package com.lyms.hospital.controller;

import java.util.List;
import java.util.Map;

import javax.servlet.http.HttpServletResponse;

import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AccountException;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RestController;

import com.lyms.base.common.entity.organ.Organizations;
import com.lyms.base.common.entity.role.Permissions;
import com.lyms.base.common.entity.role.Roles;
import com.lyms.base.common.entity.user.Users;
import com.lyms.base.common.service.organ.OrganizationsService;
import com.lyms.base.common.service.role.PermissionsService;
import com.lyms.base.common.service.role.RolesService;
import com.lyms.base.common.service.user.UsersService;
import com.lyms.constants.Constants;
import com.lyms.shiro.ShiroWebUtils;
import com.lyms.util.DateTimeUtils;
import com.lyms.util.InstanceUtils;
import com.lyms.web.bean.AjaxResult;
import com.lyms.web.controller.BaseController;

import io.swagger.annotations.Api;
import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiImplicitParams;
import io.swagger.annotations.ApiOperation;

@RestController
@RequestMapping(value = "/login")
@Api(value = "/api", description = "登录的相关操作")
public class LoginController extends BaseController {
    
    @Autowired
    private UsersService usersService;
    @Autowired
    private OrganizationsService organizationsService;
    @Autowired
    private RolesService rolesService;
    @Autowired
    private PermissionsService permissionsService;
    
    @RequestMapping(value = "/tokens")
    @ApiOperation(value = "登录接口", notes = "登录接口")
    @ApiImplicitParams({ @ApiImplicitParam(name = "account", value = "用户account", required = true, dataType = "String"),
        @ApiImplicitParam(name = "password", value = "password", required = true, dataType = "String") })
    @ResponseBody
    public AjaxResult usersLogin(@RequestParam(value = "account") String account,
                           @RequestParam(value = "vercode", required = false) String code,
                           @RequestParam(value = "password", required = false) String password,
                           AjaxResult ajaxResult,
                           HttpServletResponse response) {
        ajaxResult.setSuccess(false);
        if (StringUtils.isEmpty(account) && (StringUtils.isEmpty(code) || StringUtils.isEmpty(password))) {
            ajaxResult.setMessage("登录账户或者验证码为空,请输入！");
            return ajaxResult;   
        }
        AuthenticationToken authenticationToken = new UsernamePasswordToken(account, password);
        try {
            // 查看ShiroRealm.class
            SecurityUtils.getSubject().login(authenticationToken);
        } catch (AuthenticationException e) {
            if (e instanceof UnknownAccountException) {
                ajaxResult.setMessage("用户不存在！");
                return ajaxResult;   
            } else if (e instanceof AccountException) {
                ajaxResult.setMessage("密码不正确！");
                return ajaxResult;   
            } else if (e instanceof LockedAccountException) {
                ajaxResult.setMessage("用户被禁用！");
                return ajaxResult;   
            }
        }
        Users users = ShiroWebUtils.getCurrentUser();
        //Organizations organizations = organizationsService.selectById( users.getOrgId());
        Map<String, Object> result = InstanceUtils.newHashMap();
        //String token = tokenService.createToken(users);
        List<Roles> roles = rolesService.selectBatchIds(usersService.getRoleIdListByUserid(users.getId()));
        List<Permissions> permissions = permissionsService.getUserPermission(users.getId(),null);
        Organizations org = organizationsService.selectById(users.getOrgId());
        //result.put("token", token);
        users.setLastLoginTime(DateTimeUtils.getNow());
        result.put("user",users);
        result.put("roles",roles);
        result.put("organization",org);
        List<Organizations> orgs = InstanceUtils.newArrayList();
        orgs.add(org);
        result.put("organizations",orgs);
        result.put("permissions", permissions);
        result.put("watermark", "water");
        ajaxResult.setData(result);
        ajaxResult.setSuccess(true);
        getSession().setAttribute(Constants.CURRENT_USER, users);
        return ajaxResult;
    }
    
}