package com.ailikes.common.sys.security.shiro.filter.online;

import com.ailikes.common.security.shiro.session.SessionDAO;
import com.ailikes.common.sys.modules.sys.entity.User;
import com.ailikes.common.sys.security.shiro.ShiroConstants;
import com.ailikes.common.sys.security.shiro.session.mgt.OnlineSession;
import com.ailikes.common.sys.utils.UserUtils;
import com.ailikes.common.utils.StringUtils;
import java.io.IOException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.AccessControlFilter;
import org.apache.shiro.web.util.WebUtils;

/* loaded from: input_file:com/ailikes/common/sys/security/shiro/filter/online/OnlineSessionFilter.class */
public class OnlineSessionFilter extends AccessControlFilter {
    private String forceLogoutUrl;
    private SessionDAO sessionDAO;

    public String getForceLogoutUrl() {
        return this.forceLogoutUrl;
    }

    public void setForceLogoutUrl(String str) {
        this.forceLogoutUrl = str;
    }

    public void setSessionDAO(SessionDAO sessionDAO) {
        this.sessionDAO = sessionDAO;
    }

    protected boolean isAccessAllowed(ServletRequest servletRequest, ServletResponse servletResponse, Object obj) throws Exception {
        OnlineSession readSession;
        User user;
        Subject subject = getSubject(servletRequest, servletResponse);
        if (subject == null || subject.getSession() == null || (readSession = this.sessionDAO.readSession(subject.getSession().getId())) == null || !(readSession instanceof OnlineSession)) {
            return true;
        }
        OnlineSession onlineSession = readSession;
        servletRequest.setAttribute(ShiroConstants.ONLINE_SESSION, onlineSession);
        if (StringUtils.isEmpty(onlineSession.getUserId()) && (user = UserUtils.getUser()) != null) {
            onlineSession.setUserId(user.m17getId());
            onlineSession.setUsername(user.getUsername());
            onlineSession.markAttributeChanged();
        }
        return onlineSession.getStatus() != OnlineSession.OnlineStatus.force_logout;
    }

    protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        Subject subject = getSubject(servletRequest, servletResponse);
        if (subject != null) {
            subject.logout();
        }
        saveRequestAndRedirectToLogin(servletRequest, servletResponse);
        return true;
    }

    protected void redirectToLogin(ServletRequest servletRequest, ServletResponse servletResponse) throws IOException {
        WebUtils.issueRedirect(servletRequest, servletResponse, getForceLogoutUrl());
    }
}
