<?php


namespace app\api\controller;


use app\admin\model\sms\SmsRecord;
use app\http\validates\user\RegisterValidates;
use app\models\redis\SystemCarousel;
use app\models\user\User;
use app\models\user\UserToken;
use app\models\user\WechatUser;
use app\Request;
use crmeb\jobs\TestJob;
use crmeb\repositories\ShortLetterRepositories;
use crmeb\services\CacheService;
use crmeb\services\UtilService;
use think\facade\Cache;
use think\exception\ValidateException;
use think\facade\Config;
use think\facade\Queue;
use think\facade\Session;

/**微信小程序授权类
 * Class AuthController
 * @package app\api\controller
 */
class AuthController
{

    /**
     * @api {post} /login H5账号登陆
     * @apiName Login
     * @apiGroup Login
     * 
     * @apiBody {string} account 輸入帐号.
     * @apiBody {string} password 輸入密碼(明文).
     * @apiBody {int} [spread] 上级 UID
     * 
     * @apiSuccessExample Success-Response:
     *  HTTP/1.1 200 OK
     *  {
     *      "token": "xxxcvc",
     *      "expires_time": "2000-11-01 08:09:10"
     *  }
     * 
     * @apiErrorExample {json} Error-Response:
     *  {
     *      "status":400,
     *      "msg": ["账号或密码错误", "已被禁止，请联系管理员","登录失败"]
     *  }
     */
    public function login(Request $request)
    {

        $user = User::where('account', $request->param('account'))->find();
        if ($user) {
            if ($user->pwd !== md5($request->param('password')))
                return app('json')->fail('账号或密码错误');
            if ($user->pwd === md5(123456))
                return app('json')->fail('请修改您的初始密码，再尝试登陆！');
        } else {
            return app('json')->fail('账号或密码错误');
        }
        if (!$user['status'])
            return app('json')->fail('已被禁止，请联系管理员');


        // 设置推广关系
        User::setSpread(intval($request->param('spread')), $user->uid);

        $token = UserToken::createToken($user, 'user');

        if ($token) {
            event('UserLogin', [$user, $token]);
            return app('json')->success('登录成功', ['token' => $token->token, 'expires_time' => $token->expires_time]);
        } else
            return app('json')->fail('登录失败');
    }

    /**
     * @api {get} /logout 退出登录
     * @apiName Logout
     * @apiGroup User
     * 
     * @apiSuccessExample Success-Response:
     *  HTTP/1.1 200 OK
     *  {
     *      "status": 200
     *      "msg": "成功"
     *  }
     * 
     * @apiErrorExample Error-Response:
     * {
     *      "status": 410000,
     *      "msg": "请登录"
     * }
     */
    public function logout(Request $request)
    {
        $request->tokenData()->delete();
        return app('json')->success('成功');
    }

    /**
     * @api {get} /verify_code 获取发短信的 KEY
     * @apiName GetVerificationCode
     * @apiGroup Login 
     *
     * @apiSuccessExample Success-Response:
     * {
     *  "status": 200,
     *  "key": "dfsdfdsfdg"
     * }
     * 
     * @apiDeprecated 先获取 key 再发短信没用，并不能防止客户端脚本。起码要先获取验证码，用户输入验证码再发短信。
     * 因为现在短信平台都有防攻击机制，这方面的功能暂时不做。
     */
    public function verifyCode()
    {
        $unique = password_hash(uniqid(true), PASSWORD_BCRYPT);
        Cache::set('sms.key.' . $unique, 0, 300);

        return app('json')->success(['key' => $unique]);
    }

    /**
     * @api {get} /sms_captcha 获取发送短信的验证码
     * @apiName GetSmsCaptcha
     * @apiGroup Login
     * 
     * @apiSuccessExample Success-Response:
     * 二进制图片信息
     * 
     * @apiDeprecated: 不再返回二进制信息，对于简单的二维码，直接返回 base64 编码的图片内容
     */
    public function captcha(Request $request)
    {
        ob_clean();
        $rep = captcha();
        $key = app('session')->get('captcha.key');
        $uni = $request->get('key');
        if ($uni)
            Cache::set('sms.key.cap.' . $uni, $key, 300);

