package com.doumee.config.cloudfilter;

import com.alibaba.fastjson.JSONObject;
import com.doumee.config.annotation.CloudRequiredPermission;
import com.doumee.config.annotation.LoginNoRequired;
import com.doumee.core.constants.ResponseStatus;
import com.doumee.core.exception.BusinessException;
import com.doumee.core.model.LoginUserInfo;
import com.doumee.core.utils.Constants;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.authz.UnauthorizedException;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class LoginHandlerInterceptor implements HandlerInterceptor {

    private RedisTemplate<String,Object> stringRedisTemplate;


    // 由于该类未交给spring管理，因此不能使用自动装配的方式获取RedisTemplate对象
    public LoginHandlerInterceptor(RedisTemplate<String,Object> stringRedisTemplate) {
        this.stringRedisTemplate = stringRedisTemplate;
    }

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        HandlerMethod handlerMethod = (HandlerMethod) handler;
        Class<?> beanType = handlerMethod.getBeanType();
        if (!beanType.isAnnotationPresent(LoginNoRequired.class) && !handlerMethod.hasMethodAnnotation(LoginNoRequired.class)) {
            //获取token
            String token = request.getHeader(Constants.HEADER_USER_TOKEN);  // 从 http 请求头中取出 token
            if (StringUtils.isNotBlank(token)) {
              LoginUserInfo user =   checkLogin(request,response);
                if (handlerMethod.hasMethodAnnotation(CloudRequiredPermission.class)) {
                    CloudRequiredPermission p = handlerMethod.getMethodAnnotation(CloudRequiredPermission.class);
                    if(p.value()!=null && p.value().length>0){
                        boolean hasPermission = false;
                        for(String s :p.value()){
                            if(user.getPermissions()!=null){
                                for(String t :user.getPermissions()){
                                    if(StringUtils.equals(t,s)){
                                        hasPermission = true;
                                        break;
                                    }
                                }
                            }
                        }
                        if(!hasPermission) {
                            //没有操作权限
                            throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"没有该操作权限");
                        }
                    }

                }
            } else {
                throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"未登录");
            }
        }
        return true;
    }

    private LoginUserInfo checkLogin(HttpServletRequest request, HttpServletResponse response) {
        String token = request.getHeader(Constants.HEADER_USER_TOKEN);
        if (token == null || token.isEmpty()) {
            throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"未登录");
        }
        String userinfo =(String) stringRedisTemplate.opsForValue().get(Constants.REDIS_TOKEN_KEY + token);
        if (StringUtils.isBlank(userinfo)) {
            throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"未登录");
        }
        LoginUserInfo user = JSONObject.toJavaObject(JSONObject.parseObject(userinfo),LoginUserInfo.class );
        if(user ==null ){
            throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"用户登陆已失效，请重新登陆！");
        }
        //权限判断------------
        return  user;
    }

    //    @Override
    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
//        UserContext.removeUser();
    }
}