From ad4e7d1d36cde0ad50661675ccbc18c0c965080a Mon Sep 17 00:00:00 2001
From: qichunren <whyruby@gmail.com>
Date: Tue, 16 Jan 2024 01:24:57 +0800
Subject: [PATCH] Add user info API

---
 app/controllers/qweixin/users_controller.rb   | 57 ++-----------------
 config/routes.rb                              |  3 +-
 .../20240111055137_create_qweixin_users.rb    |  4 ++
 lib/qweixin/client.rb                         | 19 ++++++-
 .../qweixin/token_controller_test.rb          | 12 ----
 .../qweixin/users_controller_test.rb          | 57 ++++++++-----------
 test/dummy/db/schema.rb                       |  3 +
 test/fixtures/qweixin/users.yml               |  6 ++
 8 files changed, 60 insertions(+), 101 deletions(-)
 delete mode 100644 test/controllers/qweixin/token_controller_test.rb

diff --git a/app/controllers/qweixin/users_controller.rb b/app/controllers/qweixin/users_controller.rb
index 0fba01b..b657751 100644
--- a/app/controllers/qweixin/users_controller.rb
+++ b/app/controllers/qweixin/users_controller.rb
@@ -1,60 +1,11 @@
 module Qweixin
   class UsersController < ApplicationController
-    before_action :set_user, only: %i[ show edit update destroy ]
+    skip_before_action :verify_authenticity_token
+    before_action :require_auth_token!, only: %i[ show ]
 
-    # GET /users
-    def index
-      @users = User.all
-    end
-
-    # GET /users/1
+    # GET /weixin/user
     def show
+      render json: { errcode: 0, errmsg: "ok", user_info: @current_user.as_json(only: %i[ id nickname mobile avatar ]) }
     end
-
-    # GET /users/new
-    def new
-      @user = User.new
-    end
-
-    # GET /users/1/edit
-    def edit
-    end
-
-    # POST /users
-    def create
-      @user = User.new(user_params)
-
-      if @user.save
-        redirect_to @user, notice: "User was successfully created."
-      else
-        render :new, status: :unprocessable_entity
-      end
-    end
-
-    # PATCH/PUT /users/1
-    def update
-      if @user.update(user_params)
-        redirect_to @user, notice: "User was successfully updated.", status: :see_other
-      else
-        render :edit, status: :unprocessable_entity
-      end
-    end
-
-    # DELETE /users/1
-    def destroy
-      @user.destroy!
-      redirect_to users_url, notice: "User was successfully destroyed.", status: :see_other
-    end
-
-    private
-      # Use callbacks to share common setup or constraints between actions.
-      def set_user
-        @user = User.find(params[:id])
-      end
-
-      # Only allow a list of trusted parameters through.
-      def user_params
-        params.require(:user).permit(:session_key, :unionid, :openid, :last_appid)
-      end
   end
 end
diff --git a/config/routes.rb b/config/routes.rb
index a835b27..0fd89a5 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -1,5 +1,6 @@
 Qweixin::Engine.routes.draw do
-  resources :users
+  resource :user
 
   get "app_login", to: "sessions#code2session"
+  get "app_checksession", to: "sessions#checksession"
 end
diff --git a/db/migrate/20240111055137_create_qweixin_users.rb b/db/migrate/20240111055137_create_qweixin_users.rb
index 644a8a5..d6dd4f2 100644
--- a/db/migrate/20240111055137_create_qweixin_users.rb
+++ b/db/migrate/20240111055137_create_qweixin_users.rb
@@ -1,6 +1,10 @@
 class CreateQweixinUsers < ActiveRecord::Migration[7.1]
   def change
     create_table :qweixin_users do |t|
+      t.string :nickname
+      t.string :mobile
+      t.string :avatar
+
       t.string :session_key
       t.string :unionid
       t.string :openid
diff --git a/lib/qweixin/client.rb b/lib/qweixin/client.rb
index 587afe3..835d8fa 100644
--- a/lib/qweixin/client.rb
+++ b/lib/qweixin/client.rb
@@ -3,6 +3,7 @@
 module Qweixin
   class Client
     include ActiveSupport::Configurable
+    attr_accessor :access_token
 
     # https://developers.weixin.qq.com/miniprogram/dev/OpenApiDoc/mp-access-token/getAccessToken.html
     # 获取接口调用凭据
@@ -19,7 +20,9 @@ def getAccessToken
       # https://docs.ruby-lang.org/en/master/Net/HTTP.html
 
       response = Net::HTTP.get(api_uri)
-      JSON.parse(response)
+      response_json = JSON.parse(response) rescue {}
+      self.access_token = response_json["access_token"]
+      response_json
     end
 
