ic-ctbu-backend/lib/Lepao/syncAccountInfo.js

const axios = require('axios')
const db = require('../../plugin/DataBase/db')
const { URLSearchParams } = require('url')
const { dataEncrypt, dataDecrypt, dataSign } = require('../../plugin/Lepao/Crypto')
const {
    getWebVpnCookieHeader,
    invalidateWebVpnCookie,
    isProbablyVpnLoginHtml
} = require('./webvpnCookie')

const DEFAULT_USER_AGENT = 'Mozilla/5.0 (Linux; Android 16; 2211133C Build/BP2A.250605.031.A3; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/138.0.7204.180 Mobile Safari/537.36 XWEB/1380347 MMWEBSDK/20250202 MMWEBID/1020 wxwork/5.0.6.66174 MicroMessenger/8.0.28.48(0x28001c30) MiniProgramEnv/android Luggage/3.0.2.95ef3f83 NetType/WIFI Language/zh_CN ABI/arm64'

async function syncAccountInfo({ studentNum, createUser, logger }) {
    if (!studentNum) {
        return { ok: false, msg: '缺少学号参数' }
    }

    const conditionSql = createUser
        ? 'student_num = ? AND create_user = ?'
        : 'student_num = ?'
    const queryParams = createUser ? [studentNum, createUser] : [studentNum]
    const rows = await db.query(
        `SELECT uid, token, school_id, userAgent, create_user FROM lepao_account WHERE ${conditionSql}`,
        queryParams
    )
    if (!rows || rows.length !== 1) {
        return { ok: false, msg: '未找到该乐跑账号或无权限操作' }
    }

    const account = rows[0]
    const ownerUuid = account.create_user || createUser
    if (!ownerUuid) {
        return { ok: false, msg: '账号未绑定用户，无法同步' }
    }
    let webvpnCookie
    try {
        webvpnCookie = await getWebVpnCookieHeader(ownerUuid, studentNum)
    } catch (e) {
        logger?.error?.(`WebVPN 登录失败 ${studentNum}: ${e.stack || e}`)
        return { ok: false, msg: e.message || 'WebVPN 登录失败，请检查教务账号密码' }
    }
    const raw = {
        uid: account.uid,
        token: account.token,
        school_id: account.school_id,
        term_id: 0,
        course_id: 0,
        class_id: 0,
        student_num: studentNum,
        card_id: studentNum,
        timestamp: Number((Date.now() / 1000).toFixed(3)),
        version: 1,
        nonce: String(Math.floor(Math.random() * 900000 + 100000)),
        ostype: 5
    }
    raw.sign = dataSign(raw)

    const form = new URLSearchParams()
    form.append('ostype', '5')
    form.append('data', dataEncrypt(JSON.stringify(raw)))

    const buildHeaders = () => ({
        'Content-Type': 'application/x-www-form-urlencoded',
        'Accept': '*/*',
        'Accept-Language': 'zh-CN,zh-Hans;q=0.9',
        'Accept-Encoding': 'gzip, deflate, br',
        'Referer': 'https://servicewechat.com/wxf94c4ddb63d87ede/32/page-frame.html',
        'User-Agent': account.userAgent || DEFAULT_USER_AGENT,
        Cookie: webvpnCookie
    })

    let result
    try {
        const postOnce = () =>
            axios.post('https://lepao.ctbu.edu.cn/v3/api.php/Run2/beforeRunV260', form, {
                headers: buildHeaders(),
                proxy: false,
                responseType: 'text',
                transformResponse: [(b) => b]
            })

        let apiRes = await postOnce()
        try {
            result = JSON.parse(apiRes.data)
        } catch {
            result = apiRes.data
        }

        if (typeof result === 'string' && isProbablyVpnLoginHtml(result)) {
            await invalidateWebVpnCookie(ownerUuid, studentNum)
            webvpnCookie = await getWebVpnCookieHeader(ownerUuid, studentNum, { skipCache: true })
            apiRes = await postOnce()
            try {
                result = JSON.parse(apiRes.data)
            } catch {
                result = apiRes.data
            }
        }

        if (result?.data && result?.is_encrypt === 1) {
            result.data = JSON.parse(dataDecrypt(result.data))
        }
    } catch (error) {
        logger?.error?.(`同步乐跑账号远端请求失败 ${studentNum}: ${error.stack || error}`)
        return { ok: false, msg: '同步失败，请稍后再试' }
    }

    const info = result?.info || result?.msg || '系统繁忙，请稍后再试'
    const updateTime = Date.now()

    // 登录失效时，仅更新状态并返回失败信息
    if (String(info).includes('重新登录') || Number(result?.status) === 101) {
        await db.query(
            `UPDATE lepao_account SET state = 0, update_time = ? WHERE ${conditionSql}`,
            [updateTime, ...queryParams]
        )
        return { ok: false, msg: info, loginExpired: true }
    }

    if (!result || Number(result.status) !== 1 || !result.data) {
        return { ok: false, msg: info }
    }

    const term_num = Number(result.data.term_num ?? 0)
    const total_num = Number(result.data.total_num ?? 30)
    const updateRows = await db.query(
        `UPDATE lepao_account SET term_num = ?, total_num = ?, state = 1, update_time = ? WHERE ${conditionSql}`,
        [term_num, total_num, updateTime, ...queryParams]
    )
    if (!updateRows || updateRows.affectedRows !== 1) {
        return { ok: false, msg: '数据库更新失败' }
    }

    return {
        ok: true,
        data: {
            student_num: studentNum,
            term_num,
            total_num,
            state: 1
        }
    }
}

module.exports = { syncAccountInfo }