package com.gkhy.assess.framework.shiro.service;

import com.gkhy.assess.common.constant.CacheConstant;
import com.gkhy.assess.common.utils.JwtTokenUtil;
import com.gkhy.assess.common.utils.RedisUtils;
import com.gkhy.assess.system.domain.SysUser;
import org.apache.shiro.authc.AuthenticationException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;

import java.util.concurrent.atomic.AtomicInteger;

@Component
public class SysPasswordService {

    @Autowired
    private RedisUtils redisUtils;


    @Value(value = "${user.password.maxRetryCount:5}")
    private Integer maxRetryCount;

    public void validate(SysUser user, String password) throws AuthenticationException {
        String username=user.getUsername();
        String key= redisUtils.generateKey(CacheConstant.SYS_LOGIN_RECORD_CACHE+":"+username);
        Integer retryCount= (Integer) redisUtils.get(key);
        if(retryCount==null){
            retryCount=0;
        }
        ++retryCount;
        if(retryCount>maxRetryCount){
            throw new AuthenticationException("登录次数已达上限,5分钟之后再试");
        }
        if(!matches(user,password)){
            redisUtils.set(key,retryCount,60*5);//5分钟后释放
            throw new AuthenticationException("登录密码错误");
        }else{
            redisUtils.del(key);
        }

    }

    public boolean matches(SysUser sysUser,String newPassword){
        return sysUser.getPassword().equals(JwtTokenUtil.encryptPassword(sysUser.getUsername(),newPassword,sysUser.getSalt()));
    }



}