package com.stianlarsen.todoapp.controller.password;

import com.stianlarsen.todoapp.controller.user.ApiResponse;
import com.stianlarsen.todoapp.model.PasswordResetToken;
import com.stianlarsen.todoapp.model.User;
import com.stianlarsen.todoapp.repository.PasswordResetTokenRepository;
import com.stianlarsen.todoapp.repository.UserRepository;
import com.stianlarsen.todoapp.service.EmailService;
import com.stianlarsen.todoapp.service.UserService;
import java.time.Instant;
import java.util.UUID;
import kotlin.Metadata;
import kotlin.jvm.internal.Intrinsics;
import org.jetbrains.annotations.NotNull;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.web.bind.annotation.CrossOrigin;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

/* compiled from: PasswordController.kt */
@RequestMapping({"/api/user"})
@Metadata(mv = {1, 9, 0}, k = 1, xi = 48, d1 = {"��J\n\u0002\u0018\u0002\n\u0002\u0010��\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n��\b\u0017\u0018��2\u00020\u0001B%\u0012\u0006\u0010\u0002\u001a\u00020\u0003\u0012\u0006\u0010\u0004\u001a\u00020\u0005\u0012\u0006\u0010\u0006\u001a\u00020\u0007\u0012\u0006\u0010\b\u001a\u00020\t¢\u0006\u0002\u0010\nJ\u0018\u0010\u000b\u001a\b\u0012\u0004\u0012\u00020\r0\f2\b\b\u0001\u0010\u000e\u001a\u00020\u000fH\u0017J\u0018\u0010\u0010\u001a\b\u0012\u0004\u0012\u00020\u00010\f2\b\b\u0001\u0010\u000e\u001a\u00020\u0011H\u0017J\u0018\u0010\u0012\u001a\b\u0012\u0004\u0012\u00020\u00010\f2\b\b\u0001\u0010\u000e\u001a\u00020\u0013H\u0017J\u001e\u0010\u0014\u001a\u000e\u0012\n\u0012\b\u0012\u0004\u0012\u00020\u00010\u00150\f2\b\b\u0001\u0010\u000e\u001a\u00020\u0016H\u0017R\u000e\u0010\u0002\u001a\u00020\u0003X\u0092\u0004¢\u0006\u0002\n��R\u000e\u0010\u0006\u001a\u00020\u0007X\u0092\u0004¢\u0006\u0002\n��R\u000e\u0010\u0004\u001a\u00020\u0005X\u0092\u0004¢\u0006\u0002\n��R\u000e\u0010\b\u001a\u00020\tX\u0092\u0004¢\u0006\u0002\n��¨\u0006\u0017"}, d2 = {"Lcom/stianlarsen/todoapp/controller/password/PasswordController;", "", "emailService", "Lcom/stianlarsen/todoapp/service/EmailService;", "userRepository", "Lcom/stianlarsen/todoapp/repository/UserRepository;", "passwordResetTokenRepository", "Lcom/stianlarsen/todoapp/repository/PasswordResetTokenRepository;", "userService", "Lcom/stianlarsen/todoapp/service/UserService;", "(Lcom/stianlarsen/todoapp/service/EmailService;Lcom/stianlarsen/todoapp/repository/UserRepository;Lcom/stianlarsen/todoapp/repository/PasswordResetTokenRepository;Lcom/stianlarsen/todoapp/service/UserService;)V", "checkPasswordMatch", "Lorg/springframework/http/ResponseEntity;", "Ljava/lang/Void;", "request", "Lcom/stianlarsen/todoapp/controller/password/PasswordMatchRequest;", "forgotUserPassword", "Lcom/stianlarsen/todoapp/controller/password/ForgotPasswordRequest;", "resetUserPassword", "Lcom/stianlarsen/todoapp/controller/password/ResetPasswordRequest;", "updateCurrentUserPassword", "Lcom/stianlarsen/todoapp/controller/user/ApiResponse;", "Lcom/stianlarsen/todoapp/controller/password/UpdateCurrentPasswordRequest;", "todoapp"})
@RestController
@CrossOrigin({"*"})
/* loaded from: input_file:BOOT-INF/classes/com/stianlarsen/todoapp/controller/password/PasswordController.class */
public class PasswordController {

