<?php
header('Access-Control-Allow-Origin:*');// 指定允许其他域名访问
header('Access-Control-Allow-Methods:POST');// 响应类型
header('Access-Control-Allow-Headers:x-requested-with,content-type');

/**
 * 获取信息接口
 */
use phprs\util\Verify;
use phprs\util\exceptions\Forbidden;
use phprs\util\Logger;
use phprs\util\exceptions\NotFound;
use phprs\ezsql\Sql;
use phprs\util\exceptions\BadRequest;


/**
 *
 * 获取信息接口
 * @path("/appport")
 */
class Appport
{
    /**
     * 通过scode和sid获取AccessToken
     * @route({"GET","/token"})
     * @param({"scode","$._GET.scode"}) 客户端生成的Scode
     * @param({"sid","$._GET.sid"}) 服务器返回的sid
     * @throws({"phprs\util\exceptions\Forbidden","res", "403 Forbidden",{"error":"Forbidden"}}) cookie不可用
     */
    public function getAccessToken($scode,$sid) {
        // 当前时间戳，通过sid和scode获取用户信息，必须保障sid未过期
        $nowtime = time();

        // 根据sid 查询用户信息
        $res = Sql::select('syweb_users_qq.access_id,syweb_users_qq.access_key')
                    ->from('syweb_users_qq')
                    ->where('syweb_users_qq.sid=? and syweb_users_qq.scode=? and syweb_users_qq.sid_expire_time>?', $sid,$scode,$nowtime)
                    ->get($this->db ,null);

        if(count($res)>0){
            $result[0]["error"] = "0";
            $result[0]["access_id"] = $res[0]["access_id"];
            $result[0]["access_key"] = $res[0]["access_key"];
        }else{
            $result[0]["error"] = "0";
            $result[0]["error_code"] = 1; // 用户未登录或登录信息过期
        }

        return $result;
    }

    /**
     * 通过AccessToken获取sid
     * @route({"GET","/token_login"})
     * @param({"access_id","$._GET.access_id"})
     * @param({"access_key","$._GET.access_key"})
     * @param({"scode","$._GET.scode"}) 客户端生成的Scode
     * @throws({"phprs\util\exceptions\Forbidden","res", "403 Forbidden",{"error":"Forbidden"}}) cookie不可用
     */
    public function token_login($access_id,$access_key,$scode) {
        // 当前时间戳，通过sid和scode获取用户信息，必须保障sid未过期
        $nowTime = time();
        
        $res = Sql::select('syweb_users_qq.sid')
                        ->from('syweb_users_qq')
                        ->where('syweb_users_qq.access_id=? and syweb_users_qq.access_key=? and syweb_users_qq.scode=? and access_expire_time>?', $access_id,$access_key,$scode,$nowTime)
                        ->get($this->db ,null);

        $result = array();
        if(count($res)>0){ // 存在对应的用户
            $result[0]["error"] = "0";
            $result[0]["sid"] = $res[0]['sid'];
        }else{
            $result[0]["error"] = "1";
            $result[0]["error_code"] = 1;// 无效的AccessToken
        }

        return $result;
    }

    /** @inject("ioc_factory") */
    private $factory;
    /**
     * @property({"default":"@db"})
     * @var PDO
     */
    public $db;
    // 此处删除了代码
}