package org.springframework.extensions.surf.mvc;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.extensions.config.WebFrameworkConfigElement;
import org.springframework.extensions.surf.UserFactory;
import org.springframework.extensions.surf.site.AuthenticationUtil;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.mvc.AbstractController;

/* loaded from: input_file:WEB-INF/lib/spring-surf-8.16.jar:org/springframework/extensions/surf/mvc/AbstractLoginController.class */
public abstract class AbstractLoginController extends AbstractController {
    protected static final String PARAM_PASSWORD = "password";
    protected static final String PARAM_USERNAME = "username";
    private UserFactory userFactory;
    private WebFrameworkConfigElement webFrameworkConfiguration;

    public void setUserFactory(UserFactory userFactory) {
        this.userFactory = userFactory;
    }

    public void setWebFrameworkConfiguration(WebFrameworkConfigElement webFrameworkConfigElement) {
        this.webFrameworkConfiguration = webFrameworkConfigElement;
    }

    @Override // org.springframework.web.servlet.mvc.AbstractController
    public ModelAndView handleRequestInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        httpServletRequest.setCharacterEncoding("UTF-8");
        String parameter = httpServletRequest.getParameter(PARAM_USERNAME);
        String parameter2 = httpServletRequest.getParameter(PARAM_PASSWORD);
        boolean z = false;
        try {
            if (httpServletRequest.getSession(false) != null && httpServletRequest.getSession().getAttribute(UserFactory.SESSION_ATTRIBUTE_KEY_USER_ID) != null) {
                AuthenticationUtil.logout(httpServletRequest, httpServletResponse);
            }
            if (this.userFactory.authenticate(httpServletRequest, parameter, parameter2)) {
                AuthenticationUtil.login(httpServletRequest, httpServletResponse, parameter, false, this.webFrameworkConfiguration.isLoginCookiesEnabled());
                z = true;
            }
            if (z) {
                onSuccess(httpServletRequest, httpServletResponse);
                return null;
            }
            onFailure(httpServletRequest, httpServletResponse);
            return null;
        } catch (Throwable th) {
            throw new ServletException(th);
        }
    }

    protected abstract void onFailure(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception;

    protected abstract void onSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception;
}
