package org.molgenis.omx.auth.controller;

import java.util.List;
import java.util.UUID;
import javax.validation.Valid;
import javax.validation.constraints.NotNull;
import org.molgenis.framework.db.Database;
import org.molgenis.framework.db.DatabaseAccessException;
import org.molgenis.framework.db.DatabaseException;
import org.molgenis.framework.db.QueryRule;
import org.molgenis.omx.auth.Institute;
import org.molgenis.omx.auth.MolgenisUser;
import org.molgenis.omx.auth.PersonRole;
import org.molgenis.omx.auth.service.AccountService;
import org.molgenis.omx.auth.service.CaptchaService;
import org.molgenis.omx.auth.vo.CaptchaRequest;
import org.molgenis.omx.auth.vo.PasswordResetRequest;
import org.molgenis.omx.auth.vo.RegisterRequest;
import org.molgenis.util.CountryCodes;
import org.molgenis.util.HandleRequestDelegationException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.http.HttpStatus;
import org.springframework.stereotype.Controller;
import org.springframework.validation.BindException;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseStatus;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.support.ServletUriComponentsBuilder;
import org.springframework.web.servlet.view.UrlBasedViewResolver;

@RequestMapping({"/account"})
@Controller
/* loaded from: input_file:WEB-INF/lib/molgenis-omx-auth-0.0.1.jar:org/molgenis/omx/auth/controller/AccountController.class */
public class AccountController {

    @Autowired
    private Database database;

    @Autowired
    @Qualifier("unauthorizedDatabase")
    private Database unauthorizedDatabase;

    @Autowired
    private AccountService accountService;

    @Autowired
    private CaptchaService captchaService;

    @RequestMapping(value = {"/login"}, method = {RequestMethod.GET})
    public String getLoginForm() {
        return "login-modal";
    }

    @RequestMapping(value = {"/register"}, method = {RequestMethod.GET})
    public ModelAndView getRegisterForm() throws DatabaseException {
        ModelAndView modelAndView = new ModelAndView("register-modal");
        modelAndView.addObject("institutes", this.unauthorizedDatabase.find(Institute.class, new QueryRule[0]));
        modelAndView.addObject("personroles", this.unauthorizedDatabase.find(PersonRole.class, new QueryRule[0]));
        modelAndView.addObject("countries", CountryCodes.get());
        return modelAndView;
    }

    @RequestMapping(value = {"/password/reset"}, method = {RequestMethod.GET})
    public String getPasswordResetForm() {
        return "resetpassword-modal";
    }

    @RequestMapping(value = {"/login"}, method = {RequestMethod.POST})
    @ResponseStatus(HttpStatus.NO_CONTENT)
    public void loginUser(@RequestParam("username") String str, @RequestParam("password") String str2) throws HandleRequestDelegationException, Exception {
        if (!this.database.getLogin().login(this.database, str, str2)) {
            throw new DatabaseAccessException("Login failed: username or password unknown");
        }
    }

    @RequestMapping(value = {"/logout"}, method = {RequestMethod.GET})
    public String logoutUser() throws Exception {
        this.database.getLogin().logout(this.database);
        this.database.getLogin().reload(this.database);
        return UrlBasedViewResolver.REDIRECT_URL_PREFIX + ServletUriComponentsBuilder.fromCurrentContextPath().build().toUriString();
    }

    @RequestMapping(value = {"/register"}, method = {RequestMethod.POST}, headers = {"Content-Type=application/x-www-form-urlencoded"})
    @ResponseStatus(HttpStatus.NO_CONTENT)
    public void registerUser(@Valid @ModelAttribute RegisterRequest registerRequest, @Valid @ModelAttribute CaptchaRequest captchaRequest) throws DatabaseException, CaptchaService.CaptchaException, BindException {
        if (!this.captchaService.validateCaptcha(captchaRequest.getCaptcha())) {
            throw new CaptchaService.CaptchaException("invalid captcha answer");
        }
        if (!registerRequest.getPassword().equals(registerRequest.getConfirmPassword())) {
            throw new BindException(RegisterRequest.class, "password does not match confirm password");
        }
        this.accountService.createUser(toMolgenisUser(registerRequest), ServletUriComponentsBuilder.fromCurrentContextPath().path("/account/activate").build().toUri());
    }

    @RequestMapping(value = {"/activate/{activationCode}"}, method = {RequestMethod.GET})
    public String activateUser(@PathVariable @NotNull @Valid String str) throws DatabaseException {
        this.accountService.activateUser(str);
        return UrlBasedViewResolver.REDIRECT_URL_PREFIX + ServletUriComponentsBuilder.fromCurrentContextPath().build().toUriString();
    }

    @RequestMapping(value = {"/password/reset"}, method = {RequestMethod.POST}, headers = {"Content-Type=application/x-www-form-urlencoded"})
    @ResponseStatus(HttpStatus.NO_CONTENT)
    public void resetPassword(@Valid @ModelAttribute PasswordResetRequest passwordResetRequest) throws DatabaseException {
        List find = this.database.find(MolgenisUser.class, new QueryRule("Email", QueryRule.Operator.EQUALS, passwordResetRequest.getEmail()));
        if (find == null || find.isEmpty()) {
            return;
        }
        this.accountService.resetPassword((MolgenisUser) find.get(0));
    }

    @ExceptionHandler({DatabaseAccessException.class})
    @ResponseStatus(HttpStatus.UNAUTHORIZED)
    private void handleDatabaseAccessException(DatabaseAccessException databaseAccessException) {
    }

    @ExceptionHandler({CaptchaService.CaptchaException.class})
    @ResponseStatus(HttpStatus.BAD_REQUEST)
    private void handleCaptchaException(CaptchaService.CaptchaException captchaException) {
    }

    private MolgenisUser toMolgenisUser(RegisterRequest registerRequest) {
        MolgenisUser molgenisUser = new MolgenisUser();
        molgenisUser.setName(registerRequest.getUsername());
        molgenisUser.setIdentifier(UUID.randomUUID().toString());
        molgenisUser.setPassword(registerRequest.getPassword());
        molgenisUser.setEmail(registerRequest.getEmail());
        molgenisUser.setPhone(registerRequest.getPhone());
        molgenisUser.setFax(registerRequest.getFax());
        molgenisUser.setTollFreePhone(registerRequest.getTollFreePhone());
        molgenisUser.setAddress(registerRequest.getAddress());
        molgenisUser.setTitle(registerRequest.getTitle());
        molgenisUser.setLastName(registerRequest.getLastname());
        molgenisUser.setFirstName(registerRequest.getFirstname());
        molgenisUser.setAffiliation_Id(registerRequest.getInstitute());
        molgenisUser.setDepartment(registerRequest.getDepartment());
        molgenisUser.setRoles_Id(registerRequest.getPosition());
        molgenisUser.setCity(registerRequest.getCity());
        molgenisUser.setCountry(CountryCodes.get(registerRequest.getCountry()));
        return molgenisUser;
    }
}
