<?php
/*
 *   1,在postman中选择验证方式为no auth.
 *
 *   2，添加header，key为：Authrization，value为Bearer xxxxxxxxxxxxx.
 *
 *      注意：key的拼写必须一样(包括大小写），value中的Bearer和xxxxxxxx之间至少要有一个空格,xxxxxx为发送的access_token。
 */
namespace app\common\controllers;
use app\common\helpers\Identify;
use app\modules\admin\models\Attachment;
use app\modules\admin\models\AttachmentIndex;
use app\modules\admin\models\Config;
use app\modules\ad\models\AdData;
use app\models\EmailCert;
use app\models\MobileCert;
use app\modules\ucenter\models\User;
use yii\rest\ActiveController;
use yii\filters\Cors;
use yii\filters\auth\CompositeAuth;
use yii\filters\auth\HttpBasicAuth;
use yii\filters\auth\HttpBearerAuth;
use yii\filters\auth\QueryParamAuth;
use Yii;
class AController extends ActiveController
{
    public $modelClass = 'app\modules\ucenter\models\User';
    public $post;
    public $get;
    public $user;
    public $user_id;
    public $userInfo;
    public $attconfig;
    public $ossconfig;
    public $baseconfig;
    public $wapconfig;
    public $imageconfig;
    public $csrconfig;
    public $higherconfig;
    public $payconfig;
    public $coinconfig;
    public $pointconfig;
    public $baiduconfig;
    public $openauthconfig;
    public $smsconfig;
    public $mailerconfig;
    public $ueditorconfig;
    public $docconfig;
    public $mpconfig;
    public $wxappconfig;
    public $bdappconfig;
    public $transferconfig;
    public $withdrawconfig;
    public $commissionconfig;
    public $shoppingconfig;
    public $cmsconfig;
    public $badwordconfig;
    public $posterconfig;
    public $docname = '文档';
    public $colname = '合辑';
    public $optional = [
        'sendverifycode',//发送验证码
        'checkverifycode',//校验验证码
        'register',//注册
        'login',//登录
        'fastlogin',//快速登录
        'resetpwd',//重置密码
        'docmd5check',
        'doctitlecheck',
        'sharedoc',
        'gettag',
        'error',
    ];
    public function behaviors()
    {

        $behaviors = parent::behaviors();
        // remove authentication filter
        unset($behaviors['authenticator']);
        // 这个是跨域配置
        $behaviors['corsFilter'] = [
            'class' => Cors::class,
            'cors' => [
                'Origin' => CORS_DOMAIN,
                'Access-Control-Request-Method' => ['GET','POST', 'PUT', 'PATCH', 'DELETE', 'HEAD', 'OPTIONS'],
                // Allow only POST and PUT methods
                'Access-Control-Request-Headers' => ['*'],
                // Allow only headers 'X-Wsse'
                'Access-Control-Allow-Credentials' => true,
                // Allow OPTIONS caching
                'Access-Control-Max-Age' => 0,
                // Allow the X-Pagination-Current-Page header to be exposed to the browser.
                'Access-Control-Expose-Headers' => ['X-Pagination-Current-Page'],
            ],
        ];
        $behaviors['authenticator'] = [
            'class' => CompositeAuth::class,
            'authMethods' => [
                //HttpBasicAuth::className(),
                HttpBearerAuth::class,
                //QueryParamAuth::className(),
            ],
            'optional' =>$this->optional,
            'except'=> ['options'] //认证排除OPTIONS请求
        ];
        return $behaviors;
    }

    public function init()
    {
        parent::init();
        //加入全局配置
        $configResultList = Config::find()->all();
        if(is_array($configResultList))foreach($configResultList as $configResult)
        {
            $configName = str_replace('config','',$configResult->name);
            $configName = str_replace('attachment','att',$configName).'config';
            $this->$configName = string2array($configResult->value);
        }
        $this->docname = $this->docconfig['docname']?$this->docconfig['docname']:'文档';
        $this->colname = $this->docconfig['colname']?$this->docconfig['colname']:'合辑';
        if(empty($this->cmsconfig['news_breadname']))$this->cmsconfig['news_breadname'] = '资讯';
        if(empty($this->cmsconfig['news_contentname']))$this->cmsconfig['news_contentname'] = '资讯';
        if(empty($this->docconfig['breadname']))$this->docconfig['breadname'] = '文档';
        if(empty($this->docconfig['docname']))$this->docconfig['docname'] = '文档';
        if(empty($this->docconfig['colname']))$this->docconfig['colname'] = '合辑';
        if(Yii::$app->request->headers->get('Authorization'))$this->user = User::findIdentityByAccessToken(Yii::$app->request->headers->get('Authorization'));
    }

