package com.ebaiyihui.server.shiro.realm;

import com.ebaiyihui.common.pojo.AccountEntity;
import com.ebaiyihui.server.conmon.enums.ErrorEnum;
import com.ebaiyihui.server.conmon.enums.LoginDeviceType;
import com.ebaiyihui.server.conmon.enums.LoginType;
import com.ebaiyihui.server.loginbusiness.LoginProcess;
import com.ebaiyihui.server.service.AccountService;
import com.ebaiyihui.server.util.DateUtils;
import com.ebaiyihui.server.util.PasswordUtil;
import com.ebaiyihui.server.util.RSAUtils;
import com.ebaiyihui.server.util.RedisUtil;
import com.ebaiyihui.server.vo.LoginRequestVo;
import java.util.concurrent.TimeUnit;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.DisabledAccountException;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.session.mgt.AbstractSessionManager;
import org.apache.shiro.subject.PrincipalCollection;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;

/* loaded from: input_file:BOOT-INF/classes/com/ebaiyihui/server/shiro/realm/UserPasswordRealm.class */
public class UserPasswordRealm extends AuthorizingRealm {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) UserPasswordRealm.class);

    @Autowired
    private AccountService accountService;

    @Autowired
    private LoginProcess loginProcess;

    @Autowired
    private RedisUtil redisUtil;

    @Override // org.apache.shiro.realm.CachingRealm, org.apache.shiro.realm.Realm
    public String getName() {
        return LoginType.USER_PASSWORD.getType();
    }

    @Override // org.apache.shiro.realm.AuthenticatingRealm, org.apache.shiro.realm.Realm
    public boolean supports(AuthenticationToken authenticationToken) {
        return (authenticationToken instanceof UserToken) && ((UserToken) authenticationToken).getLoginType() == LoginType.USER_PASSWORD;
    }

    @Override // org.apache.shiro.realm.AuthorizingRealm
    public void setAuthorizationCacheName(String str) {
        super.setAuthorizationCacheName(str);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.shiro.realm.AuthorizingRealm
    public void clearCachedAuthorizationInfo(PrincipalCollection principalCollection) {
        super.clearCachedAuthorizationInfo(principalCollection);
    }

