<?php
namespace app\api\controller;
use think\Request;
use think\Controller;
use think\Db;
use think\Validate;
use think\Response;
use think\exception\HttpResponseException;
class User extends Controller{
    public function __construct(){
        config('default_return_type','json');
        $request=request();
        $action=$request->action();
        $post = $request->post();
        $appid=input('appid');
        $secret="49ba59abbe56e057";
        $agentid="098f6bcd4621d373cade4e832627b4f6";
        
        if(empty($appid)){
            $this->error2('缺少appid参数');
        }
        if($appid!=$agentid){
            $this->error2('appid错误');
        }
        
        $timestamp =input('time');
        if (empty($timestamp)) {
            $this->error2('缺少time参数');
        }
        // 判断token
        $token =input('token');
        if(!$token) {
            $this->error2('缺少token参数');
        }
        $curtime = time();
        $expire = 60; // 允许延迟秒数
        if (!$timestamp || $timestamp > $curtime || ($timestamp + $expire) < $curtime) {
            $this->error2('token验证超时');
        }
        $sign=$this->getSign($secret, $post);
        if ($token != $sign) {
            $this->error2('token验证失败');
        }
    }
    
    // 获取sign
    protected function getSign($secret, $data){
            if (isset($data['token']))unset($data['token']);
            if (isset($data['appid']))unset($data['appid']);
            // 对数组的值按key排序
            ksort($data);
            // 生成url的形式
            $params = http_build_query($data);
            // 生成sign
            $sign = md5($params.$secret);
            return $sign;
    }
    /**
     * 用户登录
     */
    public function login(){
        $mobile=input('mobile');
        $verify=input('verify');
        if(empty($mobile)){
            $this->error2("手机号不能为空");
        }
        if(empty($verify)){
            $this->error2("验证码不能为空");
        }
        $where['sms_type']='ulogin';
        $where['sms_tel']=$mobile;
        $where['sms_time']=['>',time()-600];
        $rst=Db::name('smslog')->where($where)->find();
        if(!$rst||$rst['sms_code']!=$verify) $this->error2(lang('verifiy incorrect'));
        
        $where=[];
        $where['member_list_tel|member_list_username']=$mobile;
        $where['user_status']=1;
        //$where['member_list_groupid']=8;
        $fields="member_list_id,member_list_username,member_list_nickname,member_list_sex,
        member_list_headpic,member_list_tel,member_list_email,member_list_addtime,
        birthday,signature,user_status";
        $member=Db::name("member_list")->field($fields)->where($where)->find();
        
        if (!$member){
            $this->error2(lang('username or pwd incorrect'));
        }else{
            if($member['user_status']==0){
                $this->error2(lang('user disabled'));
            }
            $id=$member["member_list_id"];
            $str = md5(uniqid(md5(microtime(true)), true)); //uniqid — 生成一个唯一ID
            $access_token = sha1($str.$mobile.'||'.$id);			//$phone为用户的手机号
            $check=Db::name("member_access")->where(['mid'=>$id])->find();
            if(!$check){
                $row=[];
                $row['mid']=$id;
                $row['create_time']=time();
                $row['token']=$access_token;
                $row['state']=1;
                $res=Db::name("member_access")->insert($row);
            }else{
                $row=[];
                $row['create_time']=time();
                $row['token']=$access_token;
                $row['state']=1;
                $res=Db::name("member_access")->where(array('mid'=>$id))->update($row);
            }
            $member['birthday']=empty($member['birthday'])?$member['birthday']:'';
            $member['access_token']=$access_token;
            $member['member_list_headpic']=$this->_img($member['member_list_headpic']);
            //更新字段
            $data = array('last_login_time' => time());
            Db::name("member_list")->where(array('member_list_id'=>$id))->update($data);
            $this->success2(lang('login success'),$member);
        }
    }
    /**
     * 注册用户
     */
    public function reg(){
        $tel=input('member_list_tel','');
        $password=input('member_list_pwd');
        $repassword=input('member_list_compwd');
        $nickname=input('member_list_nickname');
        $email=input('member_list_email');
        $verify=input('verify');
        
