package com.tianbo.analysis.intercept;

import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import com.tianbo.analysis.exception.TransArriveException;
import com.tianbo.analysis.feign.UserCenterAPI;
import com.tianbo.analysis.model.ResultJson;
import com.tianbo.analysis.thread.SessionUserContext;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.env.Environment;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;

import javax.annotation.PostConstruct;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;


@Slf4j
@Component
public class UserCenterHanlerInterceptor implements HandlerInterceptor {

    private static  UserCenterHanlerInterceptor _THIS;

    @Autowired
    private Environment environment;

    @Autowired
    private UserCenterAPI userCenterAPI;


    @PostConstruct
    public void init(){
        _THIS = this;
    }

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        log.debug("进入HTTPServletRequest 拦截器");
        String serviceName = _THIS.environment.getProperty("spring.application.name");
        String permPath = "/" + serviceName + request.getRequestURI();
        log.info("path = {}, serviceName= {}",request.getRequestURI(),serviceName);

        String authHeader = request.getHeader("Authorization");
        if (authHeader != null && authHeader.startsWith("Bearer ")) {

            /**
             * 根据访问接口地址和token信息获取用户权限信息
             * 参数为request 中的接口地址和的 auth 的token信息
             * 样例实体类如下:
             * todo:后期返回数据 要增加用户所属的同级组织机构的用户列表dep,或者 同公司下的用户列表com
             */
            ResultJson resultJson = _THIS.userCenterAPI.getDataPerm(permPath, authHeader);
            if (resultJson.getData()!=null){
                /**
                 * 下面JSONObject user为 cloud-user-center中的users类.
                 * 为了方便,使用jsonObject进行使用.
                 */
                JSONObject user = (JSONObject) JSON.toJSON(resultJson.getData());
                SessionUserContext.setSessionUser(user);
            }else{
                throw new TransArriveException("无用户数据权限获取失败,无法访问");
            }
            log.info(resultJson.toString());
        }

        return true;
    }

    @Override
    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
        SessionUserContext.clearSessionUser();
    }
}