     # https://developers.weixin.qq.com/miniprogram/dev/OpenApiDoc/user-login/code2Session.html
@@ -44,5 +47,19 @@ def code2session(js_code:)
       # puts "weixin response: #{response}"
       JSON.parse(response) rescue {}
     end
+
+    # DOC: https://developers.weixin.qq.com/miniprogram/dev/OpenApiDoc/user-login/checkSessionKey.html
+    # GET https://api.weixin.qq.com/wxa/checksession?access_token=ACCESS_TOKEN
+    def checksession(access_token:)
+      raise "access_token is required!" if access_token.blank?
+
+      api_uri = URI("https://api.weixin.qq.com/wxa/checksession?access_token=#{access_token}")
+      # https://docs.ruby-lang.org/en/master/Net/HTTP.html
+
+      response = Net::HTTP.get(api_uri)
+      # puts "weixin response: #{response}"
+      JSON.parse(response) rescue {}
+    end
+
   end
 end
diff --git a/test/controllers/qweixin/token_controller_test.rb b/test/controllers/qweixin/token_controller_test.rb
deleted file mode 100644
index 083fbc6..0000000
--- a/test/controllers/qweixin/token_controller_test.rb
+++ /dev/null
@@ -1,12 +0,0 @@
-require "test_helper"
-
-module Qweixin
-  class TokenControllerTest < ActionDispatch::IntegrationTest
-    include Engine.routes.url_helpers
-
-    # test "should get getAccessToken" do
-    #   get token_getAccessToken_url
-    #   assert_response :success
-    # end
-  end
-end
diff --git a/test/controllers/qweixin/users_controller_test.rb b/test/controllers/qweixin/users_controller_test.rb
index 59cac40..3b3d5a7 100644
--- a/test/controllers/qweixin/users_controller_test.rb
+++ b/test/controllers/qweixin/users_controller_test.rb
@@ -8,45 +8,34 @@ class UsersControllerTest < ActionDispatch::IntegrationTest
       @user = qweixin_users(:one)
     end
 
-    test "should get index" do
-      get users_url
+    test "should get not user json without auth token" do
+      get user_url
       assert_response :success
-    end
-
-    test "should get new" do
-      get new_user_url
-      assert_response :success
-    end
-
-    test "should create user" do
-      assert_difference("User.count") do
-        post users_url, params: { user: { last_appid: @user.last_appid, openid: @user.openid, session_key: @user.session_key, unionid: @user.unionid } }
+      assert_equal "{\"errcode\":10000,\"errmsg\":\"user not found\"}", response.body
+    end
+
+    test "should get not user json after app login" do
+      valid_code = "AAAABBCCCCMDpR1Qnl111rS1rY3C5i1c"
+      net_http_mock = Minitest::Mock.new
+      mocked_response = '{"session_key":"AAASrAB+K5Y1u44y4jNsjQ==","openid":"#{SecureRandom.hex}"}'
+      mocked_arg = URI("https://api.weixin.qq.com/sns/jscode2session?appid=#{Qweixin::Client.config.appid}&secret=#{Qweixin::Client.config.secret}&js_code=#{valid_code}&grant_type=authorization_code")
+      net_http_mock.expect(:call, mocked_response, [mocked_arg])
+
+      Net::HTTP.stub(:get, net_http_mock) do
+        # send request with auth token in header
+        get "/weixin/app_login?code=#{valid_code}"
+        assert_response :success
+
+        # get user_url request, with auth token in header
+        token = User.last.generate_auth_token
+        get user_url, headers: { 'Authorization' => token }
+        result_json = JSON.parse(response.body)
+        assert_equal ["errcode", "errmsg", "user_info"], result_json.keys
+        assert_equal ["id", "nickname", "mobile", "avatar"], result_json["user_info"].keys
       end
 
-      assert_redirected_to user_url(User.last)
     end
 
-    test "should show user" do
-      get user_url(@user)
-      assert_response :success
-    end
 
-    test "should get edit" do
-      get edit_user_url(@user)
-      assert_response :success
-    end
-
-    test "should update user" do
-      patch user_url(@user), params: { user: { last_appid: @user.last_appid, openid: @user.openid, session_key: @user.session_key, unionid: @user.unionid } }
-      assert_redirected_to user_url(@user)
-    end
-
-    test "should destroy user" do
-      assert_difference("User.count", -1) do
-        delete user_url(@user)
-      end
-
-      assert_redirected_to users_url
-    end
   end
 end
diff --git a/test/dummy/db/schema.rb b/test/dummy/db/schema.rb
index 77be717..271b2f1 100644
--- a/test/dummy/db/schema.rb
+++ b/test/dummy/db/schema.rb
@@ -12,6 +12,9 @@
 
 ActiveRecord::Schema[7.1].define(version: 2024_01_11_055137) do
   create_table "qweixin_users", force: :cascade do |t|
+    t.string "nickname"
+    t.string "mobile"
+    t.string "avatar"
     t.string "session_key"
     t.string "unionid"
     t.string "openid"
diff --git a/test/fixtures/qweixin/users.yml b/test/fixtures/qweixin/users.yml
index 645b141..dc857f6 100644
--- a/test/fixtures/qweixin/users.yml
+++ b/test/fixtures/qweixin/users.yml
@@ -1,12 +1,18 @@
 # Read about fixtures at https://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
 
 one:
+  nickname: "Weixin User1"
+  mobile: "13800138000"
+  avatar: "https://wx.qlogo.cn/mmopen/vi_32/Q0j4TwGTfTJ"
   session_key: MyString
   unionid: MyString
   openid: MyString
   last_appid: MyString
 
 two:
+  nickname: "Weixin User2"
+  mobile: "13800138111"
+  avatar: "https://wx.qlogo.cn/mmopen/vi_32/Q0j4TwGTfTJ"
   session_key: MyString
   unionid: MyString
   openid: MyString