        $headpic=input('member_list_headpic');
        $sex=input('member_list_sex');
        $birthday=input('birthday');
        
        //手机注册
        $where['sms_type']='ureg ';
        $where['sms_tel']=$tel;
        $where['sms_time']=['>',time()-600];
        $rst=Db::name('smslog')->where($where)->find();
        
        if(!$rst||$rst['sms_code']!=$verify) $this->error2(lang('verifiy incorrect'));
        
        $rule = [
            ['member_list_pwd','require|length:6,20','密码不能为空|密码长度6-20位'],
            ['member_list_tel','require','手机号必须'],
            ['member_list_email','require','邮箱必须'],
            ['member_list_compwd','require|confirm:member_list_pwd','确认密码不能为空|确认密码不正确']
        ];
        $validate = new Validate($rule);
        $rst= $validate->check(array(
            'member_list_pwd'=>$password,
            'member_list_compwd'=>$repassword,
            'member_list_tel'=>$tel,
            'member_list_email'=>$email
        ));
        if(true !==$rst){
            $error=is_array($validate->getError())?join('|',$validate->getError()):$validate->getError();
            $this->error2($error);
        }
        //判断是否存在
        $result = Db::name('member_list')->where('member_list_tel',$tel)->count();
        if($result) $this->error2('此手机已注册');
        
        $member_list_salt=random(10);
        $sl_data=array(
            'member_list_username'=>$tel,
            'member_list_nickname'=>$nickname,
            'member_list_salt' => $member_list_salt,
            'member_list_tel'=>$tel,
            'member_list_pwd'=>encrypt_password($password,$member_list_salt),
            'member_list_email'=>$email,
            'member_list_headpic'=>$headpic,
            'member_list_sex'=>$sex,
            'birthday'=>$birthday,
            'member_list_groupid'=>8,
            'member_list_open'=>1,
            'member_list_addtime'=>time(),
            'user_status'=>1
        );
        $rst=Db::name('member_list')->insertGetId($sl_data);
        if($rst!==false){
            //更新字段
            $this->success2("注册成功");
        }else{
            $this->error2("注册失败");
        }
    }
    /**
     * 忘记密码
     */
    public function forget(){
        $tel=input('member_list_tel');
        $verify=input('verify');
        $pwd=input('password');
        $repwd=input('repassword');
        $user=Db::name("member_list")->where('member_list_tel',$tel)->find();
        if($user){
                //手机
                $where['sms_type']='uforget';
                $where['sms_tel']=$tel;
                $where['sms_time']=['>',time()-120];
                $rst=Db::name('smslog')->where($where)->find();
                if(!$rst||$rst['sms_code']!=$verify) $this->error2('验证码不正确');
                
                $rule = [
                    ['password','require|length:5,20','{%pwd empty}|{%pwd length}'],
                    ['repassword','require|confirm:password','{%repassword empty}|{%repassword incorrect}'],
                ];
                $validate = new Validate($rule);
                $rst= $validate->check(array('password'=>$pwd,'repassword'=>$repwd));
                if(true !==$rst){
                    $error=is_array($validate->getError())?join('|',$validate->getError()):$validate->getError();
                    $this->error2($error);
                }else{
                    $mid=$user['member_list_id'];
                    $msalt=random(10);
                    $mpwd=encrypt_password($pwd,$msalt);
                    $update=[];
                    $update['member_list_pwd']=$mpwd;
                    $update['member_list_salt']=$msalt;
                    $update['user_activation_key']='';
                    $result=Db::name("member_list")->where('member_list_id',$mid)->update($update);
                    if($result){
                        $this->success2(lang('密码修改成功'));
                    }else {
                        $this->error2(lang('密码修改失败'));
                    }
                }
        }else {
            $this->error2(lang('member not exist'));
        }
    }
    protected function _check(){
        $token=input('access_token');
        if(empty($token))$this->error2("登录凭证必传");
        $access=Db::name("member_access")->where(['token'=>$token,'state'=>1])->find();
        if(!$access)$this->error2("请重新登录");
        $time=$access['create_time'];
        if($time+3600*24<time()){
            $this->error2("登录凭证过期,请重新登录");
        }
        return $access['mid'];
    }
    protected function _img($path){
          if(!$path)return "";
          