    @Override // org.apache.shiro.realm.AuthenticatingRealm
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        log.info("---------------- 用户密码登录 ----------------------");
        LoginRequestVo loginRequestVo = ((UserToken) authenticationToken).getLoginRequestVo();
        AccountEntity byAccountId = this.accountService.getByAccountId(loginRequestVo.getAccountNo(), loginRequestVo.getUserType(), loginRequestVo.getAppCode());
        if (null == byAccountId) {
            throw new UnknownAccountException(ErrorEnum.USER_NOT_EXIT.getMsg());
        }
        if (byAccountId.getDelFlag().equals(-1)) {
            throw new DisabledAccountException(ErrorEnum.DISABLED_USER.getMsg());
        }
        this.redisUtil.del("lock_" + byAccountId.getAccountId());
        Integer num = (Integer) this.redisUtil.get("lock_" + byAccountId.getAccountId());
        Long valueOf = Long.valueOf(this.redisUtil.getExpire("lock_" + byAccountId.getAccountId()) / 60);
        if (null != num) {
            throw new DisabledAccountException("账号已被锁定，请" + valueOf + "分钟后再尝试");
        }
        String str = "verCode_" + byAccountId.getAccountId();
        Long l = null;
        Integer num2 = null;
        Integer num3 = null;
        if (loginRequestVo.getLoginDeviceType().equals(LoginDeviceType.WEB)) {
            if (null == loginRequestVo.getVercodeKey() || null == loginRequestVo.getVercodeValue()) {
                throw new DisabledAccountException("请输入正确的图文验证码！");
            }
            if (!Boolean.valueOf(this.loginProcess.verifyVercode(loginRequestVo.getVercodeKey(), loginRequestVo.getVercodeValue())).booleanValue()) {
                Integer num4 = (Integer) this.redisUtil.get(str);
                if (null == num4) {
                    num3 = 1;
                } else if (0 < num4.intValue() && num4.intValue() < 4) {
                    num3 = Integer.valueOf(num4.intValue() + 1);
                } else if (num4.intValue() == 4) {
                    Integer num5 = (Integer) this.redisUtil.get("lockNum_" + byAccountId.getAccountId());
                    if (null != num5) {
                        switch (num5.intValue()) {
                            case 1:
                                l = Long.valueOf(AbstractSessionManager.DEFAULT_GLOBAL_SESSION_TIMEOUT);
                                num2 = 2;
                                break;
                            case 2:
                                l = 3600000L;
                                num2 = 3;
                                break;
                            case 3:
                                l = DateUtils.getNowToNextDaySeconds();
                                num2 = 4;
                                break;
                        }
                    } else {
                        l = 600000L;
                        num2 = 1;
                    }
                    this.redisUtil.set("lockNum_" + byAccountId.getAccountId(), num2, DateUtils.getNowToNextDaySeconds().longValue(), TimeUnit.MILLISECONDS);
                    this.redisUtil.set("lock_" + byAccountId.getAccountId(), num2, l.longValue(), TimeUnit.MILLISECONDS);
                    this.redisUtil.del(str);
                    throw new DisabledAccountException("图文验证码连续校验失败五次，账号已被锁定，请在" + ((l.longValue() / 1000) / 60) + "分钟后再次尝试");
                }
                this.redisUtil.set(str, num3, DateUtils.getNowToNextDaySeconds().longValue(), TimeUnit.MILLISECONDS);
                throw new DisabledAccountException(ErrorEnum.VERCODE_ERROR.getMsg());
            }
            this.redisUtil.del(str);
        }
        if (-1 == byAccountId.getDelFlag().intValue()) {
            throw new DisabledAccountException(ErrorEnum.DISABLED_ACCOUNT.getMsg());
        }
        if (byAccountId.getStatus().intValue() == -1) {
            throw new DisabledAccountException("账户状态异常");
        }
        if (PasswordUtil.mix(RSAUtils.decode(loginRequestVo.getPassword()), byAccountId.getSalt()).equals(byAccountId.getPassword())) {
            this.redisUtil.del("pwd_" + byAccountId.getAccountId());
            return new SimpleAuthenticationInfo(byAccountId.getLoginName(), byAccountId.getPassword(), getName());
        }
        Integer num6 = null;
        Integer num7 = (Integer) this.redisUtil.get("pwd_" + byAccountId.getAccountId());
        if (null == num7) {
            num6 = 1;
        } else if (0 < num7.intValue() && num7.intValue() < 4) {
            num6 = Integer.valueOf(num7.intValue() + 1);
        } else if (4 == num7.intValue()) {
            Integer num8 = (Integer) this.redisUtil.get("lockNum_" + byAccountId.getAccountId());
            if (null != num8) {
                switch (num8.intValue()) {
                    case 1:
                        l = Long.valueOf(AbstractSessionManager.DEFAULT_GLOBAL_SESSION_TIMEOUT);
                        num2 = 2;
                        break;
                    case 2:
                        l = 3600000L;
                        num2 = 3;
                        break;
                    case 3:
                        l = DateUtils.getNowToNextDaySeconds();
                        num2 = 4;
                        break;
                }
            } else {
                l = 600000L;
                num2 = 1;
            }
            this.redisUtil.set("lockNum_" + byAccountId.getAccountId(), num2, DateUtils.getNowToNextDaySeconds().longValue(), TimeUnit.MILLISECONDS);
            this.redisUtil.set("lock_" + byAccountId.getAccountId(), num2, l.longValue(), TimeUnit.MILLISECONDS);
            this.redisUtil.del("pwd_" + byAccountId.getAccountId());
            throw new DisabledAccountException("密码连续校验失败五次，账号已被锁定，请在" + ((l.longValue() / 1000) / 60) + "分钟后再次尝试");
        }
        this.redisUtil.set("pwd_" + byAccountId.getAccountId(), num6, DateUtils.getNowToNextDaySeconds().longValue(), TimeUnit.MILLISECONDS);
        throw new DisabledAccountException(ErrorEnum.INVALID_PASSWORD.getMsg());
    }

    @Override // org.apache.shiro.realm.AuthorizingRealm
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        return null;
    }
}
