package com.qianwen.core.secure.interceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import com.qianwen.core.secure.BladeUser;
import com.qianwen.core.secure.provider.ResponseProvider;
import com.qianwen.core.secure.utils.AuthUtil;
import com.qianwen.core.secure.utils.SecureUtil;
import com.qianwen.core.tool.jackson.JsonUtil;
import com.qianwen.core.tool.utils.StringUtil;
import com.qianwen.core.tool.utils.WebUtil;
import org.springframework.lang.NonNull;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

public class ClientInterceptor extends HandlerInterceptorAdapter {
    private static final Logger log = LoggerFactory.getLogger(ClientInterceptor.class);
    private final String clientId;

    public ClientInterceptor(final String clientId) {
        this.clientId = clientId;
    }

    public boolean preHandle(@NonNull HttpServletRequest request, @NonNull HttpServletResponse response, @NonNull Object handler) {
        BladeUser user = AuthUtil.getUser();
        boolean check = user != null && StringUtil.equals(this.clientId, SecureUtil.getClientIdFromHeader()) && StringUtil.equals(this.clientId, user.getClientId());
        if (!check) {
            log.warn("客户端认证失败，请求接口：{}，请求IP：{}，请求参数：{}", new Object[]{request.getRequestURI(), WebUtil.getIP(request), JsonUtil.toJson(request.getParameterMap())});
            ResponseProvider.write(response);
            return false;
        }
        return true;
    }
}