pbl-api/cocoflow.js

const express = require("express");
const axios = require("axios"); // 用于发起网络请求
const bcrypt = require("bcryptjs");
const crypto = require("crypto");
const mysql = require("./mysql");

const router = express.Router();

// 本地

// const _mysqlLabor = ["183.36.25.92", "pbl"]; //edu數據庫信息
// const _mysqluser = ["183.36.25.92", "cocorobouser"]; //用户数据库信息
// const _getmysqlLabor2 = ["183.36.25.92", "pbl"]; //edu數據庫信息
// const _getmysqlLabor = ["183.36.25.92", "pbl"]; //edu數據庫信息


//线上

const _mysqlLabor = ["172.16.12.5", "pbl"]; //edu數據庫信息
const _mysqluser = ["172.16.12.5", "cocorobouser"]; //edu數據庫信息
const _getmysqlLabor2 = ["172.16.12.7", "pbl"]; //edu數據庫信息
const _getmysqlLabor = ["172.16.12.7", "pbl"]; //edu數據庫信息

// 假设已经有了微信的 AppID 和 AppSecret

const { WECHAT_APPID, WECHAT_SECRET } = { WECHAT_APPID: "wx2d69589899b7ecd6", WECHAT_SECRET: "99fd14315d0b41375be4d4a17c830001" }; //cocorobo公众号
// const { WECHAT_APPID, WECHAT_SECRET } = {
//   WECHAT_APPID: "wx3a8dd28881c2c41f",
//   WECHAT_SECRET: "e6c81745345f44251e44bc7a3b837687",
// }; 
//自己
// const { WECHAT_APPID, WECHAT_SECRET } = {
//   WECHAT_APPID: "wx3a8dd28881c2c41f",
//   WECHAT_SECRET: "e6c81745345f44251e44bc7a3b837687",
// }; 

//线上
// const { WECHAT_APPID, WECHAT_SECRET } = {
//   WECHAT_APPID: "wxf8a72764a38a40b2",
//   WECHAT_SECRET: "4014c49f54d2fc31150d654f5d7ad1b8",
// }; 

// qgt
// const { WECHAT_APPID, WECHAT_SECRET } = { WECHAT_APPID: "wxbb3ac888b7d39c86", WECHAT_SECRET: "b9a978b1570b0da7242627b856dbafc6" };


// const WECHAT_REDIRECT_URI = "https://liyuan.cocorobo.cn/#/login"; // 微信授权后的回调地址

// 获取微信登录二维码的接口
// router.route("/wechat-login-qrcode").all((req, res) => {
//   try {
//     // 这里应该是调用微信 API 来获取授权 URL，并转换为二维码
//     const randomState = Math.random().toString(36).substring(2); // 生成随机状态
//     const wechatUrl = `https://open.weixin.qq.com/connect/qrconnect?appid=${WECHAT_APPID}&redirect_uri=${encodeURIComponent(
//       WECHAT_REDIRECT_URI
//     )}&response_type=code&scope=snsapi_login&state=${randomState}#wechat_redirect`;
//     // const wechatUrl = `https://open.weixin.qq.com/connect/oauth2/authorize?appid=${WECHAT_APPID}&redirect_uri=${encodeURIComponent(WECHAT_REDIRECT_URI)}&response_type=code&scope=snsapi_base&state=${randomState}#wechat_redirect`
//     // 这里简化处理，直接返回 URL
//     res.json({ url: wechatUrl });
//   } catch (error) {
//     res.status(500).send("服务器错误");
//   }
// });

// 微信回调接口，也就是用户扫码之后在手机上点击同意之后，需要进行重定向的目标URL
router.route("/wechat-callback").all(async (req, res) => {
  const code = req.body.code; // 获取微信回调返回的授权码
  
  try {
    // 使用授权码换取 access_token
    const tokenResponse = await axios.get(
      `https://api.weixin.qq.com/sns/oauth2/access_token?appid=${WECHAT_APPID}&secret=${WECHAT_SECRET}&code=${code}&grant_type=authorization_code`
    );
    // console.log(tokenResponse);
    
