package org.apache.shiro.samples.sprhib.web;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.validation.BindingResult;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;

@Controller
/* loaded from: input_file:WEB-INF/classes/org/apache/shiro/samples/sprhib/web/SecurityController.class */
public class SecurityController {
    private LoginValidator loginValidator = new LoginValidator();

    @RequestMapping(value = {"/login"}, method = {RequestMethod.GET})
    public String showLoginForm(Model model, @ModelAttribute LoginCommand loginCommand) {
        return "login";
    }

    @RequestMapping(value = {"/login"}, method = {RequestMethod.POST})
    public String login(Model model, @ModelAttribute LoginCommand loginCommand, BindingResult bindingResult) {
        this.loginValidator.validate(loginCommand, bindingResult);
        if (bindingResult.hasErrors()) {
            return showLoginForm(model, loginCommand);
        }
        try {
            SecurityUtils.getSubject().login(new UsernamePasswordToken(loginCommand.getUsername(), loginCommand.getPassword(), loginCommand.isRememberMe()));
        } catch (AuthenticationException e) {
            bindingResult.reject("error.login.generic", "Invalid username or password.  Please try again.");
        }
        return bindingResult.hasErrors() ? showLoginForm(model, loginCommand) : "redirect:/s/home";
    }

    @RequestMapping({"/logout"})
    public String logout() {
        SecurityUtils.getSubject().logout();
        return "redirect:/";
    }
}
