package com.linghu.utils;

import org.springframework.web.servlet.HandlerInterceptor;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class TokenInterceptor implements HandlerInterceptor {
    private final OpenCryptUtil openCryptUtil;

    public TokenInterceptor(OpenCryptUtil openCryptUtil) {
        this.openCryptUtil = openCryptUtil;
    }

    // 预处理：控制器方法执行前调用
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        // 1. 跳过OPTIONS请求（可选，因为CORS已处理，这里只是双重保险）
        if ("OPTIONS".equalsIgnoreCase(request.getMethod())) {
            return true; // 放行OPTIONS请求
        }

        // 2. 提取并验证Token（逻辑同之前的过滤器）
        String token = extractToken(request);
        if (token == null || !validateToken(token)) {
            response.setStatus(HttpServletResponse.SC_OK);
            response.setContentType("application/json;charset=UTF-8");
            response.getWriter().write("{\"code\": 401, \"message\": \"无效的token\"}");
            return false; // 拦截无效Token请求
        }

        // 3. Token有效，放行请求到控制器
        return true;
    }

    // 提取Token（同过滤器逻辑）
    private String extractToken(HttpServletRequest request) {
        String authHeader = request.getHeader("Authorization");
        return authHeader; // 注意：实际应判断是否以"Bearer "开头并截取
    }

    // 验证Token（同过滤器逻辑）
    private boolean validateToken(String token) {
        if (token == null || token.isEmpty()) {
            return false;
        }
        String decrypted = openCryptUtil.decrypt(token);
        return decrypted != null;
    }
}