    // const accessToken = tokenResponse.data.access_token;
    // const openId = tokenResponse.data.openid;

    // 这里可以根据 accessToken 和 openId 获取用户信息，并进行登录处理

    // res.send('登录成功');
    res.status(200).json({ 
      success: true,
      data: tokenResponse.data,  // 只发送响应数据，不发送整个响应对象
      status: tokenResponse.status,
      statusText: tokenResponse.statusText
    });

    
  } catch (error) {
    console.log(error);
    res.status(500).json({ 
      success: false, 
      error: "授权失败",
      message: error.message 
    });
  }
});

// 通过openid获取微信用户信息
router.route("/wechat-user-info").post(async (req, res) => {
  const { openid, access_token } = req.body;
  
  if (!openid || !access_token) {
    return res.status(400).json({
      success: false,
      error: "缺少必要参数",
      message: "openid 和 access_token 都是必需的"
    });
  }
  
  try {
    // 使用openid和access_token获取用户信息
    const userInfoResponse = await axios.get(
      `https://api.weixin.qq.com/sns/userinfo?access_token=${access_token}&openid=${openid}&lang=zh_CN`
    );
    
    res.status(200).json({
      success: true,
      data: userInfoResponse.data,
      status: userInfoResponse.status,
      statusText: userInfoResponse.statusText
    });
  } catch (error) {
    console.log("获取用户信息失败:", error);
    res.status(500).json({
      success: false,
      error: "获取用户信息失败",
      message: error.message
    });
  }
});

// 获取微信用户信息的完整流程（包含获取access_token）
router.route("/wechat-get-user-info").post(async (req, res) => {
  const { code } = req.body;
  
  if (!code) {
    return res.status(400).json({
      success: false,
      error: "缺少授权码",
      message: "code 参数是必需的"
    });
  }
  
  try {
    // 第一步：使用授权码换取 access_token 和 openid
    const tokenResponse = await axios.get(
      `https://api.weixin.qq.com/sns/oauth2/access_token?appid=${WECHAT_APPID}&secret=${WECHAT_SECRET}&code=${code}&grant_type=authorization_code`
    );
    
    const { access_token, openid } = tokenResponse.data;
    
    if (!access_token || !openid) {
      return res.status(400).json({
        success: false,
        error: "获取access_token失败",
        message: tokenResponse.data.errmsg || "微信API返回错误"
      });
    }
    
    // 第二步：使用access_token和openid获取用户信息
    const userInfoResponse = await axios.get(
      `https://api.weixin.qq.com/sns/userinfo?access_token=${access_token}&openid=${openid}&lang=zh_CN`
    );
    
    res.status(200).json({
      success: true,
      data: {
        access_token,
        openid,
        userInfo: userInfoResponse.data
      },
      status: userInfoResponse.status,
      statusText: userInfoResponse.statusText
    });
  } catch (error) {
    console.log("获取用户信息失败:", error);
    res.status(500).json({
      success: false,
      error: "获取用户信息失败",
      message: error.message
    });
  }
});