        return $rep;
    }

    /**
     * 验证验证码是否正确
     *
     * @param $uni
     * @param string $code
     * @return bool
     * @throws \Psr\SimpleCache\InvalidArgumentException
     */
    protected function checkCaptcha($uni, string $code): bool
    {
        $cacheName = 'sms.key.cap.' . $uni;
        if (!Cache::has($cacheName)) {
            return false;
        }

        $key = Cache::get($cacheName);

        $code = mb_strtolower($code, 'UTF-8');

        $res = password_verify($code, $key);

        if ($res) {
            Cache::delete($cacheName);
        }

        return $res;
    }

    /**
     * @api {post} /register/verify 验证码发送SMS
     * @apiName PostRegisterVerify
     * @apiGroup Login
     * 
     * @apiBody {string} phone 手机号
     * @apiBody {string="register","login"} type
     * @apiBody {string} code   用户识别验证码后的值
     * @apiBody {string} key   通过 /verify_code 得到的 KEY
     * 
     * @apiSuccessExample:
     * {
     *  "status": 200,
     *  "msg": "发送成功"
     * }
     * @apiErrorExample:
     * {
     *  "status": 400,
     *  "msg": "error msg"
     * }
     */
    public function verify(Request $request)
    {
        list($phone, $type, $key, $code) = UtilService::postMore([
            ['phone', ''], 
            ['type', ''], 
            ['key', ''], 
            ['code', '']], $request, true);

        $keyName = 'sms.key.' . $key;
        $nowKey = 'sms.' . date('YmdHi');

        if (!Cache::has($keyName))
            return app('json')->make(401, '发送验证码失败');

        if (($num = Cache::get($keyName)) > 2) {
            if (!$code)
                return app('json')->make(402, '请输入验证码');

            if (!$this->checkCaptcha($key, $code))
                return app('json')->fail('验证码输入有误');
        }

        $total = 1;
        if ($has = Cache::has($nowKey)) {
            $total = Cache::get($nowKey);
            if ($total > Config::get('sms.maxMinuteCount', 20))
                return app('json')->success('已发送');
        }

        try {
            validate(RegisterValidates::class)->scene('code')->check(['phone' => $phone]);
        } catch (ValidateException $e) {
            return app('json')->fail($e->getError());
        }
        if (User::checkPhone($phone) && $type == 'register') return app('json')->fail('手机号已注册');
        if (!User::checkPhone($phone) && $type == 'login') return app('json')->fail('账号不存在！');
        $default = Config::get('sms.default', 'yunxin');
        $defaultMaxPhoneCount = Config::get('sms.maxPhoneCount', 10);
        $defaultMaxIpCount = Config::get('sms.maxIpCount', 50);
        $maxPhoneCount = Config::get('sms.stores.' . $default . '.maxPhoneCount', $defaultMaxPhoneCount);
        $maxIpCount = Config::get('sms.stores.' . $default . '.maxIpCount', $defaultMaxIpCount);
        if (SmsRecord::where('phone', $phone)->where('add_ip', $request->ip())->whereDay('add_time')->count() >= $maxPhoneCount) {
            return app('json')->fail('您今日发送得短信次数已经达到上限');
        }
        if (SmsRecord::where('add_ip', $request->ip())->whereDay('add_time')->count() >= $maxIpCount) {
            return app('json')->fail('此IP今日发送次数已经达到上限');
        }
        $time = 60;
        if (CacheService::get('code_' . $phone))
            return app('json')->fail($time . '秒内有效');
        $code = rand(100000, 999999);
        $data['code'] = $code;
        $res = ShortLetterRepositories::send(true, $phone, $data, 'VERIFICATION_CODE');
        if ($res !== true)
            return app('json')->fail('短信平台验证码发送失败' . $res);
        CacheService::set('code_' . $phone, $code, $time);
        Cache::set($keyName, $num + 1, 300);
        Cache::set($nowKey, $total, 61);

