package com.zteits.oa.report.web;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import com.zteits.oa.api.base.bean.BizResult;
import com.zteits.oa.api.base.constants.ErrorType;
import com.zteits.oa.api.base.constants.SessionEnum;
import com.zteits.oa.api.dto.asraop.AsraOpDTO;
import com.zteits.oa.api.dto.asraop.LoginOathRes;
import com.zteits.oa.api.dto.asraop.param.AsraOpQueryReq;
import com.zteits.oa.api.dto.asraop.param.LoginOauthReq;
import com.zteits.oa.api.service.report.query.AsraOpRueryService;
import com.zteits.oa.util.MD5Utils;

import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;

@Api("用户登录授权")
@RestController
@RequestMapping("/oauth")
public class OAuthController {
	 private static final Logger logger = LoggerFactory.getLogger(OAuthController.class);
	 
	 @Autowired
	 private AsraOpRueryService asraOpRueryService;
	 
	 @Autowired
	 private HttpServletRequest request;
	 
	 @ApiOperation("用户登录")
	 @PostMapping("/login")
	 public BizResult<LoginOathRes> login(@RequestBody LoginOauthReq req ) throws Exception {
		 BizResult<LoginOathRes> result =  this._login(req);
		 return result;
	 }
	 /**
	  * 登陆验证.<br/>
	  * @param req
	  * @return
	  * 2018年7月31日  wangfs.<br/>
	  */
	 private BizResult<LoginOathRes> _login(LoginOauthReq req ){
		 BizResult<LoginOathRes> result = new BizResult<LoginOathRes>();
		 LoginOathRes loginOathRes = new  LoginOathRes();
		 String loginCode = req.getLoginCode();
		 String passWord = req.getPassWord();
		 if(StringUtils.isEmpty(loginCode) || StringUtils.isEmpty(passWord)) {
        	  logger.info("校验登录信息,用户名 或者 登录密码为空!");
        	  result.setErrorInfo(ErrorType.PARAMM_NULL, "用户名 或者 登录密码为空");
	      }
		 AsraOpQueryReq asraOpQueryRe = new AsraOpQueryReq();
		 AsraOpDTO asraOpDTO = new AsraOpDTO();
		 boolean isCheckSuccess = false;
		 //1.判断登录账号/密码
		 asraOpQueryRe.setLoginCode(loginCode);
		 BizResult<AsraOpDTO> asraOpReult = asraOpRueryService.queryAsraOp(asraOpQueryRe);
		 if(asraOpReult != null && asraOpReult.getData() != null){
			 asraOpDTO = asraOpReult.getData();
			 if(StringUtils.isEmpty(asraOpDTO.getLoginCode())){
				 logger.info("{}登录账号不存在",loginCode);
	        	  result.setErrorInfo(ErrorType.AUTH_LOGIN_ERROR, "登录账号不存在!");
			 }else{
				 if(!asraOpDTO.getLoginPassword().equalsIgnoreCase(MD5Utils.enMD5(passWord))){
					 logger.info("{}登录账号输入的密码不正确",loginCode);
		        	  result.setErrorInfo(ErrorType.AUTH_PASS_ERROR, "登录密码不匹配!");
				 }else{
					 isCheckSuccess = true;
				 }
			 }
			 
		 }else{
			 result.setErrorInfo(ErrorType.BIZ_ERROR, "用户登录失败");
		 }
		 
		 
		 if(isCheckSuccess){
			 HttpSession session = request.getSession();
			 session.setAttribute(SessionEnum.USER_INFO.key(), asraOpDTO);
			 logger.info("---获取到的session_id={}",session.getId());
			 loginOathRes.setOpId(asraOpDTO.getId());
			 loginOathRes.setLoginCode(loginCode);
			 loginOathRes.setUserName(asraOpDTO.getOpName());
			 loginOathRes.setCityId(asraOpDTO.getCityId());
			 loginOathRes.setCityName(asraOpDTO.getCityName());
			 loginOathRes.setAccessToken(session.getId());
			 result.setData(loginOathRes); 
			 result.setErrorInfo(ErrorType.BIZ_SUCCESS, "登录成功");
		 }
		 
		
		 return result;
	 }
	 
	 

}