<?php

namespace app\chukebao\controller;

use app\common\controller\BaseController;
use app\common\util\JwtUtil;
use Exception;
use library\ResponseHelper;
use app\api\controller\UserController;
use think\Db;

/**
 * 认证控制器
 * 处理用户登录和身份验证
 */
class LoginController extends BaseController
{


    /**
     * 用户登录
     *
     * @return \think\response\Json
     */
    public function index($username = '', $password = '',$verifySessionId = '',$verifyCode = '')
    {

        $username = !empty($username) ? $username : $this->request->param('account', '');
        $password = !empty($password) ? $password : $this->request->param('password', '');
        $verifySessionId =!empty($verifySessionId) ? $verifySessionId : $this->request->param('verifySessionId', '');
        $verifyCode = !empty($verifyCode) ? $verifyCode : $this->request->param('verifyCode', '');

        if (empty($username) || empty($password)) {
            return ResponseHelper::error('请输入账号密码');
        }

        // 验证账号是否存在（支持账号或手机号登录）
        $user = Db::name('users')
            ->where(function ($query) use ($username) {
                $query->where('account', $username)->whereOr('phone', $username);
            })
            ->where('passwordMd5', md5($password))
            ->find();

        if (empty($user)) {
            return ResponseHelper::error('账号不存在或密码错误');
        }

        if($user['status'] != 1){
            return ResponseHelper::error('账号已禁用');
        }


        //登录参数
        $params = [
            'grant_type' => 'password',
            'username' => $user['account'],
            'password' => !empty($user['passwordLocal']) ? localDecrypt($user['passwordLocal']) : $password
        ];

        try {
            // 调用登录接口获取token
            $headerData = ['client:kefu-client'];
            if (!empty($verifySessionId) && !empty($verifyCode)){
                $headerData[] = 'verifysessionid:'.$verifySessionId;
                $headerData[] =  'verifycode:'.$verifyCode;
            }
            $header = setHeader($headerData, '', 'plain');
            $result = requestCurl('https://s2.siyuguanli.com:9991/token', $params, 'POST', $header);
            $result = handleApiResponse($result);

            if (isset($result['access_token']) && !empty($result['access_token'])) {
                $userData['kefuData']['token'] = $result;
                $headerData = ['client:kefu-client'];
                $header = setHeader($headerData, $result['access_token']);
                $result2 = requestCurl('https://s2.siyuguanli.com:9991/api/account/self', [], 'GET', $header, 'json');
                $self = handleApiResponse($result2);
                $userData['kefuData']['self'] = $self;
            }else{
                return ResponseHelper::error($result['error_description']);
            }

            unset($user['passwordMd5'],$user['deleteTime'],$user['passwordLocal']);
            $userData['member'] = $user;

            // 生成JWT令牌
            $expired = 86400 * 30;
            $token = JwtUtil::createToken($user, $expired);
            $token_expired = time() + $expired;


            $userData['token'] = $token;
            $userData['token_expired'] = $token_expired;


            return ResponseHelper::success($userData, '登录成功');
        } catch (Exception $e) {
            return ResponseHelper::error($e->getMessage(), $e->getCode());
        }
    }
}