package com.whyc.filter;

import com.google.gson.Gson;
import com.whyc.constant.OperationLogEnum;
import com.whyc.constant.YamlProperties;
import com.whyc.dto.Response;
import com.whyc.pojo.db_user.User;
import com.whyc.util.CommonUtil;
import com.whyc.util.JsonUtil;

import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * 权限验证
 */
@WebFilter
public class AccessFilter implements Filter {
    @Override
    public void init(FilterConfig filterConfig) throws ServletException {

    }

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {

        HttpServletRequest request = (HttpServletRequest) servletRequest;
        HttpServletResponse response = (HttpServletResponse) servletResponse;

        String requestURI = request.getRequestURI();
        String servletPath = request.getServletPath();

        if(YamlProperties.profileType.equals("prod")) {
            //用户需要登录
            User user = (User) request.getSession().getAttribute("user");
            //无需登录可以调用接口放行
            if (!(requestURI.contains(".")&& !requestURI.contains("pis_file"))  && !servletPath.equals("/") &&
                    (!
                        (
                            //登录页面接口
                            requestURI.contains("login/login")
                            || requestURI.contains("loginByRSA")
                            || requestURI.contains("logout")
                            //WebSocket-账号其他主机登录
                            || requestURI.contains("loginCheck")
                            //软件升级申请请求
                            || requestURI.contains("software/upgradeApply")
                             //验证码
                            || requestURI.contains("message/getFontDynamicCode")
                            //获取心跳
                             || request.getMethod().toUpperCase().equals("heart/getCookie")
                            //options请求
                            || request.getMethod().toUpperCase().equals("OPTIONS")
                        ))) {
                if (user == null) {
                    //越权访问
                    CommonUtil.record(OperationLogEnum.TYPE_1_SYS.getType(),
                            OperationLogEnum.TYPE_2_UNAUTHORIZED_ACCESS.getType(),
                            "越权访问",
                            "越权访问接口:" + requestURI);
                    //越权访问
                    response.setStatus(401);
                    response.setContentType("text/html;charset=utf-8");
                    response.getWriter().write("非法请求，身份未验证");
                    return;
                }else{
                        //越权访问
                        CommonUtil.record(OperationLogEnum.TYPE_1_SYS.getType(),
                                OperationLogEnum.TYPE_2_UNAUTHORIZED_ACCESS.getType(),
                                "越权访问",
                                "越权访问接口:" + requestURI);
                        response.setStatus(200);
                        Response<Object> response1 = new Response<>();
                        response1.set(1, false,"非法请求，当前用户没有权限访问");
                        Gson gson = JsonUtil.getGson();
                        String json = gson.toJson(response1);
                        response.setContentType("application/json;charset=utf-8");

                        response.getWriter().write(json);
                        //response.getWriter().write("非法请求，当前用户没有权限访问");
                        return;

                }
            }
        }

        filterChain.doFilter(servletRequest, servletResponse);
    }

    private int count(String target,char charValue){
        int count = 0;
        for (char ch : target.toCharArray()){
            if(charValue == ch){
                count++;
            }
        }
        return count;
    }


    @Override
    public void destroy() {

    }
}