package com.whyc.service;

import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import com.whyc.dto.Response;
import com.whyc.dto.UserLoginInfo;
import com.whyc.mapper.MenuMapper;
import com.whyc.mapper.RoleMenuMapper;
import com.whyc.mapper.UserMapper;
import com.whyc.pojo.Menu;
import com.whyc.pojo.User;
import com.whyc.util.DigestsUtil;
import com.whyc.util.ShiroUtil;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.DisabledAccountException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Service;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import java.util.List;
import java.util.Map;

@Service
public class LoginService {
    @Resource
    private UserMapper userMapper;

    @Resource
    private MenuMapper menuMapper;

    @Resource
    private RoleMenuMapper roleMenuMapper;

    public Response login(String userName, String password, HttpServletRequest request) {
        UsernamePasswordToken userToken = new UsernamePasswordToken(userName, password);
        Subject subject = SecurityUtils.getSubject();
        try {
            subject.login(userToken);
        }catch (UnknownAccountException e) {
            return new Response<>().set(0,false,"账号不存在");
        }catch (IncorrectCredentialsException e) {
            return new Response<>().set(0,false,"密码错误");
        }catch (DisabledAccountException e){
            return new Response<>().set(0,false,"冻结用户");
        }catch (Exception e){
            e.printStackTrace();
            return new Response<>().set(0,false,"其他异常");
        }
        if (subject.isAuthenticated()){
            //每个登录的用户都有一个全局变量,里面存着对应的SessionId;
            //同一个账号,后面登录的,会挤掉之前登录的SessionId
            System.out.println("全局存储中当前SessionId为:"+request.getSession().getId());
            request.getServletContext().setAttribute(userName,request.getSession().getId());
            //存储当前用户
            request.getSession().setAttribute("user",userName);
            QueryWrapper<User> queryWrapper = Wrappers.query();
            queryWrapper.eq("name",userName);
            User user = userMapper.selectOne(queryWrapper);

            List<Menu> menus = roleMenuMapper.getUserMenu(user.getId());
            UserLoginInfo info = new UserLoginInfo();
            info.setUsername(userName);
            info.setTimestamp(System.currentTimeMillis());
            info.setUser(user);
            if ("superadmin".equals(user.getName())){
                List<Menu> menuList = menuMapper.selectList(null);
                info.setMenus(menuList);
            }else{
                info.setMenus(menus);
            }
            return new Response<>().set(1,info);
        }
        return new Response<>().set(0,false);
    }

    public void logout() {
        Subject subject = SecurityUtils.getSubject();
        subject.logout();
    }
}