package com.shopB2C.web.csrf;

import com.shopB2C.core.exception.BusinessException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

/* loaded from: input_file:assets/apps/H52C69F7D/www/h5/classes/com/shopB2C/web/csrf/CsrfInterceptor.class */
public class CsrfInterceptor extends HandlerInterceptorAdapter {
    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        if (!"POST".equalsIgnoreCase(httpServletRequest.getMethod())) {
            return true;
        }
        String tokenFromRequest = CsrfTokenManager.getTokenFromRequest(httpServletRequest);
        if (tokenFromRequest != null && tokenFromRequest.equals(httpServletRequest.getSession().getAttribute(CsrfTokenManager.CSRF_TOKEN_FOR_SESSION_ATTR_NAME))) {
            return true;
        }
        new BusinessException("请使用正确的方式提交，不要进行重复的提交操作！");
        return true;
    }
}
