const axios = require('axios');

const BASE_URL = 'http://localhost:8080';
const WX_CODE = '0b3ycd0w32tGL53puK1w3ho1Hv2ycd0R' // 用户提供的真实微信code

async function testWxLogin() {
    console.log('=== 测试微信登录和匿名用户访问 ===\n');
    
    try {
        // 1. 使用真实微信code进行登录
        console.log('1. 使用真实微信code进行登录');
        console.log('微信code:', WX_CODE);
        
        const loginResponse = await axios.post(`${BASE_URL}/api/auth/wx-login`, {
            code: WX_CODE,
            loginIp: '127.0.0.1',
            deviceInfo: 'test-device',
            phoneAuthorized: false
        }, {
            headers: {
                'Content-Type': 'application/json'
            }
        });

        console.log('微信登录响应状态:', loginResponse.status);
        console.log('微信登录响应数据:', JSON.stringify(loginResponse.data, null, 2));
        
        if (loginResponse.data && loginResponse.data.token) {
            const anonymousToken = loginResponse.data.token;
            console.log('\n✅ 成功获取到token:', anonymousToken.substring(0, 50) + '...');
            
            // 2. 使用获取到的token访问userProfile
            console.log('\n2. 使用token访问userProfile');
            const userProfileQuery = `
                query {
                    userProfile {
                        id
                        name
                        phone
                        userType
                        roles
                    }
                }
            `;

            const graphqlResponse = await axios.post(`${BASE_URL}/api/graphql`, {
                query: userProfileQuery
            }, {
                headers: {
                    'Authorization': `Bearer ${anonymousToken}`,
                    'Content-Type': 'application/json'
                }
            });

            console.log('GraphQL响应状态:', graphqlResponse.status);
            console.log('GraphQL响应数据:', JSON.stringify(graphqlResponse.data, null, 2));
            
            // 3. 测试访问需要权限的接口（应该失败）
            console.log('\n3. 测试匿名用户访问需要员工权限的接口（应该失败）');
            const employeeQuery = `
                query {
                    employeeReviewStats(keyword: "") {
                        pendingCount
                        approvedCount
                        rejectedCount
                    }
                }
            `;

            try {
                const employeeResponse = await axios.post(`${BASE_URL}/api/graphql`, {
                    query: employeeQuery
                }, {
                    headers: {
                        'Authorization': `Bearer ${anonymousToken}`,
                        'Content-Type': 'application/json'
                    }
                });

                console.log('员工接口响应状态:', employeeResponse.status);
                console.log('员工接口响应数据:', JSON.stringify(employeeResponse.data, null, 2));
            } catch (error) {
                console.log('员工接口访问失败（符合预期）:', error.response?.status, error.response?.data || error.message);
            }
            
        } else {
            console.log('❌ 登录失败，未获取到token');
        }
        
    } catch (error) {
        console.error('❌ 测试过程中发生错误:');
        console.error('状态码:', error.response?.status);
        console.error('错误信息:', error.response?.data || error.message);
        if (error.response?.data) {
            console.error('详细错误:', JSON.stringify(error.response.data, null, 2));
        }
    }
}

// 运行测试
testWxLogin().then(() => {
    console.log('\n=== 测试完成 ===');
}).catch(error => {
    console.error('测试执行失败:', error);
});