package tigase.http.modules.dashboard;

import jakarta.ws.rs.FormParam;
import jakarta.ws.rs.GET;
import jakarta.ws.rs.POST;
import jakarta.ws.rs.Path;
import jakarta.ws.rs.Produces;
import jakarta.ws.rs.core.Response;
import jakarta.ws.rs.core.UriInfo;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.time.LocalDateTime;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.validation.constraints.NotBlank;
import javax.validation.constraints.NotEmpty;
import tigase.dashboard.JteloginGenerated;
import tigase.db.TigaseDBException;
import tigase.http.AuthProvider;
import tigase.http.jaxrs.Handler;
import tigase.http.jaxrs.Model;
import tigase.http.jaxrs.annotations.LoginForm;
import tigase.kernel.beans.Bean;
import tigase.kernel.beans.Inject;
import tigase.util.stringprep.TigaseStringprepException;
import tigase.xmpp.jid.BareJID;

@Bean(name = "authentication", parent = DashboardModule.class, active = true)
/* loaded from: input_file:tigase/http/modules/dashboard/AuthHandler.class */
public class AuthHandler extends DashboardHandler {

    @Inject
    private AuthProvider authProvider;

    @Override // tigase.http.jaxrs.Handler
    public Handler.Role getRequiredRole() {
        return Handler.Role.None;
    }

    @Produces({"text/html"})
    @LoginForm
    @GET
    @Path("/login")
    public Response loginForm(UriInfo uriInfo, Model model) {
        return Response.ok(renderTemplate(JteloginGenerated.JTE_NAME, model), "text/html").build();
    }

    @POST
    @Path("/login")
    public Response login(@NotEmpty @FormParam("jid") BareJID bareJID, @NotBlank @FormParam("password") String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, UriInfo uriInfo, Model model) throws NoSuchAlgorithmException, InvalidKeyException, TigaseDBException, TigaseStringprepException {
        if (this.authProvider.checkCredentials(bareJID.toString(), str)) {
            this.authProvider.setAuthenticationCookie(httpServletResponse, new AuthProvider.JWTPayload(bareJID, httpServletRequest.getServerName(), LocalDateTime.now().plusMinutes(5L)), httpServletRequest.getServerName(), httpServletRequest.getContextPath());
            return IndexHandler.redirectToIndex(uriInfo);
        }
        model.put("error", "Invalid username or password.");
        return loginForm(uriInfo, model);
    }

    @POST
    @Path("/logout")
    public Response logout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, UriInfo uriInfo) {
        this.authProvider.resetAuthenticationCookie(httpServletResponse, httpServletRequest.getServerName(), httpServletRequest.getContextPath());
        return IndexHandler.redirectToIndex(uriInfo);
    }
}