//深圳电教馆注册
router.route("/wechat-register").post(function(req, res, next) {
  var users = req.body;
  //循环注册
  var _username = users.username; //名字
  var _mail = users.mail; //用户名 账号
  var _password = "Coco1234";
  var _alias = _username;
  var _org = "";
  var _oid = "1561728d-6d1b-11f0-9c7b-005056924926";
  var _ph = "";
  var _class = "";
  var _type = "1";
  var _openid = users.openid;
  var _dest = "";
  var _eduId = users.openid;
  //加密密碼
  _password = bcrypt.hashSync(_password, bcrypt.genSaltSync(10));
  //生成激活碼
  let _hashstr = new Date().getTime() + "";
  let _digest = crypto
      .createHash("sha256")
      .update(_hashstr, "utf8")
      .digest("hex");
  //用戶數據
  var _userdata = [
      _mail,
      _password,
      _alias,
      "",
      0,
      _username,
      _openid,
      generateAPIKey(_username),
      _digest,
      "",
      _username,
      '',
      _type,
      _org,
      _oid,
      _ph,
      _class,
      "",
      "0",
      _dest,
      _eduId
  ];
  //參數拼接，註冊
  _userdata.unshift(_mysqluser[0], _mysqluser[1], "pbl_add_batchregisterSzdjg3");
  //用戶註冊處理
  mysql.usselect(_userdata, function(ret) {
      res.end(
          JSON.stringify({
              uid: ret[1][0].uid,
              ph: _ph,
              oid: _oid,
              cid: _class,
              success: 1,
          })
      );
  });
});

function generateAPIKey(username) {
  let timeStamp = new Date().getTime();

  let hashStr = timeStamp + username;

  let digest = crypto
      .createHash("sha256")
      .update(hashStr, "utf8")
      .digest("hex");

  return digest;
}


// 微信获取用户的accept_token
router.route("/wechat-get-signature").all(async (req, res) => {
  
  try {
    // 使用授权码换取 access_token
    // const tokenResponse = await axios.get(
    //   `https://api.weixin.qq.com/sns/oauth2/access_token?appid=${WECHAT_APPID}&secret=${WECHAT_SECRET}&code=${code}&grant_type=authorization_code`
    // );

    const tokenResponse = await axios.get(
      `https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=${WECHAT_APPID}&secret=${WECHAT_SECRET}`
    );

    if(tokenResponse.status=='200'){
       const tticketResponse = await axios.get(`https://api.weixin.qq.com/cgi-bin/ticket/getticket?access_token=${tokenResponse.data.access_token}&type=jsapi`)
       console.log("tticketResponse",tticketResponse)
       if(tticketResponse.data.errcode==0){
        const url = decodeURIComponent(req.query.url);
        let params = {
          jsapi_ticket: tticketResponse.data.ticket,   // 获取到的 jsapi_ticket
          nonceStr: 'wechat-signature-'+new Date().getTime(),      // 随机字符串
          timestamp: new Date().getTime(),         // 时间戳
          url: url         // 当前页面的 URL
        }
        var string = 'jsapi_ticket=' + params.jsapi_ticket + '&noncestr=' + params.nonceStr + '&timestamp=' + params.timestamp + '&url=' + params.url;
        // 使用crypto模块的SHA1算法生成签名
        var signature = crypto.createHash('sha1').update(string, 'utf8').digest('hex');
        // let _signature = crypto.createHash('sha1').update(string, 'utf8').digest('hex');

        res.status(200).json({
          success:true,
          data:{
            params,
            signature,
            appId:WECHAT_APPID,
          }
        })
       }else{
        res.status(500).json({ 
          success: false, 
          error: "获取jsapi_ticket失败",
          message: tticketResponse.data.errmsg || "获取jsapi_ticket失败"
        });
       }
      //  res.status(200).json({ 
      //   success: true,
      //   data: tticketResponse.data, 
      // });
      //  if(tticketResponse.status=='200'){
      //   res.status(200).json({ 
      //     success: true,
      //     data: tticketResponse.data,  // 只发送响应数据，不发送整个响应对象
      //     status: tticketResponse.status,
      //     statusText: tticketResponse.statusText
      //   });
      //  }
    }else{
      res.status(500).json({ 
        success: false, 
        error: "获取access_token失败",
        message: tokenResponse.data.statusText || "微信API返回错误"
      });
    }
  } catch (error) {
    console.log(error);
    res.status(500).json({ 
      success: false, 
      error: "授权失败",
      message: error.message 
    });
  }
});

module.exports = router;