    @NotNull
    private final EmailService emailService;

    @NotNull
    private final UserRepository userRepository;

    @NotNull
    private final PasswordResetTokenRepository passwordResetTokenRepository;

    @NotNull
    private final UserService userService;

    public PasswordController(@NotNull EmailService emailService, @NotNull UserRepository userRepository, @NotNull PasswordResetTokenRepository passwordResetTokenRepository, @NotNull UserService userService) {
        Intrinsics.checkNotNullParameter(emailService, "emailService");
        Intrinsics.checkNotNullParameter(userRepository, "userRepository");
        Intrinsics.checkNotNullParameter(passwordResetTokenRepository, "passwordResetTokenRepository");
        Intrinsics.checkNotNullParameter(userService, "userService");
        this.emailService = emailService;
        this.userRepository = userRepository;
        this.passwordResetTokenRepository = passwordResetTokenRepository;
        this.userService = userService;
    }

    @PostMapping({"/forgot-password"})
    @NotNull
    public ResponseEntity<Object> forgotUserPassword(@RequestBody @NotNull ForgotPasswordRequest request) {
        ResponseEntity<Object> responseEntity;
        Intrinsics.checkNotNullParameter(request, "request");
        User findByEmail = this.userRepository.findByEmail(request.getEmail());
        if (findByEmail != null) {
            String uuid = UUID.randomUUID().toString();
            Intrinsics.checkNotNullExpressionValue(uuid, "toString(...)");
            this.emailService.createPasswordResetTokenForUser(findByEmail, uuid);
            this.emailService.sendPasswordResetEmail(findByEmail, uuid);
            responseEntity = ResponseEntity.ok("Password reset link has been sent to your email.");
        } else {
            responseEntity = null;
        }
        ResponseEntity<Object> responseEntity2 = responseEntity;
        if (responseEntity2 != null) {
            return responseEntity2;
        }
        ResponseEntity<Object> body = ResponseEntity.badRequest().body("Email address not found.");
        Intrinsics.checkNotNullExpressionValue(body, "body(...)");
        return body;
    }

    @PostMapping({"/reset-password"})
    @NotNull
    public ResponseEntity<Object> resetUserPassword(@RequestBody @NotNull ResetPasswordRequest request) {
        Intrinsics.checkNotNullParameter(request, "request");
        PasswordResetToken findByToken = this.passwordResetTokenRepository.findByToken(request.getToken());
        if (findByToken == null) {
            ResponseEntity<Object> body = ResponseEntity.badRequest().body("Password has already been reset.");
            Intrinsics.checkNotNullExpressionValue(body, "body(...)");
            return body;
        }
        BCryptPasswordEncoder bCryptPasswordEncoder = new BCryptPasswordEncoder();
        String password = findByToken.getUser().getPassword();
        String newPassword = request.getNewPassword();
        if (bCryptPasswordEncoder.matches(newPassword, password)) {
            ResponseEntity<Object> body2 = ResponseEntity.badRequest().body("You cannot use the same password.");
            Intrinsics.checkNotNullExpressionValue(body2, "body(...)");
            return body2;
        }
        if (!findByToken.getExpiryDate().isAfter(Instant.now())) {
            ResponseEntity<Object> body3 = ResponseEntity.badRequest().body("Invalid or expired token.");
            Intrinsics.checkNotNullExpressionValue(body3, "body(...)");
            return body3;
        }
        User user = findByToken.getUser();
        String encode = bCryptPasswordEncoder.encode(newPassword);
        Intrinsics.checkNotNullExpressionValue(encode, "encode(...)");
        user.setPassword(encode);
        this.userRepository.save(user);
        this.passwordResetTokenRepository.deleteById(Long.valueOf(findByToken.getId()));
        ResponseEntity<Object> ok = ResponseEntity.ok("Your password has been successfully reset.");
        Intrinsics.checkNotNullExpressionValue(ok, "ok(...)");
        return ok;
    }