          if(strpos($path,SITE_PATH)==false){
              return SITE_PATH.ltrim($path,'/');
          }
          return $path;
    }
    /**
     * 会员详情
     */
    public function detail(){
        $id=$this->_check();
        $fields="member_list_id,member_list_username,member_list_nickname,member_list_sex,
        member_list_headpic,member_list_tel,member_list_email,member_list_addtime,
        birthday,signature,user_status";
        $user=Db::name("member_list")->field($fields)->where('member_list_id',$id)->find();
        if(!$user)$this->error2("此用户不存在");
        
        $user['member_list_headpic']=$this->_img($user['member_list_headpic']);
        Db::name("member_access")->where('mid',$id)->update(['create_time'=>time()]);
        
        $user['birthday']=empty($user['birthday'])&&!is_null($user['birthday'])?$user['birthday']:'';
        $this->success2("查询成功",$user);
    }
    /**
     * 会员修改
     */
    public function edit(){
        $id=$this->_check();
        $type=input('type');
        $user=Db::name("member_list")->where('member_list_id',$id)->find();
        if(!$user)$this->error2("此用户不存在");
        $mid=$user['member_list_id'];
        $update=[];
        switch ($type){
            case 1://基本信息
                $nickname=input('member_list_nickname');
                $sex=input('member_list_sex');
                $headpic=input('member_list_headpic');
                $rule = [
                    ['member_list_nickname','require',"用户昵称必填"],
                    ['member_list_sex','require',"用户性别必选"],
                    ['member_list_headpic','require',"用户头像必传"],
                ];
                $validate = new Validate($rule);
                $rst= $validate->check(array('member_list_nickname'=>$nickname,'member_list_sex'=>$sex,'member_list_headpic'=>$headpic));
                if(true !==$rst){
                    $error=is_array($validate->getError())?join('|',$validate->getError()):$validate->getError();
                    $this->error2($error);
                }else{
                    $update['member_list_nickname']=$nickname;
                    $update['member_list_sex']=$sex;
                    $update['member_list_headpic']=$headpic;
                }
            break;
            case 2://密码
                $salt=$user['member_list_salt'];
                $opwd=input('old_password');
                $opass=encrypt_password($opwd,$salt);
                if($opass!=$user['member_list_pwd']){
                    $this->error2(lang('原始密码不正确'));
                }
                $pwd=input('password');
                $repwd=input('repassword');
                $rule = [
                    ['password','require|length:5,20','{%pwd empty}|{%pwd length}'],
                    ['repassword','require|confirm:password','{%repassword empty}|{%repassword incorrect}'],
                ];
                $validate = new Validate($rule);
                $rst= $validate->check(array('password'=>$pwd,'repassword'=>$repwd));
                if(true !==$rst){
                    $error=is_array($validate->getError())?join('|',$validate->getError()):$validate->getError();
                    $this->error2($error);
                }else{
                    $msalt=random(10);
                    $mpwd=encrypt_password($pwd,$msalt);
                   
                    $update['member_list_pwd']=$mpwd;
                    $update['member_list_salt']=$msalt;
                    $update['user_activation_key']='';
                }
            break; 
            case 3://手机号
                $pwd=input('password');
                $salt=$user['member_list_salt'];
                if(encrypt_password($pwd,$salt)!=$user['member_list_pwd']){
                    $this->error2(lang('密码验证不正确'));
                }
                $tel=input('member_list_tel');
                $verify=input('verify');
                
                $result = Db::name('member_list')->where('member_list_tel',$tel)->count();
                if($result) $this->error2($tel.'手机已注册');
                
                $where['sms_type']='uedit';
                $where['sms_tel']=$tel;
                $where['sms_time']=['>',time()-120];
                $rst=Db::name('smslog')->where($where)->find();
                if(!$rst||$rst['sms_code']!=$verify) $this->error2('验证码不正确');
                
