package net.mingsoft.basic.filter;

import cn.hutool.json.JSONUtil;
import jakarta.servlet.ServletRequest;
import jakarta.servlet.ServletResponse;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.PrintWriter;
import net.mingsoft.base.entity.ResultData;
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
import org.springframework.http.HttpStatus;

/* loaded from: input_file:net/mingsoft/basic/filter/ShiroLoginFilter.class */
public class ShiroLoginFilter extends FormAuthenticationFilter {
    protected boolean isAccessAllowed(ServletRequest servletRequest, ServletResponse servletResponse, Object obj) {
        if ("OPTIONS".equalsIgnoreCase(((HttpServletRequest) servletRequest).getMethod())) {
            return true;
        }
        return super.isAccessAllowed(servletRequest, servletResponse, obj);
    }

    protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (isLoginRequest(servletRequest, servletResponse)) {
            if (isLoginSubmission(servletRequest, servletResponse)) {
                return executeLogin(servletRequest, servletResponse);
            }
            return true;
        }
        if (httpServletRequest.getHeader("X-Requested-With") == null && httpServletRequest.getHeader("X-TOKEN") == null) {
            saveRequestAndRedirectToLogin(servletRequest, servletResponse);
            return false;
        }
        httpServletResponse.setHeader("Access-Control-Allow-Origin", httpServletRequest.getHeader("Origin"));
        httpServletResponse.setHeader("Access-Control-Allow-Credentials", "true");
        httpServletResponse.setContentType("application/json; charset=utf-8");
        httpServletResponse.setCharacterEncoding("UTF-8");
        httpServletResponse.setStatus(HttpStatus.UNAUTHORIZED.value());
        PrintWriter writer = httpServletResponse.getWriter();
        writer.println(JSONUtil.toJsonStr(ResultData.build().code(HttpStatus.UNAUTHORIZED).msg("未检测到登录信息，请重新登录")));
        writer.flush();
        writer.close();
        return false;
    }
}
