package cn.star.interceptor;

import cn.star.util.JwtUtil;
import io.jsonwebtoken.Claims;
import org.springframework.web.servlet.HandlerInterceptor;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.PrintWriter;

public class TokenInterceptor implements HandlerInterceptor {

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        //获取请求头中的token

        String token = request.getHeader("Authorization");

        //验证token格式
        if(token == null || !token.startsWith("Bearer")) {
            returnError(response,"请先登录");
            return false;
        }
        token = token.substring(7);

        //验证token有效性
        if (!JwtUtil.isTokenValid(token)) {
            returnError(response,"登录已过期，请重新登录");
            return false;
        }

        //解析token获取角色，存入request继续使用
        Claims claims = JwtUtil.parseToken(token);
        request.setAttribute("userId",claims.get("userId",Long.class));
        request.setAttribute("role",claims.get("role",Long.class));
         return true;
    }

    //返回错误信息
    private void returnError(HttpServletResponse response, String message) throws Exception {
        response.setContentType("text/html;charset=UTF-8");
        PrintWriter out = response.getWriter();
        out.write("<script>alert('" + message + "'); window.location.href='/login.html';</script>");
        out.flush();
        out.close();

    }
}