package com.jumi.framework.shiro.web.filter.online;

import com.jumi.common.enums.OnlineStatus;
import com.jumi.framework.shiro.session.OnlineSession;
import com.jumi.framework.shiro.session.OnlineSessionDAO;
import com.jumi.framework.util.ShiroUtils;
import com.jumi.system.domain.SysUser;
import java.io.IOException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.AccessControlFilter;
import org.apache.shiro.web.util.WebUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;

/* loaded from: input_file:com/jumi/framework/shiro/web/filter/online/OnlineSessionFilter.class */
public class OnlineSessionFilter extends AccessControlFilter {

    @Value("${shiro.user.loginUrl}")
    private String loginUrl;

    @Autowired
    private OnlineSessionDAO onlineSessionDAO;

    protected boolean isAccessAllowed(ServletRequest servletRequest, ServletResponse servletResponse, Object obj) throws Exception {
        OnlineSession readSession;
        SysUser sysUser;
        Subject subject = getSubject(servletRequest, servletResponse);
        if (subject == null || subject.getSession() == null || (readSession = this.onlineSessionDAO.readSession(subject.getSession().getId())) == null || !(readSession instanceof OnlineSession)) {
            return true;
        }
        OnlineSession onlineSession = readSession;
        servletRequest.setAttribute("online_session", onlineSession);
        if ((onlineSession.getUserId() == null || onlineSession.getUserId().longValue() == 0) && (sysUser = ShiroUtils.getSysUser()) != null) {
            onlineSession.setUserId(sysUser.getUserId());
            onlineSession.setLoginName(sysUser.getLoginName());
            onlineSession.setAvatar(sysUser.getAvatar());
            onlineSession.setDeptName(sysUser.getDept().getDeptName());
            onlineSession.markAttributeChanged();
        }
        return onlineSession.getStatus() != OnlineStatus.off_line;
    }

    protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        Subject subject = getSubject(servletRequest, servletResponse);
        if (subject != null) {
            subject.logout();
        }
        saveRequestAndRedirectToLogin(servletRequest, servletResponse);
        return false;
    }

    protected void redirectToLogin(ServletRequest servletRequest, ServletResponse servletResponse) throws IOException {
        WebUtils.issueRedirect(servletRequest, servletResponse, this.loginUrl);
    }
}
