package net.anotheria.webutils.actions;

import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.anotheria.maf.action.ActionCommand;
import net.anotheria.maf.action.ActionMapping;
import net.anotheria.maf.bean.FormBean;
import net.anotheria.webutils.service.XMLUserManager;
import org.apache.derby.iapi.sql.compile.TypeCompiler;

/* loaded from: input_file:WEB-INF/lib/ano-web-2.0.1.jar:net/anotheria/webutils/actions/LoginAction.class */
public class LoginAction extends AccessControlMafAction {
    public static final String P_USER_ID = "pUserId";
    public static final String P_PASSWORD = "pPassword";
    private XMLUserManager manager = XMLUserManager.getInstance();

    @Override // net.anotheria.maf.action.Action
    public ActionCommand execute(ActionMapping actionMapping, FormBean formBean, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        try {
            String str = null;
            String authCookieName = getAuthCookieName(httpServletRequest);
            Cookie[] cookies = httpServletRequest.getCookies();
            int length = cookies.length;
            int i = 0;
            while (true) {
                if (i < length) {
                    Cookie cookie = cookies[i];
                    if (cookie != null && cookie.getName().equals(authCookieName)) {
                        str = getCryptTool().decryptFromHex(cookie.getValue()).trim();
                        break;
                    }
                    i++;
                } else {
                    break;
                }
            }
            if (str != null) {
                int indexOf = str.indexOf(58);
                String substring = str.substring(0, indexOf);
                String substring2 = str.substring(indexOf + 1);
                if (substring != null && substring2 != null && this.manager.canLoginUser(substring, substring2)) {
                    addBeanToSession(httpServletRequest, "currentUserId", substring);
                    httpServletResponse.sendRedirect(getRedirectTarget(httpServletRequest));
                    return null;
                }
            }
        } catch (Exception e) {
            this.log.warn("read auth from cookie", e);
        }
        try {
            String stringParameter = getStringParameter(httpServletRequest, P_USER_ID);
            String stringParameter2 = getStringParameter(httpServletRequest, P_PASSWORD);
            if (!this.manager.canLoginUser(stringParameter, stringParameter2)) {
                throw new RuntimeException("Can't login.");
            }
            httpServletResponse.addCookie(createAuthCookie(httpServletRequest, stringParameter, stringParameter2));
            addBeanToSession(httpServletRequest, "currentUserId", stringParameter);
            httpServletResponse.sendRedirect(getRedirectTarget(httpServletRequest));
            return null;
        } catch (Exception e2) {
            return actionMapping.success();
        }
    }

    private String getRedirectTarget(HttpServletRequest httpServletRequest) {
        String str = (String) httpServletRequest.getSession().getAttribute("anoDocTargetAction");
        if (str == null) {
            String servletPath = httpServletRequest.getServletPath();
            return httpServletRequest.getContextPath() + servletPath.substring(0, servletPath.lastIndexOf(47)) + "/index?auth=true";
        }
        if (!str.startsWith(TypeCompiler.DIVIDE_OP)) {
            str = TypeCompiler.DIVIDE_OP + str;
        }
        return (str.indexOf(63) == -1 ? str + "?" : str + "&") + "auth=true";
    }
}
