package com.glxp.api.aspect;

import cn.hutool.core.util.StrUtil;
import com.glxp.api.annotation.AuthRuleAnnotation;
import com.glxp.api.common.enums.ResultEnum;
import com.glxp.api.dao.auth.AuthLicenseDao;
import com.glxp.api.entity.auth.AuthLicense;
import com.glxp.api.exception.JsonException;
import com.glxp.api.util.JwtUtils;
import io.jsonwebtoken.Claims;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.aspectj.lang.annotation.Pointcut;
import org.aspectj.lang.reflect.MethodSignature;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

import javax.servlet.http.HttpServletRequest;
import java.lang.reflect.Method;

/**
 * 登录验证 AOP
 */
@Aspect
@Component
@Slf4j
@RequiredArgsConstructor
public class AuthorizeAspect {


    private final AuthLicenseDao authLicenseDao;

    @Pointcut("@annotation(com.glxp.api.annotation.AuthRuleAnnotation)")
    public void adminLoginVerify() {
    }

    /**
     * 登录验证
     *
     * @param joinPoint
     */
    @Before("adminLoginVerify()")
    public void doAdminAuthVerify(JoinPoint joinPoint) {

        ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
        if (attributes == null) {
            throw new JsonException(ResultEnum.NOT_NETWORK);
        }
        HttpServletRequest request = attributes.getRequest();

        // 尝试获取下划线格式的请求头信息
        String id = request.getHeader("ADMIN_ID");
        String token = request.getHeader("ADMIN_TOKEN");

        // 如果没有获取到，尝试获取驼峰格式的请求头信息
        if (StrUtil.isBlank(id)) {
            id = request.getHeader("adminId");
        }
        if (StrUtil.isBlank(token)) {
            token = request.getHeader("adminToken");
        }

        // 如果 id 或 token 仍然为空
        if (StrUtil.isBlank(id) || StrUtil.isBlank(token)) {
            // 尝试获取下划线格式的 api_key 和 secret_key
            String apiKey = request.getHeader("api_key");
            String secretKey = request.getHeader("secret_key");

            // 如果没有获取到，尝试获取驼峰格式的 apiKey 和 secretKey
            if (StrUtil.isBlank(apiKey)) {
                apiKey = request.getHeader("apiKey");
            }
            if (StrUtil.isBlank(secretKey)) {
                secretKey = request.getHeader("secretKey");
            }

            AuthLicense authLicense = authLicenseDao.get(apiKey);
            if (authLicense != null && authLicense.getSecretKey().equals(secretKey)) {
                // 这里可以添加验证通过后的逻辑
            } else {
                throw new JsonException(ResultEnum.LOGIN_VERIFY_FALL);
            }
        } else {
            String query = request.getQueryString();
            Long adminId = null;
            try {
                adminId = Long.valueOf(id);
            } catch (Exception e) {
                throw new JsonException(ResultEnum.LOGIN_VERIFY_FALL);
            }


            if (token == null) {
                throw new JsonException(ResultEnum.LOGIN_VERIFY_FALL);
            }

            // 验证 token
            Claims claims = JwtUtils.parse(token);
            if (claims == null) {
                throw new JsonException(ResultEnum.LOGIN_VERIFY_FALL);
            }
            Long jwtAdminId = Long.valueOf(claims.get("admin_id").toString());
            if (adminId.compareTo(jwtAdminId) != 0) {
                throw new JsonException(ResultEnum.LOGIN_VERIFY_FALL);
            }
        }

        // 判断是否进行权限验证
        MethodSignature signature = (MethodSignature) joinPoint.getSignature();
        //从切面中获取当前方法
        Method method = signature.getMethod();
        //得到了方,提取出他的注解
        AuthRuleAnnotation action = method.getAnnotation(AuthRuleAnnotation.class);
        // 进行权限验证
//        authRuleVerify(action.value(), adminId);
    }


}