package org.traccar.api.resource;

import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.nio.charset.StandardCharsets;
import java.sql.SQLException;
import javax.annotation.security.PermitAll;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.FormParam;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import org.traccar.api.BaseResource;
import org.traccar.helper.DataConverter;
import org.traccar.helper.LogAction;
import org.traccar.model.User;

@Produces({"application/json"})
@Path("session")
@Consumes({"application/x-www-form-urlencoded"})
/* loaded from: input_file:org/traccar/api/resource/SessionResource.class */
public class SessionResource extends BaseResource {
    public static final String USER_ID_KEY = "userId";
    public static final String USER_COOKIE_KEY = "user";
    public static final String PASS_COOKIE_KEY = "password";

    @Context
    private HttpServletRequest request;

    @GET
    @PermitAll
    public User get(@QueryParam("token") String str) throws SQLException, UnsupportedEncodingException {
        User userByToken;
        Long l = (Long) this.request.getSession().getAttribute(USER_ID_KEY);
        if (l == null) {
            Cookie[] cookies = this.request.getCookies();
            String str2 = null;
            String str3 = null;
            if (cookies != null) {
                for (Cookie cookie : cookies) {
                    if (cookie.getName().equals(USER_COOKIE_KEY)) {
                        str2 = new String(DataConverter.parseBase64(URLDecoder.decode(cookie.getValue(), StandardCharsets.US_ASCII.name())), StandardCharsets.UTF_8);
                    } else if (cookie.getName().equals(PASS_COOKIE_KEY)) {
                        str3 = new String(DataConverter.parseBase64(URLDecoder.decode(cookie.getValue(), StandardCharsets.US_ASCII.name())), StandardCharsets.UTF_8);
                    }
                }
            }
            if (str2 != null && str3 != null) {
                User login = org.traccar.Context.getPermissionsManager().login(str2, str3);
                if (login != null) {
                    l = Long.valueOf(login.getId());
                    this.request.getSession().setAttribute(USER_ID_KEY, l);
                }
            } else if (str != null && (userByToken = org.traccar.Context.getUsersManager().getUserByToken(str)) != null) {
                l = Long.valueOf(userByToken.getId());
                this.request.getSession().setAttribute(USER_ID_KEY, l);
            }
        }
        if (l == null) {
            throw new WebApplicationException(Response.status(Response.Status.NOT_FOUND).build());
        }
        org.traccar.Context.getPermissionsManager().checkUserEnabled(l.longValue());
        return org.traccar.Context.getPermissionsManager().getUser(l.longValue());
    }

    @POST
    @PermitAll
    public User add(@FormParam("email") String str, @FormParam("password") String str2) throws SQLException {
        User login = org.traccar.Context.getPermissionsManager().login(str, str2);
        if (login == null) {
            throw new WebApplicationException(Response.status(Response.Status.UNAUTHORIZED).build());
        }
        this.request.getSession().setAttribute(USER_ID_KEY, Long.valueOf(login.getId()));
        LogAction.login(login.getId());
        return login;
    }

    @DELETE
    public Response remove() {
        LogAction.logout(getUserId());
        this.request.getSession().removeAttribute(USER_ID_KEY);
        return Response.noContent().build();
    }
}
