package wiki.thin.web.controller.admin;

import java.util.Optional;
import java.util.UUID;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.validation.Valid;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.bind.annotation.PutMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import wiki.thin.constant.ConfigConstant;
import wiki.thin.entity.User;
import wiki.thin.mapper.UserMapper;
import wiki.thin.security.OnlineUserManager;
import wiki.thin.security.annotation.NeedAuth;
import wiki.thin.security.remember.RememberMeService;
import wiki.thin.service.AppConfigService;
import wiki.thin.service.PasswordService;
import wiki.thin.web.controller.BaseController;
import wiki.thin.web.vo.ChangePasswordVO;
import wiki.thin.web.vo.ResponseVO;

@RequestMapping({"/api/admin/user"})
@RestController
@NeedAuth
/* loaded from: input_file:wiki/thin/web/controller/admin/UserAdminController.class */
public class UserAdminController extends BaseController {
    private static final Logger log = LoggerFactory.getLogger(UserAdminController.class);
    private final UserMapper userMapper;
    private final PasswordService passwordService;
    private final RememberMeService rememberMeService;
    private final AppConfigService appConfigService;
    private final OnlineUserManager onlineUserManager;

    public UserAdminController(UserMapper userMapper, PasswordService passwordService, RememberMeService rememberMeService, AppConfigService appConfigService, OnlineUserManager onlineUserManager) {
        this.userMapper = userMapper;
        this.passwordService = passwordService;
        this.rememberMeService = rememberMeService;
        this.appConfigService = appConfigService;
        this.onlineUserManager = onlineUserManager;
    }

    @PutMapping({"/password"})
    public ResponseVO changePass(@Valid @RequestBody ChangePasswordVO changePasswordVO, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Optional<User> findByAccount = this.userMapper.findByAccount(currentAccount());
        if (findByAccount.isEmpty()) {
            return ResponseVO.error("用户不存在");
        }
        User user = findByAccount.get();
        if (!this.passwordService.checkPassword(changePasswordVO.getOldPassword(), user.getPassword())) {
            log.warn("[{}] pass error", user.getAccount());
            return ResponseVO.error("旧密码错误");
        }
        this.userMapper.updatePassword(user.getId(), this.passwordService.encode(changePasswordVO.getNewPassword()));
        this.rememberMeService.logout(httpServletRequest, httpServletResponse);
        this.appConfigService.updateSysConfig(ConfigConstant.SYS_REMEMBER_ME_SECRET_KEY, UUID.randomUUID().toString());
        this.onlineUserManager.clearAll();
        return ResponseVO.success();
    }
}
