package org.gbif.ipt.action;

import com.google.inject.Inject;
import com.opensymphony.xwork2.Action;
import java.io.IOException;
import javax.servlet.http.Cookie;
import org.apache.commons.lang3.StringUtils;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.apache.poi.openxml4j.opc.PackagingURIHelper;
import org.gbif.ipt.config.AppConfig;
import org.gbif.ipt.config.Constants;
import org.gbif.ipt.model.User;
import org.gbif.ipt.service.admin.RegistrationManager;
import org.gbif.ipt.service.admin.UserAccountManager;
import org.gbif.ipt.struts2.CsrfLoginInterceptor;
import org.gbif.ipt.struts2.SimpleTextProvider;
import org.gbif.ipt.utils.PBEEncrypt;

/* loaded from: input_file:WEB-INF/classes/org/gbif/ipt/action/LoginAction.class */
public class LoginAction extends POSTAction {
    private static final Logger LOG = LogManager.getLogger((Class<?>) AccountAction.class);
    private final UserAccountManager userManager;
    private final PBEEncrypt encrypter;
    private String redirectUrl;
    private String email;
    private String password;
    private String adminEmail;
    private String csrfToken;

    @Inject
    public LoginAction(SimpleTextProvider simpleTextProvider, AppConfig appConfig, RegistrationManager registrationManager, UserAccountManager userAccountManager, PBEEncrypt pBEEncrypt) {
        super(simpleTextProvider, appConfig, registrationManager);
        this.userManager = userAccountManager;
        this.encrypter = pBEEncrypt;
    }

    @Override // org.gbif.ipt.action.BaseAction, com.opensymphony.xwork2.Preparable
    public void prepare() {
        super.prepare();
        this.adminEmail = this.userManager.getDefaultAdminEmail();
        if (StringUtils.isBlank(this.adminEmail)) {
            this.adminEmail = this.userManager.list(User.Role.Admin).get(0).getEmail();
        }
    }

    public String login() throws IOException {
        Cookie cookie = getCookie(CsrfLoginInterceptor.CSRFtoken);
        if (this.session.get(Constants.SESSION_USER) != null) {
            return Action.SUCCESS;
        }
        if (this.email == null || StringUtils.isBlank(this.csrfToken) || cookie == null) {
            return Action.INPUT;
        }
        if (!this.csrfToken.equals(cookie.getValue())) {
            LOG.warn("CSRF login token wrong! A potential malicious attack.");
            return Action.INPUT;
        }
        User authenticate = this.userManager.authenticate(this.email.trim(), this.password.trim());
        if (authenticate == null) {
            addActionError(getText("admin.user.wrong.email.password.combination"));
            LOG.info("User " + this.email + " failed to log in");
            return Action.INPUT;
        }
        LOG.info("User " + this.email + " logged in successfully");
        authenticate.setLastLoginToNow();
        this.userManager.save();
        this.session.put(Constants.SESSION_USER, authenticate);
        this.req.getSession().setMaxInactiveInterval(this.cfg.getSessionTimeout());
        setRedirectUrl();
        return Action.SUCCESS;
    }

    public String logout() {
        this.redirectUrl = getBase() + PackagingURIHelper.FORWARD_SLASH_STRING;
        this.session.clear();
        return Action.SUCCESS;
    }

    private void setRedirectUrl() {
        this.redirectUrl = getBase() + PackagingURIHelper.FORWARD_SLASH_STRING;
        String str = (String) this.session.get(Constants.SESSION_REFERER);
        LOG.debug("Session's referer: {}", str);
        if (str != null && !str.endsWith("login.do") && !str.endsWith("login")) {
            this.redirectUrl = getBase() + str;
        }
        this.session.remove(Constants.SESSION_REFERER);
        LOG.info("Redirecting to " + this.redirectUrl);
    }

    public String getRedirectUrl() {
        return this.redirectUrl;
    }

    public void setRedirectUrl(String str) {
        this.redirectUrl = str;
    }

    public String getEmail() {
        return this.email;
    }

    public void setEmail(String str) {
        this.email = str;
    }

    public String getPassword() {
        return this.password;
    }

    public void setPassword(String str) {
        this.password = str;
    }

    public String getAdminEmail() {
        return this.adminEmail;
    }

    public void setAdminEmail(String str) {
        this.adminEmail = str;
    }

    public void setCsrfToken(String str) {
        this.csrfToken = str;
    }
}
