<?php

namespace app\api\controller;

use app\common\service\DingtalkService;
use app\common\model\User;
use Firebase\JWT\JWT;
use hg\apidoc\annotation as Apidoc;

/**
 * @Apidoc\Title("登录")
 * @Apidoc\Group("api")
 * @Apidoc\Sort("1")
 */
class Login extends Base
{
    public function initialize()
    {
        parent::initialize();
    }

    /**
     * 登录
     *
     * @Apidoc\Method("POST")
     * @Apidoc\Param("code", type="string",require=true, desc="免登授权码")
     * @Apidoc\Returned("data", type="string", desc="用户token")
     */
    public function login(){
        $code = input('code');
        if(!$code){
            $this->error('授权码错误');
        }

        $resp = DingtalkService::get_user_info($code);
        if($resp->errcode != 0){
            $this->error($resp->errcode.' '.$resp->errmsg);
        }

        $user = User::where('userid',$resp->result->userid)->value('id');
        if(!$user){
            $this->error('不是内部人员');
        }

        $token = $this->create_jwt($user);
        $this->success('登录成功',$token);
    }

    /**
     * 获取token
     *
     * @Apidoc\Method("POST")
     * @Apidoc\Query("uid", type="string",require=true, desc="用户ID")
     * @Apidoc\Returned("data", type="string", desc="用户token")
     */
    public function get_token(){
        $uid = input('uid');
        $token = $this->create_jwt($uid);
        $this->success('获取成功',$token);
    }

    //token加密
    public function create_jwt($uid)
    {
        $key = md5(config('app.jwt')); //jwt的签发密钥，验证token的时候需要用到
        $time = time(); //签发时间
        $expire = $time + config('app.jwt_time'); //过期时间
        $token = array(
            "uid" => $uid,
            "iss" => "https://zain.com",//签发组织
            "aud" => "https://zain.com", //签发作者
            "iat" => $time,
            "nbf" => $time,
            "exp" => $expire
        );
        $jwt = JWT::encode($token, $key);
        return $jwt;
    }
}