        return app('json')->success('发送成功');
    }

    /**
     * @api {post} /register H5注册新用户
     * @apiName PostRegister
     * @apiGroup Login
     * 
     * @apiBody {string} account 帐号，手机号
     * @apiBody {string} captcha    短信验证码
     * @apiBody {string{6,16}} password   密码
     * @apiBody {int} [spread] 推广上级
     * 
     * @apiSuccessExample:
     * {
     *  "status": 200,
     *  "msg": "注册成功"
     * }
     * @apiErrorExample:
     * {
     *  "status": 400,
     *  "msg": "error msg"
     * }
     */
    public function register(Request $request)
    {
        list($account, $captcha, $password, $spread) = UtilService::postMore([
            ['account', ''], 
            ['captcha', ''], 
            ['password', ''], 
            ['spread', 0]], $request, true);
        try {
            validate(RegisterValidates::class)->scene('register')->check(['account' => $account, 'captcha' => $captcha, 'password' => $password]);
        } catch (ValidateException $e) {
            return app('json')->fail($e->getError());
        }
        $verifyCode = CacheService::get('code_' . $account);
        if (!$verifyCode)
            return app('json')->fail('请先获取验证码');
        $verifyCode = substr($verifyCode, 0, 6);
        if ($verifyCode != $captcha)
            return app('json')->fail('验证码错误');
        if (strlen(trim($password)) < 6 || strlen(trim($password)) > 16)
            return app('json')->fail('密码必须是在6到16位之间');
        if ($password == '123456') return app('json')->fail('密码太过简单，请输入较为复杂的密码');
        $registerStatus = User::register($account, $password, $spread);
        if ($registerStatus) return app('json')->success('注册成功');
        return app('json')->fail(User::getErrorInfo('注册失败'));
    }

    /**
     * @api {post} /register/reset 重置密码
     * @apiName PostRegisterReset
     * @apiGroup Login
     * 
     * @apiBody {string} account 帐号手机号
     * @apiBody {string} captcha 短信验证码
     * @apiBody {string} password 新密码
     * 
     * @apiSuccessExample:
     * {
     *  "status": 200,
     *  "msg": "修改成功"
     * }
     * @apiErrorExample:
     * {
     *  "status": 400,
     *  "msg": "error msg"
     * }
     */
    public function reset(Request $request)
    {
        list($account, $captcha, $password) = UtilService::postMore([
            ['account', ''], 
            ['captcha', ''], 
            ['password', '']], $request, true);
        try {
            validate(RegisterValidates::class)->scene('register')->check(['account' => $account, 'captcha' => $captcha, 'password' => $password]);
        } catch (ValidateException $e) {
            return app('json')->fail($e->getError());
        }
        $verifyCode = CacheService::get('code_' . $account);
        if (!$verifyCode)
            return app('json')->fail('请先获取验证码');
        $verifyCode = substr($verifyCode, 0, 6);
        if ($verifyCode != $captcha)
            return app('json')->fail('验证码错误');
        if (strlen(trim($password)) < 6 || strlen(trim($password)) > 16)
            return app('json')->fail('密码必须是在6到16位之间');
        if ($password == '123456') return app('json')->fail('密码太过简单，请输入较为复杂的密码');
        $resetStatus = User::reset($account, $password);
        if ($resetStatus) return app('json')->success('修改成功');
        return app('json')->fail(User::getErrorInfo('修改失败'));
    }

