Pchen0
/
ic-ctbu-backend


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170
							const API = require("../../../lib/API.js");
const axios = require("axios");
const db = require("../../../plugin/DataBase/db.js");
const { BaseStdResponse } = require("../../../BaseStdResponse.js");
const AccessControl = require("../../../lib/AccessControl.js");

class AddAccount extends API {
    constructor() {
        super();

        this.setPath('/Lepao/Account')
        this.setMethod('POST')

        this.emailRegex = /^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$/
        this.banEmailList = ['icloud.com']
    }

    async lepaoAuth(student_num, password) {
        const endpoint = "http://222.178.152.79:100/api_v1/login"
        const params = new URLSearchParams()
        params.append('password', password)
        params.append('account', student_num)

        const res = await axios.post(endpoint, params, {
            proxy: false,
            headers: {
                "User-Agent": 'okhttp/4.9.0'
            }
        })
        const data = res.data
        if (!data || data.status !== 1) {
            throw new Error(data?.message ?? "无法验证乐跑账号，请联系客服或稍后再试")
        }
        return true
    }

    async lepaoUserInfo(student_num) {
        const params = new URLSearchParams()
        params.append('account', student_num)

        const endpoint = "http://222.178.152.79:100/api_v1/getUserInfo"
        const res = await axios.post(endpoint, params, {
            proxy: false,
            headers: {
                "User-Agent": 'okhttp/4.9.0'
            }
        })
        const data = res.data
        if (!data || data.status !== 1 || !data.data || !data.data.id || !data.data.nickName || !data.data.department || !data.data.frequency) {
            this.logger.error(`获取乐跑用户信息失败！${data?.message ?? "未知错误"}`)
            throw new Error(data?.message ?? "无法获取用户信息，请联系客服或稍后再试")
        }
        return data.data
    }

    async onRequest(req, res) {
        let { uuid, session, student_num, email, id, area, auto_time, auto_run, target_count, password, notes } = req.body

        if ([uuid, session, student_num, email, auto_time, target_count].some(value => value === '' || value === null || value === undefined))
            return res.json({
                ...BaseStdResponse.MISSING_PARAMETER
            })

        if (isNaN(target_count) || target_count < 0 || target_count > 999) {
            return res.json({
                ...BaseStdResponse.ERR,
                msg: '乐跑目标次数不在合法范围内'
            })
        }

        if (!this.emailRegex.test(email)) {
            return res.json({
                ...BaseStdResponse.ERR,
                msg: '请检查邮箱格式是否正确'
            })
        }

        const emailDomain = email.split('@')[1].toLowerCase()
        if (this.banEmailList.includes(emailDomain))
            return res.json({
                ...BaseStdResponse.ERR,
                msg: `暂不支持使用 ${emailDomain} 域名的邮箱，请更换其他邮箱后重试`
            })

        if (!await AccessControl.checkSession(uuid, session))
            return res.status(401).json({
                ...BaseStdResponse.ACCESS_DENIED
            })

        let countSql = 'SELECT id, create_user, total_num FROM lepao_account WHERE student_num = ?'
        let countRows = await db.query(countSql, [student_num])

        if (!countRows)
            return res.json({ ...BaseStdResponse.ERR, msg: '添加乐跑账号失败！数据库错误' })

        // 判断是否重复注册
        if (!id) {
            if (!password) {
                return res.json({ ...BaseStdResponse.ERR, msg: '请输入乐跑账号密码' })
            }

            if (countRows.length !== 0 && countRows[0].create_user != null) {
                if (countRows[0].create_user !== uuid)
                    return res.json({ ...BaseStdResponse.ERR, msg: '该乐跑账号已被其他用户绑定，请联系客服解绑' })
                return res.json({ ...BaseStdResponse.ERR, msg: '该乐跑账号已添加' })
            }

            // 进行密码校验
            try {
                password = atob(password)
                await this.lepaoAuth(student_num, password)
            } catch (err) {
                this.logger.info(`乐跑账号验证失败！${err.message}`)
                return res.json({ ...BaseStdResponse.ERR, msg: err.message ?? '无法验证乐跑账号，请联系客服或稍后再试' })
            }
        }

        if (countRows.length !== 0) {
            if (auto_run && countRows[0].total_num >= target_count && target_count !== 0)
                return res.json({ ...BaseStdResponse.ERR, msg: '该账号累计跑步次数已达到目标次数，请尝试修改目标次数' })
        }

        const time = new Date().getTime()

        let sql, r, userInfo

        if (!id) {
            // 获取用户信息
            try {
                userInfo = await this.lepaoUserInfo(student_num)

                if (auto_run && userInfo.frequency >= target_count && target_count !== 0)
                    return res.json({ ...BaseStdResponse.ERR, msg: '该账号累计跑步次数已达到目标次数，请尝试修改目标次数' })
            } catch (error) {
                return res.json({ ...BaseStdResponse.ERR, msg: '获取用户信息失败，请联系客服或稍后再试' })
            }

            if (countRows.length !== 0) {
                sql = 'UPDATE lepao_account SET create_user = ?, email = ?, area = ?, auto_time = ?, auto_run = ?, target_count = ?, create_time = ?, notes = ?, total_num = ? WHERE id = ?'
                r = await db.query(sql, [uuid, email, area, auto_time, auto_run, target_count, time, notes ?? '', userInfo.frequency, countRows[0].id])
            }
            else {
                sql = 'INSERT INTO lepao_account (student_num, name, grade_id, uid, sex, total_num, email, area, auto_time, auto_run, target_count, create_user, create_time, notes, password) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)'
                r = await db.query(sql, [student_num, userInfo.nickName, userInfo.department, userInfo.id, userInfo.sex, userInfo.frequency, email, area, auto_time, auto_run, target_count, uuid, time, notes ?? '', password])
            }
        } else {
            sql = 'UPDATE lepao_account SET student_num = ?, email = ?, area = ?, auto_time = ?, target_count = ?, auto_run = ?, notes = ? WHERE id = ?'
            r = await db.query(sql, [student_num, email, area, auto_time, target_count, auto_run, notes ?? '', id])
        }

        try {
            if (r && r.affectedRows > 0) {
                res.json({
                    ...BaseStdResponse.OK,
                    id: r.insertId
                })
            } else {
                return res.json({ ...BaseStdResponse.ERR, msg: '添加乐跑账号失败！数据库错误' })
            }
        } catch (err) {
            this.logger.error(`添加乐跑账号失败！${err.stack}`)
            res.json({
                ...BaseStdResponse.ERR,
                msg: "添加乐跑账号失败！",
            });
        }
    }
}

module.exports.AddAccount = AddAccount