package com.fd.controller;

import com.fd.constant.MsgCode;
import com.fd.entity.UserEntity;
import com.fd.repository.UserRepository;
import com.fd.shiro.JWTUtil;
import com.fd.util.R;
import io.swagger.annotations.Api;
import lombok.extern.log4j.Log4j2;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authz.UnauthorizedException;
import org.apache.shiro.authz.annotation.Logical;
import org.apache.shiro.authz.annotation.RequiresAuthentication;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.http.HttpStatus;
import org.springframework.web.bind.annotation.*;
import springfox.documentation.annotations.ApiIgnore;

import javax.servlet.http.HttpServletRequest;
import java.util.HashMap;
import java.util.concurrent.TimeUnit;

/**
 * Created by Owen on 2019/11/11 0011 16:50
 */
@Api(tags = "用户模块")
@Log4j2
@RestController
public class UserController {

    @Autowired
    private UserRepository userRepository;

    @Autowired
    private RedisTemplate redisTemplate;

    private static final String SALT = "cesium_";

    @PostMapping("/login")
    public R login(@RequestParam("username") String username,
                   @RequestParam("password") String password) {
        log.warn("run login , username:{}, password:{}", username, password);
        UserEntity user = userRepository.findByUsername(username);
        if (user == null) {
            return new R(53000, MsgCode.U53000);
        }
        if (!password.equals(user.getPassword())) {
            // 密码不相等
            throw new UnauthorizedException("error");
        }

        // 创建新token
        String token = JWTUtil.sign(username, password);

        // 更新到 redis, 有效期24, 旧token无效
        redisTemplate.opsForValue().set(user.getUsername(), token, Long.parseLong("24"), TimeUnit.HOURS);
        log.info("token: {}", token);

        HashMap<Object, Object> resultMap = new HashMap<>();
        resultMap.put("token", token);
        resultMap.put("userName", username);

        log.warn("end login");
        return new R(200, resultMap);
    }



    @GetMapping("/logout")
    public R logout(HttpServletRequest request) {
        log.info("run logout");

        String token = request.getHeader("Authorization");
        String username = JWTUtil.getUsername(token);

        String redisToken = (String) redisTemplate.opsForValue().get(username);
        // token username 一致，代表没有被踢出
        if (username.equals(redisToken)) {
            redisTemplate.delete(username);
        }

        log.info("end logout");
        return new R(200, MsgCode.SUCCESS);
    }

    /**
     * 所用用户都可以查看，但登陆跟不登录看到的东西不一样
     *
     * 用postman 模拟请求头，Authorization
     */
    @ApiIgnore
    @GetMapping("free")
    private R free(){
        log.info("run free");

        Subject subject = SecurityUtils.getSubject();
        if (!subject.isAuthenticated()) {
            log.info("没有登录， 游客模式………………");
            return new R(200, "没有登录， 游客模式………………");
        }

        log.info("已经登录， 登录模式………………");
        return new R(200, "已经登录， 登录模式………………");

    }

    @ApiIgnore
    @GetMapping("free1")
    private R free1(HttpServletRequest req){
        log.info("run free");
        String authorization = req.getHeader("Authorization");
        log.info("TOKEN: {}", authorization);
//        Subject subject = SecurityUtils.getSubject();
//        if (!subject.isAuthenticated()) {
//            log.info("没有登录， 游客模式………………");
//            return new R(200, "没有登录， 游客模式………………");
//        }

        log.info("已经登录， 登录模式………………");
        return new R(200, "已经登录， 登录模式………………");

    }

    /**
     * 只用登录用户才能访问
     */
    @ApiIgnore
    @GetMapping("/auth/a")
    @RequiresAuthentication
    public R requireAuth() {
        log.info("run requireAuth");
        userRepository.findAll();
        log.info("end requireAuth");
        return new R(200, "已经登录， 登录模式………………");
    }

    @ApiIgnore
    @GetMapping("/auth/k")
    @RequiresAuthentication
    public R list() {
        log.info("run test list");
        userRepository.findAll();
        log.info("end test list");
        return new R(200, "111");
    }

    /**
     * 需要登录
     * 只有admin角色可以看
     */
    @ApiIgnore
    @GetMapping("/auth/role")
    @RequiresRoles("admin")
    public R requireRole() {
        return new R(200, "只有admin 可以访问");
    }


    /**
     * 需要登录
     * 需要有view和edit 权限才可以看
     */
    @ApiIgnore
    @GetMapping("/auth/edit")
    @RequiresPermissions(logical = Logical.AND, value = {"view", "edit"})
    public R requirePermission() {
        return new R(200, "你拥有view、 edit的权限");
    }

    /**
     * 需要登录
     * 只要有view 权限都可以看
     */
    @ApiIgnore
    @GetMapping("/auth/view")
    @RequiresPermissions(logical = Logical.AND, value = {"view"})
    public R requirePermissionView() {
        return new R(200, "你拥有view的权限");
    }

    @ApiIgnore
    @RequestMapping(path = "/401")
    @ResponseStatus(HttpStatus.UNAUTHORIZED)
    public R unauthorized() {
        return new R(40001, "Unauthorized");
    }




}