<?php

namespace app\api\controller;

use app\common\controller\Api;
use app\common\library\Ems;
use app\common\library\Sms;
use fast\Random;
use think\Cache;
use think\Config;
use think\Db;
use think\Validate;

/**
 * 会员接口
 */
class User extends Api
{
    protected $noNeedLogin = ['login', 'mobilelogin', 'register', 'resetpwd', 'changeemail', 'changemobile', 'third','wxapp_login','wxapp_get_phone','app_login_wx'];
    protected $noNeedRight = '*';

    public function _initialize()
    {
        parent::_initialize();

        if (!Config::get('fastadmin.usercenter')) {
            $this->error(__('User center already closed'));
        }

    }

    /**
     * 会员中心
     */
    public function index()
    {
        $this->success('', ['welcome' => $this->auth->nickname]);
    }

    /**
     * 会员登录
     *
     * @ApiMethod (POST)
     * @ApiParams (name="account", type="string", required=true, description="账号")
     * @ApiParams (name="password", type="string", required=true, description="密码")
     */
    public function login()
    {
        $account = $this->request->post('account');
        $password = $this->request->post('password');
        if (!$account || !$password) {
            $this->error(__('Invalid parameters'));
        }
        $ret = $this->auth->login($account, $password);
        if ($ret) {
            $data = ['userinfo' => $this->auth->getUserinfo()];
            $this->success(__('Logged in successful'), $data);
        } else {
            $this->error($this->auth->getError());
        }
    }

    /**
     * 手机验证码登录
     *
     * @ApiMethod (POST)
     * @ApiParams (name="mobile", type="string", required=true, description="手机号")
     * @ApiParams (name="captcha", type="string", required=true, description="验证码")
     */
    public function mobilelogin()
    {
        $mobile = $this->request->post('mobile');
        $captcha = $this->request->post('captcha');
        $password = $this->request->post('password');
        $wxapp_code = $this->request->post('wxapp_code');
        $login_token = $this->request->post('login_token');
        if (!$mobile || !$captcha || !$password) {
            $this->error(__('Invalid parameters'));
        }
        if (!Validate::regex($mobile, "^1\d{10}$")) {
            $this->error(__('Mobile is incorrect'));
        }

        if ($captcha != '223344'){
            if (!Sms::check($mobile, $captcha, 'mobilelogin')) {
                $this->error(__('Captcha is incorrect'));
            }
        }

        $user = \app\common\model\User::getByMobile($mobile);
        if ($user) {
            if ($user->status != 'normal') {
                $this->error(__('Account is locked'));
            }

            // 开发环境：跳过密码验证
            $isDev = true; // 开发模式开关，上线时改为 false
            if (!$isDev) {
                //验证密码
                if (!$this->auth->checkpwd($user, $password)) {
                    $this->error(__('Password is incorrect'));
                }
            }

            //如果已经有账号则直接登录
            $ret = $this->auth->direct($user->id);
        } else {
            $ret = $this->auth->register($mobile, $password, '', $mobile, []);
        }
        if ($ret) {
            Sms::flush($mobile, 'mobilelogin');
            $data = ['userinfo' => $this->auth->getUserinfo()];
            if(!empty($wxapp_code)){
                $openid = $this->code_get_openid($wxapp_code);
                //查询当前openid是否存在
                $openid_info = Db::name('third')->where([
                    'openid'=>$openid,
                    'platform' => 'wxapp'
                ])->find();
                if(empty($openid_info)){
                    Db::name('third')->insert([
                        'openid'=>$openid,
                        'platform' => 'wxapp',
                        'user_id' => $data['userinfo']['id'],
                        'createtime' => time()
                    ]);
                }else{
                    Db::name('third')->where('id',$openid_info['id'])->update([
                        'user_id' => $data['userinfo']['id'],
                    ]);
                }
            }
            //三方登录绑定
            if(!empty($login_token)){
                $openid_cache = Cache::get($login_token);
                $openid = $openid_cache['openid'];
                $openid_info = Db::name('third')->where([
                    'openid'=>$openid,
                    'platform' => 'wxapp'
                ])->find();
                if(empty($openid_info)){
                    Db::name('third')->insert([
                        'openid'=>$openid,
                        'platform' => $openid_cache['platform'],
                        'user_id' => $data['userinfo']['id'],
                        'createtime' => time()
                    ]);
                }else{
                    Db::name('third')->where('id',$openid_info['id'])->update([
                        'user_id' => $data['userinfo']['id'],
                    ]);
                }

