisCache.setObject("accountErrorQtyTimes:" + ipAddr, Integer.valueOf(i3), 15, TimeUnit.MINUTES);
            } else {
                this.redisCache.setObject("accountErrorQty:" + ipAddr, Integer.valueOf(i3));
            }
            return new Resp().error("账号或密码错误");
        }
        if (adminInfo.getStatus() == 1) {
            return new Resp().error("账号已经被禁止登陆");
        }
        adminInfo.updateLoginInfo(httpServletRequest);
        adminInfo.updated();
        if (this.dao.updateIgnoreNull(adminInfo) > 0) {
            this.redisCache.deleteObject("accountErrorQty:" + ipAddr);
            this.redisCache.deleteObject("accountErrorQtyTimes:" + ipAddr);
        }
        if (adminInfo.getUserType() == 0) {
            i = 0;
            StpUtil.login("0-" + adminInfo.getId());
        } else {
            i = 1000;
            StpUtil.login("1000-" + adminInfo.getId());
        }
        AdminLoginResultDTO adminLoginResultDTO = new AdminLoginResultDTO();
        adminLoginResultDTO.setAccountInfo(adminInfo);
        NutMap permSetByUserid = this.permissionService.getPermSetByUserid(i, adminLoginResultDTO.getAccountInfo().getId());
        adminLoginResultDTO.setMenus(this.permissionService.loadLeftMenu((Set) permSetByUserid.getAs("permIds", Set.class), (Map) permSetByUserid.getAs("permBtnMap", Map.class), "0"));
        adminLoginResultDTO.setTokenInfo(StpUtil.getTokenInfo());
        adminLoginResultDTO.setSuccessUrl(this.permissionService.getLoginSuccessRoutePath(adminInfo.getId()));
        this.redisCache.resetCacheData(PbpRedisKey.ADMININFO + adminInfo.getId(), adminInfo);
        return Resp.OK("登陆成功", adminLoginResultDTO);
    }

    @PostMapping({"/logout"})
    @SaCheckPermission({AuthType.Root.PERM, AuthType.Admin.PERM})
    @ApiOperation("账号退出")
    @SaCheckLogin
    public Resp<NutMap> logout(HttpServletRequest httpServletRequest) {
        StpUtil.logout((StpUtil.hasPermission(AuthType.Root.PERM) ? 0 : 1000) + "-" + getLoginId());
        return Resp.OK("退出成功");
    }

    @PostMapping({"/resetPwd"})
    @SaCheckPermission({AuthType.Root.PERM, AuthType.Admin.PERM})
    @ApiOperation("重置本人密码")
    @SaCheckLogin
    public Resp<AdminInfo> resetPwd(@Valid @RequestBody ResetPwdParam resetPwdParam, HttpServletRequest httpServletRequest) {
        if (Strings.isBlank(resetPwdParam.getOldPwd())) {
            return new Resp().error("旧密码不能空");
        }
        String str = (String) this.redisCache.getObject("sm2PublicKey:" + Func.Times.nowDateBasic());
        String str2 = (String) this.redisCache.getObject("sm2PrivateKey:" + Func.Times.nowDateBasic());
        if (Func.isBlank(str) || Func.isBlank(str2)) {
            return Resp.FAIL("加密密钥过期，请刷新后重试");
        }
        SM2 sm2 = SmUtil.sm2(str2, str);
        String utf8Str = StrUtil.utf8Str(sm2.decryptFromBcd(resetPwdParam.getOldPwd(), KeyType.PrivateKey));
        String utf8Str2 = StrUtil.utf8Str(sm2.decryptFromBcd(resetPwdParam.getNewPwd(), KeyType.PrivateKey));
        AdminInfo adminInfo = (AdminInfo) this.dao.fetch(AdminInfo.class, resetPwdParam.getId());
        if (!PwdUtils.passwdMatches(HashUtils.sm3(utf8Str), adminInfo.getPassword())) {
            return new Resp().error("旧密码错误，请重新输入");
        }
        adminInfo.setPassword(PwdUtils.passwdEncoder(HashUtils.sm3(utf8Str2)));
        return this.dao.updateIgnoreNull(adminInfo) > 0 ? new Resp().ok("保存成功") : new Resp().error("保存失败");
    }

    @PostMapping({"/resetUserPwd"})
    @SaCheckPermission({AuthType.Root.PERM, AuthType.Admin.PERM})
    @ApiOperation("重置用户的密码")
    @SaCheckLogin
    public Resp<AdminInfo> resetUserPwd(@Valid @RequestBody ResetPwdParam resetPwdParam, HttpServletRequest httpServletRequest) {
        String str = (String) this.redisCache.getObject("sm2PublicKey:" + Func.Times.nowDateBasic());
        String str2 = (String) this.redisCache.getObject("sm2PrivateKey:" + Func.Times.nowDateBasic());
        if (Func.isBlank(str) || Func.isBlank(str2)) {
            return Resp.FAIL("加密密钥过期，请刷新后重试");
        }
        String utf8Str = StrUtil.utf8Str(SmUtil.sm2(str2, str).decryptFromBcd(resetPwdParam.getNewPwd(), KeyType.PrivateKey));
        AdminInfo adminInfo = (AdminInfo) this.dao.fetch(AdminInfo.class, resetPwdParam.getId());
        adminInfo.setPassword(PwdUtils.passwdEncoder(HashUtils.sm3(utf8Str)));
        return this.dao.updateIgnoreNull(adminInfo) > 0 ? new Resp().ok("保存成功") : new Resp().error("保存失败");
    }

    @SaCheckPermission({AuthType.Root.PERM, AuthType.Admin.PERM})
    @ApiOperation("根据ID获取信息")
    @SaCheckLogin
    @GetMapping({"/byid"})
    public Resp<AdminInfo> byid(@RequestParam(name = "id") String str) {
        return Resp.OBJ_Q((AdminInfo) this.dao.fetch(AdminInfo.class, str));
    }
}
