package com.nonononoki.alovoa.service;

import com.nonononoki.alovoa.Tools;
import com.nonononoki.alovoa.component.ExceptionHandler;
import com.nonononoki.alovoa.entity.User;
import com.nonononoki.alovoa.entity.user.UserPasswordToken;
import com.nonononoki.alovoa.model.AlovoaException;
import com.nonononoki.alovoa.model.PasswordChangeDto;
import com.nonononoki.alovoa.model.PasswordResetDto;
import com.nonononoki.alovoa.repo.UserPasswordTokenRepository;
import com.nonononoki.alovoa.repo.UserRepository;
import jakarta.mail.MessagingException;
import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Date;
import java.util.Objects;
import java.util.UUID;
import org.apache.commons.lang3.RandomStringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:BOOT-INF/classes/com/nonononoki/alovoa/service/PasswordService.class */
public class PasswordService {

    @Autowired
    private UserPasswordTokenRepository userPasswordTokenRepo;

    @Autowired
    private UserRepository userRepo;

    @Autowired
    private PasswordEncoder passwordEncoder;

    @Autowired
    private CaptchaService captchaService;

    @Autowired
    private AuthService authService;

    @Autowired
    private MailService mailService;

    @Value("${app.password-token.length}")
    private int tokenLength;

    @Value("${app.user.password-reset.duration.valid}")
    private int userPasswordResetDuration;

    public UserPasswordToken resetPassword(PasswordResetDto passwordResetDto) throws AlovoaException, NoSuchAlgorithmException, MessagingException, IOException {
        if (!this.captchaService.isValid(passwordResetDto.getCaptchaId(), passwordResetDto.getCaptchaText())) {
            throw new AlovoaException("captcha_invalid");
        }
        User findByEmail = this.userRepo.findByEmail(Tools.cleanEmail(passwordResetDto.getEmail()));
        if (findByEmail == null) {
            try {
                findByEmail = this.userRepo.findByUuid(UUID.fromString(passwordResetDto.getEmail()));
                if (findByEmail == null) {
                    throw new AlovoaException(ExceptionHandler.USER_NOT_FOUND);
                }
            } catch (IllegalArgumentException e) {
                throw new AlovoaException(ExceptionHandler.USER_NOT_FOUND);
            }
        }
        if (findByEmail.isAdmin()) {
            throw new AlovoaException("user_is_admin");
        }
        if (findByEmail.getPassword() == null) {
            throw new AlovoaException("user_has_social_login");
        }
        UserPasswordToken userPasswordToken = new UserPasswordToken();
        userPasswordToken.setContent(RandomStringUtils.random(this.tokenLength, 0, 0, true, true, null, new SecureRandom()));
        userPasswordToken.setDate(new Date());
        userPasswordToken.setUser(findByEmail);
        findByEmail.setPasswordToken(userPasswordToken);
        User user = (User) this.userRepo.saveAndFlush(findByEmail);
        this.mailService.sendPasswordResetMail(user);
        SecurityContextHolder.clearContext();
        return user.getPasswordToken();
    }

    public void changePassword(PasswordChangeDto passwordChangeDto) throws AlovoaException {
        UserPasswordToken findByContent = this.userPasswordTokenRepo.findByContent(passwordChangeDto.getToken());
        if (findByContent == null) {
            throw new AlovoaException("token_not_found");
        }
        if (!findByContent.getContent().equals(passwordChangeDto.getToken())) {
            throw new AlovoaException("token_wrong_content");
        }
        User user = findByContent.getUser();
        if (!Objects.equals(user.getEmail(), Tools.cleanEmail(passwordChangeDto.getEmail())) && !Objects.equals(user.getUuid().toString(), Tools.cleanEmail(passwordChangeDto.getEmail()))) {
            throw new AlovoaException("wrong_email");
        }
        if (user.isAdmin()) {
            throw new AlovoaException("user_is_admin");
        }
        if (new Date().getTime() - user.getPasswordToken().getDate().getTime() > this.userPasswordResetDuration) {
            throw new AlovoaException("deletion_not_valid");
        }
        user.setPassword(this.passwordEncoder.encode(passwordChangeDto.getPassword()));
        user.setPasswordToken(null);
        if (!user.isConfirmed()) {
            user.setConfirmed(true);
            user.setRegisterToken(null);
        }
        SecurityContextHolder.clearContext();
        this.userRepo.saveAndFlush(user);
    }
}
