package controllers.user;

import com.fasterxml.jackson.databind.node.ObjectNode;
import com.google.common.base.Strings;
import com.nazdaq.core.defines.acts.ActivityAction;
import com.nazdaq.core.helpers.AppConfig;
import com.nazdaq.core.helpers.NSystem;
import com.nazdaq.core.helpers.RequestHelper;
import com.nazdaq.noms.app.auth.action.AuthAction;
import com.nazdaq.noms.app.auth.ldap.AuthLDAPUser;
import com.nazdaq.noms.app.globals.APIGlobal;
import com.nazdaq.noms.app.htmhelper.HTMLHelper;
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
import java.util.Date;
import javax.inject.Inject;
import models.users.User;
import play.Logger;
import play.data.DynamicForm;
import play.data.FormFactory;
import play.i18n.MessagesApi;
import play.libs.Json;
import play.mvc.Http;
import play.mvc.Result;
import play.twirl.api.Html;
import views.html.layouts.layoutsmall;
import views.html.pages.auth.createnewuserpass;
import views.html.pages.auth.resetpass;

/* loaded from: input_file:controllers/user/ResetPassword.class */
public class ResetPassword extends APIGlobal {
    private static final Logger.ALogger logger = Logger.of(ResetPassword.class);
    private final FormFactory formFactory;

    @Inject
    public ResetPassword(FormFactory formFactory, MessagesApi messagesApi) {
        super(messagesApi);
        this.formFactory = formFactory;
    }

    public Result newpass(Http.Request request, int i, String str) {
        Html render;
        User user = User.getuserbyid(i);
        if (user == null) {
            return AuthAction.redirectToLogin((String) null).flashing("error", "User doesn't exists in the system!");
        }
        boolean z = false;
        String str2 = this.formFactory.form().bindFromRequest(request, new String[0]).get("redirect");
        if (str2 != null && str2.contains("initrun")) {
            z = true;
            if (!user.isNeedConfig()) {
                logger.debug("Got to newpass url: '" + str2 + "'!");
                return redirect(URLDecoder.decode(str2, StandardCharsets.UTF_8));
            }
        }
        if (!isValidHash(user, str)) {
            return AuthAction.redirectToLogin((String) null).flashing("error", "Hash code is incorrect or expired!");
        }
        String str3 = "Reset your password";
        if (z) {
            str3 = "New User has been created, set your details below";
            render = createnewuserpass.render(getMessages(request), request, str, user, str2);
        } else {
            render = resetpass.render(request, Integer.valueOf(i), str, str2);
        }
        return ok(HTMLHelper.compress(layoutsmall.render(getMessages(request), Boolean.valueOf(AppConfig.isProd), "Login", str3, render, getBuildString())));
    }

    public Result newpassSubmit(Http.Request request, int i, String str) {
        Result response;
        boolean isAjax = RequestHelper.isAjax(request);
        ObjectNode newObject = Json.newObject();
        try {
            User user = User.getuserbyid(i);
            DynamicForm bindFromRequest = this.formFactory.form().bindFromRequest(request, new String[0]);
            String str2 = bindFromRequest.get("redirect");
            String str3 = "";
            if (str2 != null && !str2.isEmpty() && !str2.equals("%2F") && !str2.equals("/")) {
                str3 = "?redirect=" + URLEncoder.encode(str2, StandardCharsets.ISO_8859_1);
            }
            String str4 = routes.ResetPassword.newpass(Integer.valueOf(i), str) + str3;
            if (user == null || !isValidHash(user, str)) {
                throw new Exception("Hash code is incorrect or expired!");
            }
            String str5 = bindFromRequest.get("password") != null ? bindFromRequest.get("password") : "";
            String str6 = bindFromRequest.get("repassword") != null ? bindFromRequest.get("repassword") : "";
            if (str5.isEmpty() || str6.isEmpty() || !str5.equals(str6)) {
                if (!AuthLDAPUser.isEnabled()) {
                    throw new Exception("The passwords is not equals!");
                }
                str5 = NSystem.getRandomIdentifier(20);
            }
            user.setNewpasskey("");
            user.setPassword(str5);
            user.setNeedConfig(false);
            if (bindFromRequest.get("firstname") != null) {
                user.setFirstname(bindFromRequest.get("firstname").trim());
            }
            if (bindFromRequest.get("lastname") != null) {
                user.setLastname(bindFromRequest.get("lastname").trim());
            }
            if (bindFromRequest.get("email") != null) {
                user.setEmail(bindFromRequest.get("email").trim());
            }
            user.save();
            if (Strings.isNullOrEmpty(str2)) {
                String str7 = routes.Login.login() + str3;
                String str8 = "Your password for user '" + user.getUsername() + "' was changed successfully, login with your new password now";
                user.addActivity(ActivityAction.USR_LOGIN_PASSWORDRESETTED, user.getId(), new String[]{RequestHelper.ipAddress(request), RequestHelper.getHeaderValue(request, "User-Agent")});
                logger.info("UserAuth - newpassSubmit - user with email: " + user.getEmail() + " resetted his password!");
                response = isAjax ? response(request, true, "Fill User", str8, newObject, "noerr") : redirect(str7).flashing("success", str8);
            } else {
                logger.info("The user " + user.getDisplayName() + " - Filled his user info.");
                response = isAjax ? response(request, true, "Fill User", "User details saved successfully.", newObject, "noerr") : redirect(str2);
            }
            return response.addingToSession(request, "login", user.getUsername());
        } catch (Exception e) {
            e.printStackTrace();
            return isAjax ? response(request, false, "Fill User", e.getMessage(), newObject, "INPUT") : redirect("").flashing("error", e.getMessage());
        }
    }

    private static boolean isValidHash(User user, String str) {
        if (str.length() <= 32 || !str.equals(user.getNewpasskey())) {
            return false;
        }
        int i = AppConfig.login_resetpass_expire;
        return new Date(user.getNewpasskeydate().getTime() + (i * 24 * 3600 * 1000)).after(new Date());
    }
}
