package com.javaweb.web.controller.system;

import com.javaweb.cms.util.CmsConstants;
import com.javaweb.common.constant.RSAKey;
import com.javaweb.common.core.controller.BaseController;
import com.javaweb.common.core.domain.AjaxResult;
import com.javaweb.common.utils.ServletUtils;
import com.javaweb.common.utils.StringUtils;
import com.javaweb.framework.util.ShiroUtils;
import com.javaweb.system.domain.SysUser;
import com.javaweb.system.service.ISysConfigService;

import cn.hutool.crypto.asymmetric.KeyType;
import cn.hutool.crypto.asymmetric.RSA;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.ResponseBody;


import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * 登录验证
 * 
 * @author javaweb
 */
@Controller
public class SysLoginController extends BaseController
{
    @Autowired
    private ISysConfigService configService;

    private String getLoginPageCode(){
        return configService.selectConfigByKey(CmsConstants.KEY_LOGIN_PAGE);
    }
    @GetMapping("/login")
    public String login(HttpServletRequest request, HttpServletResponse response)
    {
        SysUser user = ShiroUtils.getSysUser();
        if(user!=null){
            return "redirect:/index";
        }
        // 如果是Ajax请求，返回Json字符串。
        if (ServletUtils.isAjaxRequest(request))
        {
            return ServletUtils.renderString(response, "{\"code\":\"1\",\"msg\":\"未登录或登录超时。请重新登录\"}");
        }
        String loginPageCode=getLoginPageCode();
        if(StringUtils.isEmpty(loginPageCode)){
            return "login";
        }else{
            //配置了login.page参数
            return "loginPage/"+loginPageCode+"/login";//页面在cms模块loginPage文件夹下
        }

    }
    
    @PostMapping("/login")
    @ResponseBody
    public AjaxResult ajaxLogin(String username, String password, Boolean rememberMe)
    {
   	
    	RSA  rsa = new RSA(RSAKey.privatekey, null);
    	
    	username = new String(rsa.decryptStr(username, KeyType.PrivateKey));
    	password = new String(rsa.decryptStr(password, KeyType.PrivateKey));
    	
     
    	
        UsernamePasswordToken token = new UsernamePasswordToken(username, password, rememberMe);
        Subject subject = SecurityUtils.getSubject();
        try
        {
            subject.login(token);
            ServletUtils.setLoginCookie(username, password, rememberMe);
            return success();
        }
        catch (AuthenticationException e)
        {
            String msg = "用户或密码错误";
            if (StringUtils.isNotEmpty(e.getMessage()))
            {
                msg = e.getMessage();
            }
            return error(msg);
        }
    }

    @GetMapping("/unauth")
    public String unauth()
    {
        return "error/unauth";
    }
}