    /**
     * @api {post} /login/mobile 手机号登录
     * @apiName PostLoginMobile
     * @apiGroup Login
     * 
     * @apiBody {string} phone: 手机号
     * @apiBody {string} captcha: 验证码
     * @apiBody {int} [spread]: 推广上级
     * 
     * @apiSuccessExample Success-Response:
     * {
     *  "token": "xxdfgfgfg",
     *  "expires_time": "2020-01-01 10:11:23"
     * }
     * 
     * @apiErrorExample Error-Response:
     * {
     *  "status": 400,
     *  "msg": "error msg"
     * }
     */
    public function mobile(Request $request)
    {
        list($phone, $captcha, $spread) = UtilService::postMore([['phone', ''], ['captcha', ''], ['spread', 0]], $request, true);

        //验证手机号
        try {
            validate(RegisterValidates::class)->scene('code')->check(['phone' => $phone]);
        } catch (ValidateException $e) {
            return app('json')->fail($e->getError());
        }

        //验证验证码
        $verifyCode = CacheService::get('code_' . $phone);
        if (!$verifyCode)
            return app('json')->fail('请先获取验证码');
        $verifyCode = substr($verifyCode, 0, 6);
        if ($verifyCode != $captcha)
            return app('json')->fail('验证码错误');

        //数据库查询
        $user = User::where('account', $phone)->find();
        if (!$user)
            return app('json')->fail('用户不存在');
        if (!$user->status)
            return app('json')->fail('已被禁止，请联系管理员');

        // 设置推广关系
        User::setSpread($spread, $user->uid);

        $token = UserToken::createToken($user, 'user');

        if ($token) {
            event('UserLogin', [$user, $token]);
            return app('json')->success('登录成功', ['token' => $token->token, 'expires_time' => $token->expires_time]);
        } else
            return app('json')->fail('登录失败');
    }

    /**
     * @api {post} /switch_h5 H5切换帐号登陆
     * @apiName SwitchH5
     * @apiGroup User
     * 
     * @apiBody {string} from 客户端类型 h5
     * 
     * @apiSuccessExample Success-Response:
     * {
     *  "userinfo": {
     *  },
     *  "token": "xxdfdg",
     *  "expires_time": ""
     * }
     * @apiErrorExample Error-Response:
     * {
     *  "status": 400,
     *  "msg": "error msg"
     * }
     * 
     * @apiDeprecated 不用切换帐号，切啥切？退出重新登录
     */
    public function switch_h5(Request $request)
    {
        $from = $request->post('from', 'wechat');
        $user = $request->user();
        if ($from === 'h5') {
            $user = User::where('phone', $user['phone'])->where('user_type', '<>', 'h5')->find();
            $user->login_type = 'wechat';
            $user->save();
        } else {
            //数据库查询
            $user = User::where('account|phone', $user['phone'])->where('user_type', 'h5')->find();
            if (!$user)
                return app('json')->fail('H5用户不存在,无法切换');

            if (!$user->status) return app('json')->fail('已被禁止，请联系管理员');

            $wechatUserInfo = WechatUser::where('uid', $request->uid())->find();//当前登陆用户信息
            $wechatH5UserInfo = WechatUser::where('uid', $user->uid)->find();//H5登陆切换用户信息

            if ($wechatH5UserInfo->unionid && $wechatUserInfo->unionid != $wechatH5UserInfo->unionid)
                return app('json')->fail('您的账号已绑定特定用户无法切换到此用户上');
            if ($wechatH5UserInfo->openid && $wechatUserInfo->openid != $wechatH5UserInfo->openid)
                return app('json')->fail('您的账号已绑定特定用户无法切换到此用户上');
            if ($wechatH5UserInfo->routine_openid && $wechatUserInfo->routine_openid != $wechatH5UserInfo->routine_openid)
                return app('json')->fail('您的账号已绑定特定用户无法切换到此用户上');

