package io.jpom.controller;

import cn.hutool.cache.impl.LFUCache;
import cn.hutool.captcha.CaptchaUtil;
import cn.hutool.captcha.CircleCaptcha;
import cn.hutool.core.date.BetweenFormater;
import cn.hutool.core.date.DateUtil;
import cn.hutool.core.util.StrUtil;
import cn.jiangzeyin.common.JsonMessage;
import cn.jiangzeyin.common.validator.ValidatorConfig;
import cn.jiangzeyin.common.validator.ValidatorItem;
import cn.jiangzeyin.common.validator.ValidatorRule;
import io.jpom.common.BaseServerController;
import io.jpom.common.interceptor.BaseJpomInterceptor;
import io.jpom.common.interceptor.LoginInterceptor;
import io.jpom.common.interceptor.NotLogin;
import io.jpom.common.interceptor.OptLog;
import io.jpom.model.data.UserModel;
import io.jpom.model.log.UserOperateLogV1;
import io.jpom.service.user.UserService;
import io.jpom.system.ServerExtConfigBean;
import java.io.IOException;
import javax.annotation.Resource;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;

@Controller
/* loaded from: input_file:io/jpom/controller/LoginControl.class */
public class LoginControl extends BaseServerController {
    public static final LFUCache<String, Integer> LFU_CACHE = new LFUCache<>(1000);
    private static final String LOGIN_CODE = "login_code";
    private static final String SHOW_CODE = "show_code";
    public static final int INPUT_CODE = 600;
    private static final int INPUT_CODE_ERROR_COUNT = 3;

    @Resource
    private UserService userService;

    @RequestMapping(value = {"login.html"}, method = {RequestMethod.GET}, produces = {"text/html"})
    @NotLogin
    public String login() {
        if (this.userService.userListEmpty()) {
            return BaseJpomInterceptor.getRedirect(getRequest(), "/install.html");
        }
        setAttribute("showCode", Boolean.valueOf(showCode()));
        return "login";
    }

    private boolean showCode() {
        return StrUtil.isNotEmpty(getSessionAttribute(SHOW_CODE));
    }

    @RequestMapping(value = {"randCode.png"}, method = {RequestMethod.GET}, produces = {"image/png"})
    @NotLogin
    @ResponseBody
    public void randCode() throws IOException {
        CircleCaptcha createCircleCaptcha = CaptchaUtil.createCircleCaptcha(100, 50, 4, 8);
        createCircleCaptcha.createCode();
        createCircleCaptcha.write(getResponse().getOutputStream());
        setSessionAttribute(LOGIN_CODE, createCircleCaptcha.getCode());
        setSessionAttribute(SHOW_CODE, true);
    }

    private Integer ipError() {
        if (ServerExtConfigBean.getInstance().getIpErrorLockTime() <= 0) {
            return 0;
        }
        String ip = getIp();
        Integer num = (Integer) LFU_CACHE.get(ip);
        if (num == null) {
            num = 0;
        }
        Integer valueOf = Integer.valueOf(num.intValue() + 1);
        LFU_CACHE.put(ip, valueOf, ServerExtConfigBean.getInstance().getIpErrorLockTime());
        return valueOf;
    }

    private void ipSuccess() {
        LFU_CACHE.remove(getIp());
    }

    private boolean ipLock() {
        if (ServerExtConfigBean.getInstance().userAlwaysLoginError <= 0) {
            return false;
        }
        Integer num = (Integer) LFU_CACHE.get(getIp());
        if (num == null) {
            num = 0;
        }
        return num.intValue() > ServerExtConfigBean.getInstance().userAlwaysLoginError * 10;
    }

    @RequestMapping(value = {"userLogin"}, method = {RequestMethod.POST}, produces = {"application/json;charset=UTF-8"})
    @NotLogin
    @OptLog(UserOperateLogV1.OptType.Login)
    @ResponseBody
    public String userLogin(@ValidatorConfig({@ValidatorItem(value = ValidatorRule.NOT_EMPTY, msg = "请输入登录信息")}) String str, @ValidatorConfig({@ValidatorItem(value = ValidatorRule.NOT_EMPTY, msg = "请输入登录信息")}) String str2, String str3) {
        if (ipLock()) {
            return JsonMessage.getString(400, "尝试次数太多，请稍后再来");
        }
        synchronized (UserModel.class) {
            UserModel userModel = (UserModel) this.userService.getItem(str);
            if (userModel == null) {
                return JsonMessage.getString(ipError().intValue() >= INPUT_CODE_ERROR_COUNT ? INPUT_CODE : 400, "登录失败，请输入正确的密码和账号,多次失败将锁定账号");
            }
            if (showCode() || userModel.getPwdErrorCount() >= INPUT_CODE_ERROR_COUNT) {
                String sessionAttribute = getSessionAttribute(LOGIN_CODE);
                if (StrUtil.isEmpty(str3) || !sessionAttribute.equalsIgnoreCase(str3)) {
                    return JsonMessage.getString(INPUT_CODE, "请输入正确的验证码");
                }
                removeSessionAttribute(LOGIN_CODE);
            }
            try {
                long overLockTime = userModel.overLockTime();
                if (overLockTime > 0) {
                    String formatBetween = DateUtil.formatBetween(overLockTime * 1000, BetweenFormater.Level.MINUTE);
                    userModel.errorLock();
                    ipError();
                    String string = JsonMessage.getString(400, "该账户登录失败次数过多，已被锁定" + formatBetween + ",请不要再次尝试");
                    this.userService.updateItem(userModel);
                    return string;
                }
                if (str2.equals(userModel.getPassword())) {
                    userModel.unLock();
                    setSessionAttribute(LoginInterceptor.SESSION_NAME, userModel);
                    removeSessionAttribute(SHOW_CODE);
                    ipSuccess();
                    String string2 = JsonMessage.getString(200, "登录成功");
                    this.userService.updateItem(userModel);
                    return string2;
                }
                userModel.errorLock();
                int i = 501;
                if (userModel.getPwdErrorCount() > INPUT_CODE_ERROR_COUNT) {
                    i = 600;
                }
                ipError();
                String string3 = JsonMessage.getString(i, "登录失败，请输入正确的密码和账号,多次失败将锁定账号");
                this.userService.updateItem(userModel);
                return string3;
            } catch (Throwable th) {
                this.userService.updateItem(userModel);
                throw th;
            }
        }
    }

    @RequestMapping(value = {"logout"}, method = {RequestMethod.GET}, produces = {"text/html"})
    public String logout() throws IOException {
        getSession().invalidate();
        return BaseJpomInterceptor.getRedirect(getRequest(), "/index.html");
    }
}