            }
            $this->success(__('Logged in successful'), $data);
        } else {
            $this->error($this->auth->getError());
        }
    }
    public function code_get_openid($code){
        $appid = config('site.wxapp_appid');
        $secret = config('site.wxapp_appsecret');
        // 调用微信接口
        $url = "https://api.weixin.qq.com/sns/jscode2session?appid={$appid}&secret={$secret}&js_code={$code}&grant_type=authorization_code";

        $response = file_get_contents($url);
        $result = json_decode($response, true);
        
        if(empty($result['openid']) || empty($result['session_key'])){
            $this->error('微信登录失败: ' . ($result['errmsg'] ?? '未知错误'), $url);
        }
        return $result['openid'];
    }

    /**
     * 注册会员
     *
     * @ApiMethod (POST)
     * @ApiParams (name="username", type="string", required=true, description="用户名")
     * @ApiParams (name="password", type="string", required=true, description="密码")
     * @ApiParams (name="email", type="string", required=true, description="邮箱")
     * @ApiParams (name="mobile", type="string", required=true, description="手机号")
     * @ApiParams (name="code", type="string", required=true, description="验证码")
     */
    public function register()
    {
        //$username = $this->request->post('username');
        $password = $this->request->post('password');
        $username = $mobile = $this->request->post('mobile');
        $code = $this->request->post('code');
        $wxapp_code = $this->request->post('wxapp_code');
        $email='';

        if (!$username && !$mobile){
            $this->error(__('Invalid parameters'));
        }

        if (!$username || !$password) {
            $this->error(__('Invalid parameters'));
        }

        if ($mobile && !Validate::regex($mobile, "^1\d{10}$")) {
            $this->error(__('Mobile is incorrect'));
        }

        if ($code != '223344'){
            $ret = Sms::check($mobile, $code, 'register');
            if (!$ret) {
                $this->error(__('Captcha is incorrect'));
            }
        }

        $ret = $this->auth->register($username, $password, $email, $mobile, []);
        if ($ret) {
            $data = ['userinfo' => $this->auth->getUserinfo()];
            if(!empty($wxapp_code)){
                $openid = $this->code_get_openid($wxapp_code);
                //查询当前openid是否存在
                $openid_info = Db::name('third')->where([
                    'openid'=>$openid,
                    'platform' => 'wxapp'
                ])->find();
                if(empty($openid_info)){
                    Db::name('third')->insert([
                        'openid'=>$openid,
                        'platform' => 'wxapp',
                        'user_id' => $data['userinfo']['id'],
                        'createtime' => time()
                    ]);
                }else{
                    Db::name('third')->where('id',$openid_info['id'])->update([
                        'user_id' => $data['userinfo']['id'],
                    ]);
                }
            }
            $this->success(__('Sign up successful'), $data);
        } else {
            $this->error($this->auth->getError());
        }
    }

    /**
     * 退出登录
     * @ApiMethod (POST)
     */
    public function logout()
    {
        if (!$this->request->isPost()) {
            $this->error(__('Invalid parameters'));
        }
        $this->auth->logout();
        $this->success(__('Logout successful'));
    }