            switch ($from) {
                case 'wechat':
                    if (!$wechatH5UserInfo->openid)
                        $wechatH5UserInfo->openid = $wechatUserInfo->openid;
                    if (!$wechatH5UserInfo->unionid && $wechatUserInfo->unionid)
                        $wechatH5UserInfo->unionid = $wechatUserInfo->unionid;
                    break;
                case 'routine':
                    if (!$wechatH5UserInfo->routine_openid)
                        $wechatH5UserInfo->routine_openid = $wechatUserInfo->routine_openid;
                    if (!$wechatH5UserInfo->unionid && $wechatUserInfo->unionid)
                        $wechatH5UserInfo->unionid = $wechatUserInfo->unionid;
                    break;
            }
            $wechatH5UserInfo->save();
            User::where('uid', $request->uid())->update(['login_type' => 'h5']);
        }
        $token = UserToken::createToken($user, 'user');
        if ($token) {
            event('UserLogin', [$user, $token]);
            //退出上一个账号
            $request->tokenData()->delete();
            return app('json')->success('登录成功', ['userInfo' => $user, 'token' => $token->token, 'expires_time' => $token->expires_time, 'time' => strtotime($token->expires_time)]);
        } else
            return app('json')->fail('登录失败');
    }

    /**
     * @api {post} /binding 绑定手机号
     * @apiName PostBinding
     * @apiGroup User
     * 
     * @apiBody {string} phone 绑定的手机号
     * @apiBody {string} captcha 验证码
     * @apiBody {int} [step] 已绑定是否支持重复绑定 1 支持 0 不支持
     * 
     * @apiSuccessExample:
     * {
     *  "status": 200
     * }
     * 
     * @apiErrorExample:
     * {
     *  "status": 400,
     *  "msg": "error msg"
     * }
     */
    public function binding_phone(Request $request)
    {
        list($phone, $captcha, $step) = UtilService::postMore([
            ['phone', ''],
            ['captcha', ''],
            ['step', 0]
        ], $request, true);

        //验证手机号
        try {
            validate(RegisterValidates::class)->scene('code')->check(['phone' => $phone]);
        } catch (ValidateException $e) {
            return app('json')->fail($e->getError());
        }

        //验证验证码
        $verifyCode = CacheService::get('code_' . $phone);
        if (!$verifyCode)
            return app('json')->fail('请先获取验证码');
        $verifyCode = substr($verifyCode, 0, 6);
        if ($verifyCode != $captcha)
            return app('json')->fail('验证码错误');

        $userInfo = User::where('uid', $request->uid())->find();
        $userPhone = $userInfo->phone;
        if (!$userInfo) return app('json')->fail('用户不存在');
        if ($userInfo->phone) return app('json')->fail('您的账号已经绑定过手机号码！');
        if (User::where('phone', $phone)->where('user_type', '<>', 'h5')->count())
            return app('json')->fail('此手机已经绑定，无法多次绑定！');
        if (User::where('account', $phone)->where('phone', $phone)->where('user_type', 'h5')->find()) {
            if (!$step) return app('json')->success('H5已有账号是否绑定此账号上', ['is_bind' => 1]);
            $userInfo->phone = $phone;
        } else {
            $userInfo->account = $phone;
            $userInfo->phone = $phone;
        }
        if ($userInfo->save() || $userPhone == $phone)
            return app('json')->success('绑定成功');
        else
            return app('json')->fail('绑定失败');
    }

    /** 
     * @api {get} /notifications 不登录模拟推送
     * @apiName GetNotifications
     * @apiGroup Message
     * 
     * @apiSuccessExample:
     * {
     *  "status": 200,
     *  "msg": "ok",
     *  "data": {
     *      "carousel": [
     *          {
     *              "id": 1,
     *              "info": "text",
     *              "url": "page/boards",
     *              "wap_url": "h5 front router",
     *              "show": '2'
     *          }
     *      ]
     *  }
     * }
     * @apiErrorExample:
     * {
     *  "status": 200,
     *  "msg": "ok",
     *  "data": {
     *      "carousel": []
     *  }
     * }
     */
    public function notifications(Request $request)
    {
        // 跑马灯
        $carousel = SystemCarousel::getFirst(20);
        return app('json')->successful(compact('carousel'));
    }
}