package com.dtyunxi.cube.starter.api.auth;

import com.dtyunxi.app.ServiceContext;
import com.dtyunxi.util.SpringBeanUtil;
import java.io.PrintWriter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.servlet.HandlerInterceptor;

/* loaded from: input_file:com/dtyunxi/cube/starter/api/auth/ApiAuthInterceptor.class */
public class ApiAuthInterceptor implements HandlerInterceptor {
    private static final Logger logger = LoggerFactory.getLogger(ApiAuthInterceptor.class);
    private Boolean isAuth;
    private final String module;
    private IApiValidateApi apiQueryApi;
    private static final String MSG_USER_UNAUTHORIZED = "{\"resultCode\":401,\"resultMsg\":\"user unauthorized\"}";
    private static final String MSG_API_NOT_ALLOWED = "{\"resultCode\":403,\"resultMsg\":\"api not allowed\"}";

    public ApiAuthInterceptor(boolean z, String str) {
        this.isAuth = false;
        this.isAuth = Boolean.valueOf(z);
        this.module = str;
    }

    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        if (!this.isAuth.booleanValue()) {
            logger.debug("关闭接口鉴权");
            return true;
        }
        String replace = httpServletRequest.getRequestURI().replace(httpServletRequest.getContextPath(), "");
        String method = httpServletRequest.getMethod();
        if ("OPTIONS".equals(method)) {
            return true;
        }
        ApiValidateDto apiValidateDto = new ApiValidateDto();
        apiValidateDto.setUserId(ServiceContext.getContext().getRequestUserId());
        apiValidateDto.setModule(this.module);
        apiValidateDto.setPath(replace);
        apiValidateDto.setMethod(method);
        logger.debug("-----> 接口鉴权：context={}, path={}, method={}", new Object[]{this.module, replace, method});
        if (this.apiQueryApi == null) {
            this.apiQueryApi = (IApiValidateApi) SpringBeanUtil.getBean(IApiValidateApi.class);
        }
        Boolean bool = (Boolean) this.apiQueryApi.validate(apiValidateDto).getData();
        logger.debug("-----> 接口鉴权：result={}", bool);
        if (bool.booleanValue()) {
            return true;
        }
        httpServletResponse.setStatus(apiValidateDto.getUserId() == null ? 401 : 403);
        PrintWriter writer = httpServletResponse.getWriter();
        writer.append((CharSequence) (apiValidateDto.getUserId() == null ? MSG_USER_UNAUTHORIZED : MSG_API_NOT_ALLOWED));
        writer.close();
        return false;
    }
}
