package com.jxdinfo.hussar.core.intercept;

import com.jxdinfo.hussar.core.shiro.ShiroKit;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.shiro.web.filter.AccessControlFilter;
import org.apache.shiro.web.util.WebUtils;
import org.springframework.context.annotation.DependsOn;
import org.springframework.stereotype.Component;

@DependsOn({"springContextHolder"})
@Component
/* loaded from: input_file:com/jxdinfo/hussar/core/intercept/HussarUserFilter.class */
public class HussarUserFilter extends AccessControlFilter {
    protected boolean isAccessAllowed(ServletRequest servletRequest, ServletResponse servletResponse, Object obj) {
        return isLoginRequest(servletRequest, servletResponse) || getSubject(servletRequest, servletResponse).getPrincipal() != null;
    }

    protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        HttpServletRequest http = WebUtils.toHttp(servletRequest);
        HttpServletResponse http2 = WebUtils.toHttp(servletResponse);
        if (http.getHeader("x-requested-with") != null && "XMLHttpRequest".equalsIgnoreCase(http.getHeader("x-requested-with"))) {
            http2.setHeader("sessionstatus", "timeout");
            return false;
        }
        if (http.getHeader("Referer") == null) {
            saveRequestAndRedirectToLogin(servletRequest, servletResponse);
            return false;
        }
        if (ShiroKit.getSession().getAttribute("sessionFlag") != null) {
            saveRequestAndRedirectToLogin(servletRequest, servletResponse);
            return false;
        }
        http.setAttribute("tips", "");
        http.getRequestDispatcher("/login.html").forward(servletRequest, servletResponse);
        return false;
    }
}
