package org.apache.dolphinscheduler.api.controller;

import io.swagger.annotations.Api;
import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiImplicitParams;
import io.swagger.annotations.ApiOperation;
import java.util.Map;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.apache.dolphinscheduler.api.aspect.AccessLogAnnotation;
import org.apache.dolphinscheduler.api.configuration.AppConfiguration;
import org.apache.dolphinscheduler.api.enums.Status;
import org.apache.dolphinscheduler.api.exceptions.ApiException;
import org.apache.dolphinscheduler.api.security.Authenticator;
import org.apache.dolphinscheduler.api.service.SessionService;
import org.apache.dolphinscheduler.api.utils.Result;
import org.apache.dolphinscheduler.dao.entity.User;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestAttribute;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import springfox.documentation.annotations.ApiIgnore;

@Api(tags = {"LOGIN_TAG"})
@RequestMapping({""})
@RestController
/* loaded from: input_file:org/apache/dolphinscheduler/api/controller/LoginController.class */
public class LoginController extends BaseController {

    @Autowired
    private SessionService sessionService;

    @Autowired
    private Authenticator authenticator;

    @PostMapping({AppConfiguration.LOGIN_PATH_PATTERN})
    @ApiException(Status.USER_LOGIN_FAILURE)
    @ApiImplicitParams({@ApiImplicitParam(name = "userName", value = "USER_NAME", required = true, dataTypeClass = String.class), @ApiImplicitParam(name = "userPassword", value = "USER_PASSWORD", required = true, dataTypeClass = String.class)})
    @ApiOperation(value = "login", notes = "LOGIN_NOTES")
    @AccessLogAnnotation(ignoreRequestArgs = {"userPassword", "request", "response"})
    public Result login(@RequestParam("userName") String str, @RequestParam("userPassword") String str2, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (StringUtils.isEmpty(str)) {
            return error(Integer.valueOf(Status.USER_NAME_NULL.getCode()), Status.USER_NAME_NULL.getMsg());
        }
        String clientIpAddress = getClientIpAddress(httpServletRequest);
        if (StringUtils.isEmpty(clientIpAddress)) {
            return error(Integer.valueOf(Status.IP_IS_EMPTY.getCode()), Status.IP_IS_EMPTY.getMsg());
        }
        Result<Map<String, String>> authenticate = this.authenticator.authenticate(str, str2, clientIpAddress);
        if (authenticate.getCode().intValue() != Status.SUCCESS.getCode()) {
            return authenticate;
        }
        httpServletResponse.setStatus(200);
        for (Map.Entry<String, String> entry : authenticate.getData().entrySet()) {
            Cookie cookie = new Cookie(entry.getKey(), entry.getValue());
            cookie.setHttpOnly(true);
            httpServletResponse.addCookie(cookie);
        }
        return authenticate;
    }

    @PostMapping({"/signOut"})
    @ApiException(Status.SIGN_OUT_ERROR)
    @ApiOperation(value = "signOut", notes = "SIGNOUT_NOTES")
    @AccessLogAnnotation(ignoreRequestArgs = {"loginUser", "request"})
    public Result signOut(@ApiIgnore @RequestAttribute("session.user") User user, HttpServletRequest httpServletRequest) {
        this.sessionService.signOut(getClientIpAddress(httpServletRequest), user);
        httpServletRequest.removeAttribute("session.user");
        return success();
    }
}