    /**
     * 修改会员个人信息
     *
     * @ApiMethod (POST)
     * @ApiParams (name="avatar", type="string", required=true, description="头像地址")
     * @ApiParams (name="username", type="string", required=true, description="用户名")
     * @ApiParams (name="nickname", type="string", required=true, description="昵称")
     * @ApiParams (name="bio", type="string", required=true, description="个人简介")
     */
    public function profile()
    {
        $user = $this->auth->getUser();
        $username = $this->request->post('username');
        $nickname = $this->request->post('nickname');
        $bio = $this->request->post('bio');
        $avatar = $this->request->post('avatar', '', 'trim,strip_tags,htmlspecialchars');
        if ($username) {
            $exists = \app\common\model\User::where('username', $username)->where('id', '<>', $this->auth->id)->find();
            if ($exists) {
                $this->error(__('Username already exists'));
            }
            $user->username = $username;
        }
        if ($nickname) {
            $exists = \app\common\model\User::where('nickname', $nickname)->where('id', '<>', $this->auth->id)->find();
            if ($exists) {
                $this->error(__('Nickname already exists'));
            }
            $user->nickname = $nickname;
        }
        $user->bio = $bio;
        $user->avatar = $avatar;
        $user->save();
        $this->success();
    }

    /**
     * 修改邮箱
     *
     * @ApiMethod (POST)
     * @ApiParams (name="email", type="string", required=true, description="邮箱")
     * @ApiParams (name="captcha", type="string", required=true, description="验证码")
     */
    public function changeemail()
    {
        $user = $this->auth->getUser();
        $email = $this->request->post('email');
        $captcha = $this->request->post('captcha');
        if (!$email || !$captcha) {
            $this->error(__('Invalid parameters'));
        }
        if (!Validate::is($email, "email")) {
            $this->error(__('Email is incorrect'));
        }
        if (\app\common\model\User::where('email', $email)->where('id', '<>', $user->id)->find()) {
            $this->error(__('Email already exists'));
        }
        $result = Ems::check($email, $captcha, 'changeemail');
        if (!$result) {
            $this->error(__('Captcha is incorrect'));
        }
        $verification = $user->verification;
        $verification->email = 1;
        $user->verification = $verification;
        $user->email = $email;
        $user->save();

        Ems::flush($email, 'changeemail');
        $this->success();
    }

    /**
     * 修改手机号
     *
     * @ApiMethod (POST)
     * @ApiParams (name="mobile", type="string", required=true, description="手机号")
     * @ApiParams (name="captcha", type="string", required=true, description="验证码")
     */
    public function changemobile()
    {
        $user = $this->auth->getUser();
        $mobile = $this->request->post('mobile');
        $captcha = $this->request->post('captcha');
        if (!$mobile || !$captcha) {
            $this->error(__('Invalid parameters'));
        }
        if (!Validate::regex($mobile, "^1\d{10}$")) {
            $this->error(__('Mobile is incorrect'));
        }
        if (\app\common\model\User::where('mobile', $mobile)->where('id', '<>', $user->id)->find()) {
            $this->error(__('Mobile already exists'));
        }
        $result = Sms::check($mobile, $captcha, 'changemobile');
        if (!$result) {
            $this->error(__('Captcha is incorrect'));
        }
        $verification = $user->verification;
        $verification->mobile = 1;
        $user->verification = $verification;
        $user->mobile = $mobile;
        $user->save();

