/**
 * 使用 WebVPN Cookie 调用 beforeRunV260，按结果写入 lepao_account / jw_account 状态（与同步逻辑一致）。
 * 独立于 webvpnCookie，避免循环依赖；由上层注入 invalidate / refresh WebVPN。
 */
const axios = require('axios')
const db = require('../../plugin/DataBase/db')
const { URLSearchParams } = require('url')
const { dataEncrypt, dataDecrypt, dataSign } = require('../../plugin/Lepao/Crypto')

const DEFAULT_USER_AGENT =
    'Mozilla/5.0 (Linux; Android 16; 2211133C Build/BP2A.250605.031.A3; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/138.0.7204.180 Mobile Safari/537.36 XWEB/1380347 MMWEBSDK/20250202 MMWEBID/1020 wxwork/5.0.6.66174 MicroMessenger/8.0.28.48(0x28001c30) MiniProgramEnv/android Luggage/3.0.2.95ef3f83 NetType/WIFI Language/zh_CN ABI/arm64'

function isProbablyVpnHtml(body) {
    if (typeof body !== 'string') return false
    return (
        body.includes('lyuapServer') ||
        body.includes('ivpn') ||
        body.includes('统一身份认证') ||
        body.includes('rump_frontend/login')
    )
}

async function resetJwVerificationState(ownerUuid, jwUsername, updateTime = Date.now()) {
    await db.query(
        'UPDATE jw_account SET state = 0, update_time = ? WHERE create_user = ? AND username = ?',
        [updateTime, ownerUuid, jwUsername]
    )
}

/**
 * @param {object} opts
 * @param {string} opts.studentNum
 * @param {string} opts.ownerUuid
 * @param {string} opts.webvpnCookie
 * @param {{ uid: string, token: string, school_id: *, userAgent?: string }} opts.account 乐跑账号行
 * @param {string} opts.conditionSql 如 student_num = ? AND create_user = ?
 * @param {any[]} opts.queryParams UPDATE 占位参数顺序
 * @param {() => Promise<void>} opts.invalidateWebVpn
 * @param {() => Promise<string>} opts.refreshWebVpnCookie
 * @param {object} [opts.logger]
 * @returns {Promise<{ ok: boolean, skipped?: boolean, msg?: string, loginExpired?: boolean, data?: object }>}
 */
async function syncLepaoStateViaBeforeRun(opts) {
    const {
        studentNum,
        ownerUuid,
        webvpnCookie: initialCookie,
        account,
        conditionSql,
        queryParams,
        invalidateWebVpn,
        refreshWebVpnCookie,
        logger
    } = opts

    if (!account?.uid || !account?.token) {
        logger?.warn?.(`[beforeRun同步] 无 uid/token，跳过 student=${studentNum}`)
        return { ok: true, skipped: true }
    }

    let webvpnCookie = initialCookie
    const raw = {
        uid: account.uid,
        token: account.token,
        school_id: account.school_id,
        term_id: 0,
        course_id: 0,
        class_id: 0,
        student_num: studentNum,
        card_id: studentNum,
        timestamp: Number((Date.now() / 1000).toFixed(3)),
        version: 1,
        nonce: String(Math.floor(Math.random() * 900000 + 100000)),
        ostype: 5
    }
    raw.sign = dataSign(raw)

    const form = new URLSearchParams()
    form.append('ostype', '5')
    form.append('data', dataEncrypt(JSON.stringify(raw)))

    const buildHeaders = () => ({
        'Content-Type': 'application/x-www-form-urlencoded',
        Accept: '*/*',
        'Accept-Language': 'zh-CN,zh-Hans;q=0.9',
        'Accept-Encoding': 'gzip, deflate, br',
        Referer: 'https://servicewechat.com/wxf94c4ddb63d87ede/32/page-frame.html',
        'User-Agent': account.userAgent || DEFAULT_USER_AGENT,
        Cookie: webvpnCookie
    })

    let result
    try {
        const postOnce = () =>
            axios.post('https://lepao.ctbu.edu.cn/v3/api.php/Run2/beforeRunV260', form, {
                headers: buildHeaders(),
                proxy: false,
                responseType: 'text',
                transformResponse: [(b) => b]
            })

        let apiRes = await postOnce()
        try {
            result = JSON.parse(apiRes.data)
        } catch {
            result = apiRes.data
        }

        if (typeof result === 'string' && isProbablyVpnHtml(result)) {
            await invalidateWebVpn()
            webvpnCookie = await refreshWebVpnCookie()
            apiRes = await postOnce()
            try {
                result = JSON.parse(apiRes.data)
            } catch {
                result = apiRes.data
            }
        }

        if (result?.data && result?.is_encrypt === 1) {
            result.data = JSON.parse(dataDecrypt(result.data))
        }
    } catch (error) {
        logger?.error?.(`[beforeRun同步] 远端失败 ${studentNum}: ${error.stack || error}`)
        return { ok: false, msg: '同步失败，请稍后再试' }
    }

    const info = result?.info || result?.msg || '系统繁忙，请稍后再试'
    const updateTime = Date.now()

    if (String(info).includes('重新登录') || Number(result?.status) === 101) {
        await db.query(
            `UPDATE lepao_account SET state = 0, update_time = ? WHERE ${conditionSql}`,
            [updateTime, ...queryParams]
        )
        await resetJwVerificationState(ownerUuid, studentNum, updateTime)
        return { ok: false, msg: info, loginExpired: true }
    }

    if (!result || Number(result.status) !== 1 || !result.data) {
        return { ok: false, msg: info }
    }

    const term_num = Number(result.data.term_num ?? 0)
    const total_num = Number(result.data.total_num ?? 30)
    const updateRows = await db.query(
        `UPDATE lepao_account SET term_num = ?, total_num = ?, state = 1, update_time = ? WHERE ${conditionSql}`,
        [term_num, total_num, updateTime, ...queryParams]
    )
    if (!updateRows || updateRows.affectedRows !== 1) {
        return { ok: false, msg: '数据库更新失败' }
    }

    return {
        ok: true,
        data: {
            student_num: studentNum,
            term_num,
            total_num,
            state: 1
        }
    }
}

module.exports = {
    syncLepaoStateViaBeforeRun,
    resetJwVerificationState,
    DEFAULT_USER_AGENT
}