# routes/UserController.py
import re

from fastapi import APIRouter, Request, Response, Depends
from auth.dependencies import *
from utils.CommonUtil import md5_encrypt
from utils.Database import *
from utils.ParseRequest import *

# 创建一个路由实例,需要依赖get_current_user,登录后才能访问
router = APIRouter(dependencies=[Depends(get_current_user)])

# 【Base-User-1】维护用户手机号
@router.post("/modifyTelephone")
async def modify_telephone(request: Request):
    person_id = await get_request_str_param(request, "person_id", True, True)
    telephone = await get_request_str_param(request, "telephone", True, True)
    # 校验手机号码格式
    if not re.match(r"^1[3-9]\d{9}$", telephone):
        raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST, detail="手机号码格式错误")
    # 校验手机号码是否已被注册
    select_telephone_sql: str = "select * from t_sys_loginperson where b_use = 1 and telephone = '" + telephone + "' and person_id <> '" + person_id + "'"
    userlist = await find_by_sql(select_telephone_sql, ())
    if userlist is not None:
        return {"success": False, "message": "手机号码已被注册"}
    else:
        update_telephone_sql: str = "update t_sys_loginperson set telephone = '" + telephone + "' where person_id = '" + person_id + "'"
        await execute_sql(update_telephone_sql)
        return {"success": True, "message": "修改成功"}


# 【Base-User-2】维护用户密码
@router.post("/modifyPassword")
async def modify_password(request: Request):
    person_id = await get_request_str_param(request, "person_id", True, True)
    old_password = await get_request_str_param(request, "old_password", True, True)
    password = await get_request_str_param(request, "password", True, True)
    # 校验旧密码是否正确
    select_password_sql: str = "select pwdmd5 from t_sys_loginperson where person_id = '" + person_id + "' and b_use = 1"
    userlist = await find_by_sql(select_password_sql, ())
    if len(userlist) == 0:
        return {"success": False, "message": "用户不存在"}
    else:
        if userlist[0]["pwdmd5"] != md5_encrypt(old_password):
            return {"success": False, "message": "旧密码错误"}
        else:
            update_password_sql: str = "update t_sys_loginperson set original_pwd = '" + password + "',pwdmd5 = '" + md5_encrypt(password) + "' where person_id = '" + person_id + "'"
            await execute_sql(update_password_sql)
            return {"success": True, "message": "修改成功"}