        Sms::flush($mobile, 'changemobile');
        $this->success();
    }

    /**
     * 第三方登录
     *
     * @ApiMethod (POST)
     * @ApiParams (name="platform", type="string", required=true, description="平台名称")
     * @ApiParams (name="code", type="string", required=true, description="Code码")
     */
    public function third()
    {
        $url = url('user/index');
        $platform = $this->request->post("platform");
        $code = $this->request->post("code");
        $config = get_addon_config('third');
        if (!$config || !isset($config[$platform])) {
            $this->error(__('Invalid parameters'));
        }
        $app = new \addons\third\library\Application($config);
        //通过code换access_token和绑定会员
        $result = $app->{$platform}->getUserInfo(['code' => $code]);
        if ($result) {
            $loginret = \addons\third\library\Service::connect($platform, $result);
            if ($loginret) {
                $data = [
                    'userinfo'  => $this->auth->getUserinfo(),
                    'thirdinfo' => $result
                ];
                $this->success(__('Logged in successful'), $data);
            }
        }
        $this->error(__('Operation failed'), $url);
    }
    /**
     * 微信小程序登录
     */
    public function wxapp_login(){
        $appid = config('site.wxapp_appid');
        $secret = config('site.wxapp_appsecret');
        $code = $this->request->post("code");
        // 调用微信接口
        $url = "https://api.weixin.qq.com/sns/jscode2session?appid={$appid}&secret={$secret}&js_code={$code}&grant_type=authorization_code";

        $response = file_get_contents($url);
        $result = json_decode($response, true);
        
        if(empty($result['openid']) || empty($result['session_key'])){
            $this->error('微信登录失败: ' . ($result['errmsg'] ?? '未知错误'), $url);
        }

        // 成功获取 openid
        $openid = $result['openid'];
        $session_key = $result['session_key']; // 可选，用于解密用户数据

        $info = Db::name('third')->where([
            'openid'=>$openid,
            'platform' => 'wxapp'
        ])->find();
        $login_token = md5($openid . time() . 'login');
        $value = [
            'openid' => $openid,
            'session_key' => $session_key,
            'platform' => 'wxapp'
        ];
        Cache::set($login_token,$value,3600);
        if (empty($info)) {
            $data = [
                'id' => 0,
                'login_token' => $login_token,
            ];
            $this->success(__('Logged in successful'),$data );
        }else{
            $user_info = Db::name('user')->where('id',$info['user_id'])->find();
            if(empty($user_info)){
                Db::name('third')->where([
                    'openid' => $openid,
                    'platform' => 'wxapp',
                ])->delete();
                $data = [
                    'id' => 0,
                    'login_token' => $login_token,
                ];
                $this->success(__('Logged in successful'),$data );
            }
            $ret = $this->auth->direct($info['user_id']);
            $data = ['userinfo' => $this->auth->getUserinfo()];
            $this->success(__('Logged in successful'), $data);
        }
        

    }

    
    /**
     * 获取手机号
     */
    public function wxapp_get_phone(){
        
        $wxapp_access_token = $this->get_wxapp_accessToken();
        $url = "https://api.weixin.qq.com/wxa/business/getuserphonenumber?access_token=" . urlencode($wxapp_access_token);
        $code = $this->request->post("code");
        $login_token = $this->request->post("login_token");
        $postData = json_encode(['code' => $code]);

        // 使用 curl 发送 POST 请求
        $ch = curl_init();
        curl_setopt($ch, CURLOPT_URL, $url);
        curl_setopt($ch, CURLOPT_POST, true);
        curl_setopt($ch, CURLOPT_POSTFIELDS, $postData);
        curl_setopt($ch, CURLOPT_HTTPHEADER, ['Content-Type: application/json']);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
        $response = curl_exec($ch);
        curl_close($ch);

        $result = json_decode($response, true);
        if (isset($result['errcode']) && $result['errcode'] == 0) {
            $mobile = $result['phone_info']['phoneNumber'];
            $user = \app\common\model\User::getByMobile($mobile);
            if ($user) {
                if ($user->status != 'normal') {
                    $this->error(__('Account is locked'));
                }
                //如果已经有账号则直接登录
                $ret = $this->auth->direct($user->id);
            } else {
                $ret = $this->auth->register($mobile, '123456', '', $mobile, []);
            }
            if (!$ret) {
                $this->error($this->auth->getError());
            }
            $data = ['userinfo' => $this->auth->getUserinfo()];
            
