package net.codestory.http.filters.auth;

import java.io.IOException;
import java.util.concurrent.TimeUnit;
import net.codestory.http.constants.Methods;
import net.codestory.http.filters.Filter;
import net.codestory.http.filters.PayloadSupplier;
import net.codestory.http.internal.Context;
import net.codestory.http.payload.Payload;
import net.codestory.http.security.SessionIdStore;
import net.codestory.http.security.Users;
import org.apache.commons.lang3.RandomStringUtils;
import org.simpleframework.http.Cookie;

/* loaded from: input_file:net/codestory/http/filters/auth/CookieAuthFilter.class */
public class CookieAuthFilter implements Filter {
    private static final int ONE_DAY = (int) TimeUnit.DAYS.toSeconds(1);
    private final String uriPrefix;
    private final Users users;
    private final SessionIdStore sessionIdStore;
    private final String[] ignoreExtensions;

    public CookieAuthFilter(String str, Users users) {
        this(str, users, SessionIdStore.inMemory(), ".ico", ".jpeg", ".jpg", ".gif", ".png", ".svg", ".eot", ".ttf", ".woff");
    }

    public CookieAuthFilter(String str, Users users, SessionIdStore sessionIdStore, String... strArr) {
        this.uriPrefix = str;
        this.users = users;
        this.sessionIdStore = sessionIdStore;
        this.ignoreExtensions = strArr;
    }

    @Override // net.codestory.http.filters.Filter
    public Payload apply(String str, Context context, PayloadSupplier payloadSupplier) throws IOException {
        String login;
        if (!str.startsWith(this.uriPrefix)) {
            return payloadSupplier.get();
        }
        for (String str2 : this.ignoreExtensions) {
            if (str.endsWith(str2)) {
                return payloadSupplier.get();
            }
        }
        String method = context.method();
        if (str.equals("/auth/login") && method.equals(Methods.GET)) {
            return payloadSupplier.get();
        }
        if (str.equals("/auth/signin") && method.equals(Methods.POST)) {
            String str3 = context.get("login");
            return this.users.find(str3, context.get("password")) == null ? Payload.seeOther("/auth/login.html") : Payload.seeOther("/").withCookie(loginCookie(str3)).withCookie(sessionCookie(create(str3)));
        }
        if (str.equals("/auth/signout") && method.equals(Methods.GET)) {
            this.sessionIdStore.remove(context.cookieValue("sessionId", ""));
            return Payload.seeOther("/?signout").withCookie(loginCookie(null)).withCookie(sessionCookie(null));
        }
        String cookieValue = context.cookieValue("sessionId");
        if (cookieValue == null || (login = this.sessionIdStore.getLogin(cookieValue)) == null) {
            return Payload.seeOther("/auth/login").withCookie(loginCookie(null)).withCookie(sessionCookie(null));
        }
        context.setCurrentUser(this.users.find(login));
        return payloadSupplier.get();
    }

    private String create(String str) {
        String random = RandomStringUtils.random(32, true, true);
        this.sessionIdStore.put(random, str);
        return random;
    }

    private static Cookie loginCookie(String str) {
        return expire(new Cookie("login", str, "/", true));
    }

    private static Cookie sessionCookie(String str) {
        return expire(new Cookie("sessionId", str, "/", true));
    }

    private static Cookie expire(Cookie cookie) {
        cookie.setExpiry(ONE_DAY);
        cookie.setDomain((String) null);
        cookie.setSecure(false);
        return cookie;
    }
}
