package com.doumee.shiro;

import com.doumee.core.constants.ResponseStatus;
import com.doumee.core.exception.BusinessException;
import com.doumee.core.model.LoginUserInfo;
import com.doumee.core.utils.Constants;
import com.doumee.dao.system.model.SystemPermission;
import com.doumee.dao.system.model.SystemRole;
import com.doumee.dao.system.model.SystemUser;
import com.doumee.service.system.SystemDataPermissionService;
import com.doumee.service.system.SystemPermissionService;
import com.doumee.service.system.SystemRoleService;
import com.doumee.service.system.SystemUserService;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Lazy;
import org.springframework.stereotype.Component;

import java.util.List;

/**
 * 自定义Realm，处理认证和权限
 * @author Eva.Caesar Liu
 * @date 2022/03/15 09:54
 */
@Component
public class ShiroRealm extends AuthorizingRealm {

    @Lazy
    @Autowired
    private SystemDataPermissionService systemDataPermissionService;
    @Lazy
    @Autowired
    private SystemUserService systemUserService;

    @Lazy
    @Autowired
    private SystemRoleService systemRoleService;

    @Lazy
    @Autowired
    private SystemPermissionService systemPermissionService;

    /**
     * 权限处理
     * @author Eva.Caesar Liu
     * @date 2022/03/15 09:54
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        LoginUserInfo loginUserInfo = (LoginUserInfo)principalCollection.getPrimaryPrincipal();
        // 设置用户角色和权限
        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
        authorizationInfo.addRoles(loginUserInfo.getRoles());
        authorizationInfo.addStringPermissions(loginUserInfo.getPermissions());
        return authorizationInfo;
    }

    /**
     * 认证处理
     * @author Eva.Caesar Liu
     * @date 2022/03/15 09:54
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        // 获取用户名
        String username = authenticationToken.getPrincipal().toString();
        // 根据用户名查询用户对象
        SystemUser queryDto = new SystemUser();
        queryDto.setUsername(username);
        queryDto.setType(Constants.UserType.SYSTEM.getKey());
        queryDto.setDeleted(Boolean.FALSE);
        SystemUser user = systemUserService.findOne(queryDto);
        if(user == null){
            throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对不起，账号或密码不正确！");
        }
        if(!Constants.equalsInteger(user.getStatus(),Constants.ZERO)){
            throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"对不起，账号信息已被禁用，如有疑问请联系系统管理员！");
        }
        // 获取登录用户信息
        List<SystemRole> roles = systemRoleService.findByUserId(user.getId());
        List<SystemPermission> permissions = systemPermissionService.findByUserId(user.getId());
        LoginUserInfo userInfo = LoginUserInfo.from(user, roles, permissions);
        // 验证用户
        return new SimpleAuthenticationInfo(userInfo, user.getPassword(), this.getName());
    }

}