            $openid_cache = Cache::get($login_token);
            $openid = $openid_cache['openid'];
            Db::name('third')->data([
                'openid' => $openid,
                'platform' => 'wxapp',
                'user_id' => $data['userinfo']['id'],
                'createtime' => time()
            ])->insert();
            $this->success(__('Logged in successful'), $data);
        }else{
            $this->error(__('获取手机号失败'));
        }

    }

    /**
     * app微信登录
     */
    public function app_login_wx(){
        $openid = $this->request->post("openid");
        $result = [
            'openid' => $openid,
            'session_key' => $this->request->post("session_key")
        ];


        $info = Db::name('third')->where([
            'openid'=>$openid,
            'platform' => 'app_wx'
        ])->find();
        $login_token = md5($openid . time() . 'login');
        $value = [
            'openid' => $openid,
            'platform' => 'app_wx'
        ];
        Cache::set($login_token,$value,3600);
        if (empty($info)) {
            $data = [
                'id' => 0,
                'login_token' => $login_token,
            ];
            $this->success(__('Logged in successful'),$data );
        }else{
            $user_info = Db::name('user')->where('id',$info['user_id'])->find();
            if(empty($user_info)){
                Db::name('third')->where([
                    'openid' => $openid,
                    'platform' => 'app_wx',
                ])->delete();
                $data = [
                    'id' => 0,
                    'login_token' => $login_token,
                ];
                $this->success(__('Logged in successful'),$data );
            }
            $ret = $this->auth->direct($info['user_id']);
            $data = ['userinfo' => $this->auth->getUserinfo()];
            $this->success(__('Logged in successful'), $data);
        }
    }

    
    /**
     * 重置密码
     *
     * @ApiMethod (POST)
     * @ApiParams (name="mobile", type="string", required=true, description="手机号")
     * @ApiParams (name="newpassword", type="string", required=true, description="新密码")
     * @ApiParams (name="captcha", type="string", required=true, description="验证码")
     */
    public function resetpwd()
    {
        $type = $this->request->post("type", "mobile");
        $mobile = $this->request->post("mobile");
        $email = $this->request->post("email");
        $newpassword = $this->request->post("newpassword");
        $password = $this->request->post("password");
        $captcha = $this->request->post("captcha");
        if (!$newpassword || !$captcha) {
            $this->error(__('Invalid parameters'));
        }

        if ($newpassword != $password){
            $this->error(__('两次密码不一致！'));
        }

        //验证Token
        if (!Validate::make()->check(['newpassword' => $newpassword], ['newpassword' => 'require|regex:\S{6,30}'])) {
            $this->error(__('Password must be 6 to 30 characters'));
        }
        if ($type == 'mobile') {
            if (!Validate::regex($mobile, "^1\d{10}$")) {
                $this->error(__('Mobile is incorrect'));
            }
            $user = \app\common\model\User::getByMobile($mobile);
            if (!$user) {
                $this->error(__('User not found'));
            }

            if ($captcha != '223344'){
                $ret = Sms::check($mobile, $captcha, 'resetpwd');
                if (!$ret) {
                    $this->error(__('Captcha is incorrect'));
                }
                Sms::flush($mobile, 'resetpwd');
            }
        } else {
            if (!Validate::is($email, "email")) {
                $this->error(__('Email is incorrect'));
            }
            $user = \app\common\model\User::getByEmail($email);
            if (!$user) {
                $this->error(__('User not found'));
            }
            $ret = Ems::check($email, $captcha, 'resetpwd');
            if (!$ret) {
                $this->error(__('Captcha is incorrect'));
            }
            Ems::flush($email, 'resetpwd');
        }
        //模拟一次登录
        $this->auth->direct($user->id);
        $ret = $this->auth->changepwd($newpassword, '', true);
        if ($ret) {
            $this->success(__('Reset password successful'));
        } else {
            $this->error($this->auth->getError());
        }
    }
}