package quant.rich.emoney.controller;

import java.util.Objects;

import javax.security.auth.login.LoginException;

import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import jodd.util.Base64;
import quant.rich.emoney.controller.common.BaseController;
import quant.rich.emoney.entity.config.PlatformConfig;
import quant.rich.emoney.pojo.dto.R;
import quant.rich.emoney.service.AuthService;
import quant.rich.emoney.service.ConfigService;
import quant.rich.emoney.util.EncryptUtils;

@Controller
@RequestMapping("/admin/v1")
public class LoginControllerV1 extends BaseController {

    @Autowired
    ConfigService configService;

    @Autowired
    PlatformConfig platformConfig;
    
    @Autowired
    AuthService authService;

    @GetMapping("/login")
    public String login() {

        if (isLogin()) {
            return "redirect:/admin/v1/index";
        }

        if (!platformConfig.getIsInited()) {
            return "admin/v1/init";
        }

        return "admin/v1/login";

    }

    @PostMapping("/login")
    @ResponseBody
    public R<?> login(String username, String password, String captcha, String redirect) throws LoginException {

        // 登录流程
        if (platformConfig.getIsInited()) {

            if (StringUtils.isBlank(captcha)) {
                throw new LoginException("验证码不能为空");
            }
            Object sessionCaptcha = session.getAttribute(AuthService.CAPTCHA);
            if (Objects.isNull(sessionCaptcha) || !captcha.equalsIgnoreCase(sessionCaptcha.toString())) {
                throw new LoginException("验证码错误");
            }
            if (StringUtils.isAnyBlank(username) || !passwordIsNotEmpty(password)) {
                throw new LoginException("用户名和密码不能为空");
            }
            if (!username.equals(platformConfig.getUsername())
                    || !password.equals(platformConfig.getPassword())) {
                session.removeAttribute(AuthService.CAPTCHA);
                throw new LoginException("用户名或密码错误");
            }
            String to = "/admin/v1";
            if (StringUtils.isNotEmpty(redirect)) {
                to = Base64.decodeToString(redirect);
            }
            
            authService.setLogin(username, password);
            
            session.removeAttribute(AuthService.CAPTCHA);
            return R.ok(to);
        }
        // 初始化流程

        if (StringUtils.isAnyBlank(username) || !passwordIsNotEmpty(password)) {
            throw new LoginException("用户名和密码不能为空");
        }
        platformConfig.setUsername(username).setPassword(password).setIsInited(true);
        boolean success = configService.saveOrUpdate(platformConfig);
        if (!success) {
            throw new LoginException("无法配置用户名和密码，请检查");
        }

        String to = Base64.decodeToString("/admin/v1/login");
        return R.ok(to);
    }

    @GetMapping("/logout")
    public String logout() {
        return "redirect:/admin/v1/login";
    }

    static final String EMPTY_PASSWORD = EncryptUtils.sha3("", 224);

    static boolean passwordIsNotEmpty(String password) {
        return StringUtils.isNotEmpty(password) && !password.equalsIgnoreCase(EMPTY_PASSWORD);
    }

}