    @PostMapping(value = {"/update-current-password"}, consumes = {"application/json"})
    @NotNull
    public ResponseEntity<ApiResponse<Object>> updateCurrentUserPassword(@RequestBody @NotNull UpdateCurrentPasswordRequest request) {
        Intrinsics.checkNotNullParameter(request, "request");
        User findByUserId = this.userRepository.findByUserId(request.getUserId());
        if (findByUserId == null) {
            ResponseEntity<ApiResponse<Object>> body = ResponseEntity.status(HttpStatus.NOT_FOUND).body(new ApiResponse(false, "User not found.", null, 4, null));
            Intrinsics.checkNotNullExpressionValue(body, "body(...)");
            return body;
        }
        BCryptPasswordEncoder bCryptPasswordEncoder = new BCryptPasswordEncoder();
        System.out.println((Object) ("\n\nCurrent password: " + request.getCurrentPassword()));
        System.out.println((Object) ("New password: " + request.getNewPassword()));
        if (!bCryptPasswordEncoder.matches(request.getCurrentPassword(), findByUserId.getPassword())) {
            System.out.println((Object) "\n\nCurrent password is incorrect.");
            ResponseEntity<ApiResponse<Object>> body2 = ResponseEntity.status(HttpStatus.UNAUTHORIZED).body(new ApiResponse(false, "Current password is incorrect.", null));
            Intrinsics.checkNotNullExpressionValue(body2, "body(...)");
            return body2;
        }
        if (bCryptPasswordEncoder.matches(request.getNewPassword(), findByUserId.getPassword())) {
            System.out.println((Object) "\n\nYou cannot use the same password.");
            ResponseEntity<ApiResponse<Object>> body3 = ResponseEntity.status(HttpStatus.BAD_REQUEST).body(new ApiResponse(false, "You cannot use the same password.", null));
            Intrinsics.checkNotNullExpressionValue(body3, "body(...)");
            return body3;
        }
        System.out.println((Object) "\n\nPassword updated successfully.");
        String encode = bCryptPasswordEncoder.encode(request.getNewPassword());
        Intrinsics.checkNotNullExpressionValue(encode, "encode(...)");
        findByUserId.setPassword(encode);
        this.userRepository.save(findByUserId);
        this.userService.updateUserUpdatedAtNow(findByUserId.getUserId());
        ResponseEntity<ApiResponse<Object>> ok = ResponseEntity.ok(new ApiResponse(true, "Your password has been successfully updated.", null));
        Intrinsics.checkNotNullExpressionValue(ok, "ok(...)");
        return ok;
    }

    @PostMapping(value = {"/password-match"}, consumes = {"application/json"})
    @NotNull
    public ResponseEntity<Void> checkPasswordMatch(@RequestBody @NotNull PasswordMatchRequest request) {
        Intrinsics.checkNotNullParameter(request, "request");
        User findByUserId = this.userRepository.findByUserId(request.getUserId());
        if (findByUserId == null) {
            ResponseEntity build = ResponseEntity.status(HttpStatus.NOT_FOUND).build();
            Intrinsics.checkNotNullExpressionValue(build, "build(...)");
            return build;
        }
        BCryptPasswordEncoder bCryptPasswordEncoder = new BCryptPasswordEncoder();
        System.out.println((Object) ("\n\nCurrent password: " + request.getCurrentPassword()));
        if (bCryptPasswordEncoder.matches(request.getCurrentPassword(), findByUserId.getPassword())) {
            ResponseEntity build2 = ResponseEntity.ok().build();
            Intrinsics.checkNotNullExpressionValue(build2, "build(...)");
            return build2;
        }
        System.out.println((Object) "\n\nCurrent password is incorrect.");
        ResponseEntity build3 = ResponseEntity.status(HttpStatus.UNAUTHORIZED).build();
        Intrinsics.checkNotNullExpressionValue(build3, "build(...)");
        return build3;
    }
}
