<?php
/**
 * Created by 北京捷讯佳音.
 * User: sam
 * Date: 2019/2/15
 * Time: 11:17
 */

namespace app\api\controller;

use Repository\LogRepository;
use think\Controller;

class Base extends Controller
{
    // 初始化
    public function _initialize()
    {
        LogRepository::requestLog();
        $para = input('param.');
        if (empty($para)) {
            echo json_encode(['code' => 302, 'msg' => '请求失败.']);
            exit;
        }
        $return = $this->_verifySign($para);

        if (!$return['status']) {
            echo json_encode(['code' => 303, 'msg' => $return['msg']]);
            exit;
        }
    }

    // 获取sign
    public function getSign($data,$msectime,$method)
    {
        $secret = config('api_secret');
        unset($data['ts'],$data['sign']);

        if($method === 'GET'){
            $str = '';
             ksort($data);
            foreach ($data as $key => $value) {
                $str .= $key.$value;
            }
        }else{
            $str = $data['param'];
        }
        $sign = md5($secret.';'.$str.';'.$msectime);

        return $sign;
    }

    public function _verifySign($data)
    {
        if (!config('CHECK_SIGN')) {
            return ['status' => true, 'msg' => '验证通过'];
        }

        if (!isset($data['sign']) || !isset($data['ts'])) {
            return ['status' => false, 'msg' => '参数不合法'];
        }
        // 验证接口时效
        if (self::getMsectime() - $data['ts'] > 100000) {
            return ['status' => false, 'msg' => '请求失效'];
        }

        switch ($_SERVER['REQUEST_METHOD']) {
            case 'GET':
                $mySign = $this->getSign($data,$data['ts'],'GET');
                break;
            case 'POST':
                $mySign = $this->getSign($data,$data['ts'],'POST');
                break;
            default:
                return ['status' => false, 'msg' => '请求类型不支持'];
                break;
        }

        if ($data['sign'] === $mySign) {
            return ['status' => true, 'msg' => '验证通过'];
        }

        return ['status' => false, 'msg' => '签名错误'];

    }

    /**
     * 验证令牌.
     * @param array $param 参数集合
     * @return array
     */
    private static function _checkAccessTokenIsValid(& $param)
    {
        if (empty($param['access_token'])) {
            return ['code' => 400, 'msg' => 'access_token不能为空.'];
        }

//        if (empty($param['type'])) {
//            return ['code' => 450, 'msg' => 'type不能为空.'];
//        }

        if($param['type'] == 'kf') {
            $result = db('users')->field('id,user_name,sex,user_avatar,access_token,expire_time')
                ->where(['access_token' => $param['access_token']])
                ->find();
            if (empty($result)) {
                return ['code' => 450, 'msg' => 'access_token不存在.'];
            }

            if ($result['access_token'] != $param['access_token']) {
                return ['code' => 450, 'msg' => 'access_token错误.'];
            }

            if ($result['expire_time'] < time()) {
                return ['code' => 450, 'msg' => 'access_token已过期.'];
            }

            $param['user'] = [
                'uid'         => "KF".$result['id'],
                'user_name'   => $result['user_name'],
                'sex'        => $result['sex'],
                'avatar_url' => $result['user_avatar']
            ];
        }else{
            $userInfo = $param['access_token'];
            if(is_string($userInfo)){
                $userInfo = json_decode($userInfo,true);
            }
            $param['user'] = $userInfo['user'];
        }
        unset($param['access_token']);

        return ['code' => 200, 'msg' => '验证成功.'];
    }

    //获取毫秒级时间戳
    public static function getMsectime(){
        return (float)sprintf('%.0f', microtime(true) * 1000);
    }
}