package cn.com.qmth.print.manage.service;

import java.util.HashMap;
import java.util.Map;

import org.apache.commons.lang3.RandomStringUtils;
import org.springframework.beans.factory.annotation.Autowired;

import cn.com.qmth.print.manage.entity.UserEntity;
import cn.com.qmth.print.manage.vo.UserVo;

import com.qmth.boot.api.constant.ApiConstant;
import com.qmth.boot.core.exception.StatusException;
import com.qmth.boot.core.security.annotation.AuthorizationComponent;
import com.qmth.boot.core.security.service.AuthorizationService;
import com.qmth.boot.tools.signature.SignatureType;

@AuthorizationComponent(prefix = ApiConstant.DEFAULT_URI_PREFIX)
public class AuthService implements AuthorizationService<PmSession> {

    private Map<String, String> userMap = new HashMap<String, String>();

    @Autowired
    private UserService userService;

    public UserVo login(String loginName, String password) {
        UserEntity entity = userService.findByLoginName(loginName);
        if (entity == null) {
            throw new StatusException("用户不存在");
        }
        if (!entity.getPassword().equals(password)) {
            throw new StatusException("密码不正确");
        }
        if (!entity.isEnable()) {
            throw new StatusException("用户被禁用");
        }
        UserVo user = new UserVo(entity);
        String token = RandomStringUtils.randomAlphanumeric(32);
        userMap.put(user.buildKey(), token);
        user.setToken(token);
        return user;
    }

    public void logout(PmSession accessEntity) {
        userMap.remove(accessEntity.getIdentity());
    }

    @Override
    public PmSession findByIdentity(String identity, SignatureType type, String path) {
        return new PmSession(identity, userMap.get(identity));
    }

    @Override
    public boolean hasPermission(PmSession accessEntity, String path) {
        return true;
    }

}