package de.frachtwerk.essencium.backend.controller;

import de.frachtwerk.essencium.backend.model.AbstractBaseUser;
import de.frachtwerk.essencium.backend.model.dto.PasswordUpdateRequest;
import de.frachtwerk.essencium.backend.model.dto.UserDto;
import de.frachtwerk.essencium.backend.service.AbstractUserService;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.tags.Tag;
import jakarta.validation.constraints.NotNull;
import java.io.Serializable;
import java.util.Set;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.http.HttpMethod;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseStatus;
import org.springframework.web.bind.annotation.RestController;

@RequestMapping({"/v1"})
@RestController
@ConditionalOnProperty(value = {"essencium-backend.overrides.reset-credentials-controller"}, havingValue = "false", matchIfMissing = true)
@Tag(name = "ResetCredentialsController", description = "Set of endpoints used to reset a user's credentials, given a valid reset token as previously received via email")
/* loaded from: input_file:de/frachtwerk/essencium/backend/controller/ResetCredentialsController.class */
public class ResetCredentialsController<USER extends AbstractBaseUser<ID>, ID extends Serializable, USERDTO extends UserDto<ID>> {
    private final AbstractUserService<USER, ID, USERDTO> userService;

    @Autowired
    ResetCredentialsController(@NotNull AbstractUserService<USER, ID, USERDTO> abstractUserService) {
        this.userService = abstractUserService;
    }

    @PostMapping({"/reset-credentials"})
    @ResponseStatus(HttpStatus.NO_CONTENT)
    @Operation(description = "Request a new reset token via email")
    public void requestResetToken(@NotNull @RequestBody String str) {
        try {
            Thread.sleep(((int) (Math.random() * 2200.0d)) + 800);
        } catch (InterruptedException e) {
        }
        this.userService.createResetPasswordToken(str);
    }

    @PostMapping({"/set-password"})
    @ResponseStatus(HttpStatus.NO_CONTENT)
    @Operation(description = "Update the password of the user, who the given reset token belongs to")
    public void setNewPassword(@NotNull @RequestBody PasswordUpdateRequest passwordUpdateRequest) {
        this.userService.resetPasswordByToken(passwordUpdateRequest.verification(), passwordUpdateRequest.password());
    }

    @ExceptionHandler({UsernameNotFoundException.class})
    @ResponseStatus(HttpStatus.NO_CONTENT)
    public void handleUsernameNotFoundException() {
        try {
            Thread.sleep(800L);
        } catch (InterruptedException e) {
        }
    }

    @RequestMapping(value = {"/**"}, method = {RequestMethod.OPTIONS})
    public final ResponseEntity<?> collectionOptions() {
        return ResponseEntity.ok().allow((HttpMethod[]) getAllowedMethods().toArray(new HttpMethod[0])).build();
    }

    protected Set<HttpMethod> getAllowedMethods() {
        return Set.of(HttpMethod.HEAD, HttpMethod.POST, HttpMethod.OPTIONS);
    }
}
