package org.jsets.shiro.filter;

import java.io.IOException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;
import org.jsets.shiro.config.ShiroProperties;
import org.jsets.shiro.service.ShiroAccountProvider;

/* loaded from: input_file:org/jsets/shiro/filter/JsetsUserFilter.class */
public class JsetsUserFilter extends JsetsAccessControlFilter {
    private ShiroAccountProvider accountService;

    protected boolean isAccessAllowed(ServletRequest servletRequest, ServletResponse servletResponse, Object obj) throws IOException {
        if (isLoginRequest(servletRequest, servletResponse)) {
            return true;
        }
        Subject subject = getSubject(servletRequest, servletResponse);
        if (subject.getPrincipal() == null) {
            return false;
        }
        Session session = subject.getSession();
        if (null != session.getAttribute(ShiroProperties.ATTRIBUTE_SESSION_CURRENT_USER)) {
            return true;
        }
        try {
            session.setAttribute(ShiroProperties.ATTRIBUTE_SESSION_CURRENT_USER, this.accountService.loadAccount((String) subject.getPrincipal()));
            return true;
        } catch (AuthenticationException e) {
            subject.logout();
            return true;
        }
    }

    protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        return respondLogin(servletRequest, servletResponse);
    }

    public void setAccountService(ShiroAccountProvider shiroAccountProvider) {
        this.accountService = shiroAccountProvider;
    }
}