                $rule = [
                    ['member_list_tel','require'],
                    ['verify','require'],
                ];
                $validate = new Validate($rule);
                $rst= $validate->check(array('member_list_tel'=>$tel,'verify'=>$verify));
                if(true !==$rst){
                    $error=is_array($validate->getError())?join('|',$validate->getError()):$validate->getError();
                    $this->error2($error);
                }else{
                    $update['member_list_username']=$tel;
                    $update['member_list_tel']=$tel;
                }
            break;    
        }
        
        $result=Db::name("member_list")->where('member_list_id',$mid)->update($update);
        if($result){
            $this->success2('修改成功');
        }else {
            $this->error2('修改失败');
        }
    }
    /**
     * 登出
     */
    public function logout(){
        $token=input('access_token');
        if(empty($token))$this->error2("登录凭证必传");
        $res=Db::name("member_access")->where(['token'=>$token,'state'=>1])->update(['state'=>0]);
     
        $this->success2('登出成功');
    }
    /**
     * 短信发送
     */
    public function sms(){
        $phone = input("mobile");
        $smstype= input("type");
       
        if(empty($phone)){
            $this->error2('手机号码为空！');
        }
        if(!in_array($smstype,['ulogin','ureg','uedit','uforget'])){
            $this->error2('短信类型不正确');
        }
        $result = Db::name('member_list')->where(['member_list_tel'=>$phone,'user_status'=>1])->count();
        $check=0;
        if(!$result) $this->error2($phone.'手机号未注册');
        
        $where['sms_type']=$smstype;
        $where['sms_tel']=$phone;
        $rst=Db::name('smslog')->where($where)->order("sms_time desc")->find();
        if($rst){
            if($rst['sms_time']>(time()-60)){
                $this->error2('已获取过,'.(60-(time()-$rst['sms_time'])).'秒后稍后再试');
            }
        }
        
        $rst_sms=false;
        $error='未设置短信平台配置';
        $code=random(6,'number');
        if(config('ymsms.on')){
            $arr=send_sms($phone,'您好，您的验证码为'.$code.',验证码5分钟内有效!');
            if($arr['code']==1){
                $rst_sms=true;
            }else{
                $error=$arr['msg'];
            }
        }
        if($rst_sms){
            if($rst){
                //更新
                $rst['sms_time']=time();
                $rst['sms_code']=$code;
                $rst=Db::name('smslog')->update($rst);
                if($rst==false){
                    $this->error2('短信码获取失败,请重试');
                }
            }else{
                //插入数据库
                $data=[
                    'sms_type'=>$smstype,
                    'sms_tel'=>$phone,
                    'sms_time'=>time(),
                    'sms_code'=>$code
                ];
                $rst=Db::name('smslog')->insert($data);
                if(!$rst){
                    $this->error2('短信码获取失败,请重试');
                }
            }
        }else{
            $this->error2($error);
        }
        
        $this->success2('短信码已发送至你手机');
    }
    /**
     * 操作成功跳转的快捷方法
     * @access protected
     * @param mixed     $msg 提示信息
     * @param string    $url 跳转的URL地址
     * @param mixed     $data 返回的数据
     * @param integer   $wait 跳转等待时间
     * @param array     $header 发送的Header信息
     * @return void
     */
    protected function success2($msg = '', $data = '', $code =200){
        $result = [
            'code' => $code,
            'msg'  => $msg,
            'data' => $data
        ];
        
        $type = $this->getResponseType();
        $response = Response::create($result, $type)->header([]);
        throw new HttpResponseException($response);
    }
    
    /**
     * 操作错误跳转的快捷方法
     * @access protected
     * @param mixed     $msg 提示信息
     * @param string    $url 跳转的URL地址
     * @param mixed     $data 返回的数据
     * @param integer   $wait 跳转等待时间
     * @param array     $header 发送的Header信息
     * @return void
     */
    protected function error2($msg = '', $data = '',$code=204){
        $result = [
            'code' => $code,
            'msg'  => $msg,
            'data' => $data
        ];
        
        $type = $this->getResponseType();
        
        $response = Response::create($result, $type)->header([]);
        throw new HttpResponseException($response);
    }
}    
?>