package com.hhzt.cloud.admin.interceptor;

import com.hhzt.cloud.admin.model.LoginUserInfo;
import com.hhzt.cloud.admin.util.SecurityUtil;
import com.jeesuite.spring.helper.EnvironmentHelper;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

/* loaded from: input_file:com/hhzt/cloud/admin/interceptor/SecurityInterceptor.class */
public class SecurityInterceptor implements HandlerInterceptor {
    private static String notloginRspJson = "{\"code\": 401,\"msg\":\"401 Unauthorized\"}";
    private static String ipForbiddenRspJson = "{\"code\": 403,\"msg\":\"ipForbidden\"}";
    private static List<String> ipWhiteList = new ArrayList();
    private boolean extranetEnabled = Boolean.parseBoolean(EnvironmentHelper.getProperty("api.extranet.enabled"));
    private boolean ipfilterEnabled = Boolean.parseBoolean(EnvironmentHelper.getProperty("safe.ipfilter.enabled"));

    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        String ipAddr = getIpAddr(httpServletRequest);
        boolean z = ipAddr.startsWith("127") || ipAddr.startsWith("192.168") || ipAddr.startsWith("10.");
        SecurityUtil.getOperateLog().setIpAddr(ipAddr);
        SecurityUtil.getOperateLog().setActName(httpServletRequest.getRequestURI());
        if (httpServletRequest.getRequestURI().startsWith("/api")) {
            if (this.extranetEnabled || z) {
                return true;
            }
            responseOutWithJson(httpServletResponse, "{\"code\": 403,\"msg\":\"禁止外网访问\"}");
            return false;
        }
        if (this.ipfilterEnabled && !z && !ipWhiteList.contains(ipAddr)) {
            responseOutWithJson(httpServletResponse, ipForbiddenRspJson);
            return false;
        }
        LoginUserInfo loginUserInfo = SecurityUtil.getLoginUserInfo();
        if (loginUserInfo != null) {
            SecurityUtil.getOperateLog().setUid(Integer.valueOf(loginUserInfo.getId()));
            SecurityUtil.getOperateLog().setUname(loginUserInfo.getName());
            return true;
        }
        if (isAjax(httpServletRequest)) {
            responseOutWithJson(httpServletResponse, notloginRspJson);
            return false;
        }
        httpServletResponse.sendRedirect(httpServletRequest.getContextPath() + "/login.html");
        return false;
    }

    public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, ModelAndView modelAndView) throws Exception {
    }

    public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, Exception exc) throws Exception {
        SecurityUtil.clearOperateLogHolder();
    }

    private boolean isAjax(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getHeader("X-Requested-With") != null && "XMLHttpRequest".equals(httpServletRequest.getHeader("X-Requested-With").toString());
    }

    private void responseOutWithJson(HttpServletResponse httpServletResponse, String str) {
        httpServletResponse.setCharacterEncoding("UTF-8");
        httpServletResponse.setContentType("application/json; charset=utf-8");
        PrintWriter printWriter = null;
        try {
            try {
                printWriter = httpServletResponse.getWriter();
                printWriter.append((CharSequence) str);
                if (printWriter != null) {
                    printWriter.close();
                }
            } catch (IOException e) {
                e.printStackTrace();
                if (printWriter != null) {
                    printWriter.close();
                }
            }
        } catch (Throwable th) {
            if (printWriter != null) {
                printWriter.close();
            }
            throw th;
        }
    }

    private static String getIpAddr(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader("x-forwarded-for");
        if (header == null || header.length() == 0 || "unknown".equalsIgnoreCase(header)) {
            header = httpServletRequest.getHeader("Proxy-Client-IP");
        }
        if (header == null || header.length() == 0 || "unknown".equalsIgnoreCase(header)) {
            header = httpServletRequest.getHeader("WL-Proxy-Client-IP");
        }
        if (header == null || header.length() == 0 || "unknown".equalsIgnoreCase(header)) {
            header = httpServletRequest.getRemoteAddr();
        }
        return header;
    }

    public static synchronized void setIpWhiteList(String str) {
        ipWhiteList.clear();
        if (StringUtils.isBlank(str)) {
            return;
        }
        ipWhiteList.addAll(Arrays.asList(str.split(",|;|，")));
    }
}
