package at.damudo.flowy.core.services;

import at.damudo.flowy.core.components.AesEncryptor;
import at.damudo.flowy.core.components.FlowySessionRepository;
import at.damudo.flowy.core.entities.UserEntity;
import at.damudo.flowy.core.enums.ActiveStatus;
import at.damudo.flowy.core.repositories.UserRepository;
import java.util.Optional;
import lombok.Generated;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.session.Session;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;

@Transactional
@Service
/* loaded from: input_file:BOOT-INF/lib/flowy-core-0.0.1.jar:at/damudo/flowy/core/services/AuthCoreService.class */
public class AuthCoreService {

    @Generated
    private static final Logger log = LoggerFactory.getLogger((Class<?>) AuthCoreService.class);
    private final UserRepository userRepository;
    private final FlowySessionRepository<Session> flowySessionRepository;
    private final AesEncryptor aesEncryptor;
    private final PasswordEncoder passwordEncoder;

    public Optional<String> loginByApiKey(String str, String str2) {
        return validateByApiKey(str, str2).map((v1) -> {
            return login(v1);
        });
    }

    public Optional<String> loginByPassword(String str, String str2) {
        Optional<UserEntity> findByEmailAndStatus = this.userRepository.findByEmailAndStatus(str, ActiveStatus.ACTIVE);
        if (findByEmailAndStatus.isPresent()) {
            UserEntity userEntity = findByEmailAndStatus.get();
            if (this.passwordEncoder.matches(str2, userEntity.getPassword())) {
                return Optional.of(login(userEntity.getId().longValue()));
            }
        }
        return Optional.empty();
    }

    public Optional<Long> validateByApiKey(String str, String str2) {
        Optional<UserEntity> findWithLockByEmailAndStatus = this.userRepository.findWithLockByEmailAndStatus(str, ActiveStatus.ACTIVE);
        if (findWithLockByEmailAndStatus.isEmpty()) {
            log.debug("User with [%s] email and active status was not found".formatted(str));
            return Optional.empty();
        }
        UserEntity userEntity = findWithLockByEmailAndStatus.get();
        if (userEntity.getApiKey() == null) {
            log.debug("User with [%s] id does not have an api key".formatted(userEntity.getId()));
            return Optional.empty();
        }
        if (userEntity.getFailedApiAttempts() >= userEntity.getAllowedApiAttempts()) {
            log.debug("User with [%s] id has too many failed api attempts".formatted(userEntity.getId()));
            return Optional.empty();
        }
        if (str2.equals(this.aesEncryptor.decrypt(userEntity.getApiKey()))) {
            log.debug("Basic authorization for the user with [%s] id was successful".formatted(userEntity.getId()));
            resetFailedApiAttempts(userEntity);
            return Optional.of(userEntity.getId());
        }
        log.debug("Api key for the user with [%s] id not equal to api key form table".formatted(userEntity.getId()));
        increaseFailApiAttempts(userEntity);
        return Optional.empty();
    }

    public String login(long j) {
        this.userRepository.updateLastLogin(j);
        return this.flowySessionRepository.createSession(j);
    }

    public void logout(String str) {
        this.flowySessionRepository.deleteBySessionId(str);
    }

    public Optional<Long> getUserIdBySessionId(String str) {
        return this.flowySessionRepository.getUserIdBySessionId(str);
    }

    public long getCurrentUserId() {
        return ((Long) SecurityContextHolder.getContext().getAuthentication().getPrincipal()).longValue();
    }

    private void increaseFailApiAttempts(UserEntity userEntity) {
        userEntity.setFailedApiAttempts(userEntity.getFailedApiAttempts() + 1);
        this.userRepository.save(userEntity);
    }

    private void resetFailedApiAttempts(UserEntity userEntity) {
        userEntity.setFailedApiAttempts(0);
        this.userRepository.save(userEntity);
    }

    @Generated
    public AuthCoreService(UserRepository userRepository, FlowySessionRepository<Session> flowySessionRepository, AesEncryptor aesEncryptor, PasswordEncoder passwordEncoder) {
        this.userRepository = userRepository;
        this.flowySessionRepository = flowySessionRepository;
        this.aesEncryptor = aesEncryptor;
        this.passwordEncoder = passwordEncoder;
    }
}