    //验证码校验
    function checkCode($to,$code)
    {
        $patternEmail = '/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,})$/';
        $patternMobile = '/^1[3456789]{1}\d{9}$/';
        if(preg_match($patternEmail,$to)) $toType = 'email';
        if(preg_match($patternMobile,$to)) $toType='mobile';
        if($toType=='mobile')
        {
            $exist = \app\models\MobileCert::find()->where("mobile='".$to."' and request_from = ".REQUEST_FROM)->orderBy(['id'=>SORT_DESC])->one();
        }
        else if($toType=='email')
        {
            $exist = \app\models\EmailCert::find()->where("email='".$to."' and request_from = ".REQUEST_FROM)->orderBy(['id'=>SORT_DESC])->one();
        }
        //判断验证码有效期
        if($exist&&(TIMESTAMP-$exist->sent_time>$this->smsconfig['certValidTime']*60||$exist->cert==1))
        {
            return [
                'error' => 1,
                'msg' => '验证码无效',
                'data' => [],
                'code'=>200
            ];

        }
        //判断验证码正确行
        if($exist->cert_key!=$code)
        {
            return [
                'error' => 1,
                'msg' => '验证码错误',
                'data' => [],
                'code'=>200
            ];
        }
        $exist->cert = 1;
        $exist->cert_time = TIMESTAMP;
        $exist->save();
    }

    //当前用户是否有权限访问和操作所请求的资源
    public function checkRights($user_id,$model,$fild_name='user_id')
    {
        if ($model->$fild_name != $user_id){
            return [
                'error' => 1,
                'msg' => '你只能操作你自己创作的数据',
                'data' => [],
                'code'=>200
            ];
        }
        else
        {
            return true;
        }
    }
    //当前用户是否有权限访问和操作所请求的资源
    public function checkAccess($action, $model = null, $params = [])
    {
        /* // check if the user can access $action and $model
         // throw ForbiddenHttpException if access should be denied
         if ($action === 'update' || $action === 'delete') {
             if ($model->user_id !== \Yii::$app->user->id)
                 throw new \yii\web\ForbiddenHttpException(sprintf('You can only %s articles that you\'ve created.', $action));
         }*/
    }
    //禁用一些操作
    public function actions()
    {
        $action= parent::actions(); // TODO: Change the autogenerated stub
        unset($action['index']);
        unset($action['create']);
        unset($action['update']);
        unset($action['delete']);
    }

    /**
     * @param $action
     * @return bool
     * @throws \yii\web\BadRequestHttpException
     */
    public function beforeAction($action)
    {
        parent::beforeAction($action);
        $this->post = Yii::$app->request->post();
        $this->get = Yii::$app->request->get();
        if(!empty(Yii::$app->user))
        {
            $this->user = Yii::$app->user->identity;
            $this->user_id = Yii::$app->user->id;
            $this->userInfo = Identify::getUserInfo(Yii::$app->user->id);
        }
        return $action;
    }


    /**
     * validateValue
     * @return bool
     */
    public function validateCaptcha($value)
    {
        $data = unserialize(Yii::$app->security->decryptByKey(base64_decode($value),Yii::$app->params['authKey']));

        if(empty($data['ip']) || $data['ip'] != Yii::$app->request->getUserIP()){
            return false;
        }

        if(empty($data['ua']) || $data['ua'] != crc32(Yii::$app->request->getUserAgent())){
            return false;
        }

        if(empty($data['ttl']) || time() > $data['ttl']) {
            return false;
        }
        return true;
    }
    //缩略图
    public function makeThumb($imagePath,$width,$height)
    {
        $hash = $imagePath?md5($imagePath):'noimage';
        return WEB_URL.'p/'.$width.'/'.$height.'/'.$hash.'.jpg';
    }


    //对接前端Url
    public static function urlList($page)
    {

        $urls['home'] =  REQUEST_FROM==1? WEB_URL: WAP_URL;
        $urls['login'] = REQUEST_FROM==1? WEB_URL.'login/': WAP_URL.'login/';
        $urls['logout'] = REQUEST_FROM==1? WEB_URL.'logout/': WAP_URL.'logout/';
        $urls['ucenter'] = REQUEST_FROM==1? WEB_URL.'ucenter/': WAP_URL.'ucenter/';
        $urls['myupload'] = REQUEST_FROM==1? WEB_URL.'myupload/': WAP_URL.'myupload/';
        return $urls[$page];
    }


}