#!/usr/bin/env python3
# 彩虹娱乐商户后台 API 客户端
# 依赖：curl_cffi（伪装浏览器 TLS 指纹，绕过 Cloudflare）
#   安装：pip3 install --user curl_cffi
# 运行：python3 /Users/drher/api/client.py

import json
from curl_cffi import requests
from Crypto.Cipher import AES
from Crypto.Util.Padding import unpad

BASE = "https://www.gsqwd.com"

# 接口响应解密：AES-192-ECB / Pkcs7，密钥就是这个字符串的 UTF-8 字节（24字节）
SECRET = b"wNbLVFk3YShA4zT8mCbcQA=="


def decrypt(hex_text):
    hex_text = hex_text.strip().strip('"')   # 去掉外层 JSON 字符串引号
    ct = bytes.fromhex(hex_text)
    pt = unpad(AES.new(SECRET, AES.MODE_ECB).decrypt(ct), 16)
    return json.loads(pt.decode("utf-8"))

# Authorization 里 "Bearer " 之后那一整串。会过期，过期后返回 401，需重新从浏览器复制
TOKEN = "eyJhbGciOiJIUzUxMiJ9.eyJsb2dpbl91c2VyX2tleSI6ImQzZDk4NzNlLWQ2MzEtNDVmYi05YjU4LTVjZjI5NjIyNjU1ZSJ9.n7rLw7V0uhLWiRIsuyueYK3klfSegVRZU4PZDqDJCvOCy4h6uWAAUjiNvEUgmtOrS6f9hKUhfYv3zDVWvmBOSg"

MERCHANT_CODE = 4

HEADERS = {
    "Accept": "application/json, text/plain, */*",
    "Authorization": "Bearer " + TOKEN,
    "Accept-Language": "zh_CN",
    "Origin": "https://www.tyulk.com",
    "Referer": "https://www.tyulk.com/",
    "product": str(MERCHANT_CODE),
}


def api(path, method="POST", params=None, json_body=None):
    url = BASE + path
    r = requests.request(
        method, url,
        headers={**HEADERS, "Content-Type": "application/json;charset=utf-8"},
        params=params,
        json=json_body,
        impersonate="safari",   # 关键：伪装 Safari 指纹过 Cloudflare
    )
    if r.status_code == 401:
        raise SystemExit("401 未授权：token 过期了，去浏览器重新复制 token")
    r.raise_for_status()
    return decrypt(r.text)   # 自动解密成 JSON


def get_merchant(code=MERCHANT_CODE):
    """查商户信息（含积分/余额）"""
    return api("/project/merchant/getByCodeMerchant", method="GET", params={"code": code})


def get_user_list(page_num=1, page_size=10, **filters):
    """查用户列表"""
    return api("/project/user/list", method="POST",
               params={"pageNum": page_num, "pageSize": page_size,
                       "orderByColumn": "", "isAsc": ""},
               json_body=filters)


CURRENCY_USDT = 6   # USDT 的 currencyId（来自 /project/currency/getList）


def up_score(user_id, amount=0, bonus_amount=0, remark="", currency_id=CURRENCY_USDT):
    """给用户上分。amount=真实余额，bonus_amount=赠送彩金（二者可单独给）
    ⚠️ 这是真实加钱操作，会改变用户余额，谨慎调用。"""
    return api("/project/user/upScoreByUserId", method="POST", json_body={
        "currencyId": currency_id,
        "userId": user_id,
        "amount": amount,
        "bonusAmount": bonus_amount,   # ★ 彩金
        "remark": remark,
        "tradeImg": "",
    })


def down_score(user_id, amount=0, lower_subtype=None, remark="", currency_id=CURRENCY_USDT):
    """给用户下分（扣余额）。lower_subtype=扣款子类型。⚠️ 真实扣钱操作。"""
    body = {
        "currencyId": currency_id,
        "userId": user_id,
        "amount": amount,
        "remark": remark,
        "tradeImg": "",
    }
    if lower_subtype is not None:
        body["lowerSubtype"] = lower_subtype
    return api("/project/user/downScoreByUserId", method="POST", json_body=body)


def get_user_ip_device(user_id):
    """查指定用户当前的 IP 和设备码（取自用户资料，单条）"""
    r = get_user_list(page_num=1, page_size=1, userId=user_id)
    rows = r.get("rows") or []
    if not rows:
        return None
    u = rows[0]
    return {
        "userId": u["userId"],
        "ip": u["ip"],                 # 最后登录 IP
        "ipAddr": u["ipAddr"],         # 归属地 国家|省|市|区|运营商
        "fingerprint": u["fingerprint"],  # 设备码/设备指纹
    }


def get_login_history(user_id, page_num=1, page_size=20):
    """查指定用户的登录历史（每次登录的 IP、归属地、设备、设备码）"""
    r = api("/project/history/list", method="POST",
            params={"pageNum": page_num, "pageSize": page_size},
            json_body={"userId": user_id})
    out = []
    for x in r.get("rows", []):
        out.append({
            "time": x.get("createTime"),
            "ip": x.get("ip"),
            "ipAddr": x.get("ipAddr"),
            "device": x.get("device"),
            "deviceModel": x.get("deviceModel"),
            "fingerprint": x.get("fingerprint"),  # 设备码
        })
    return {"total": r.get("total"), "list": out}


def get_user_balance(user_id):
    """查指定用户的余额。返回该用户记录；查不到返回 None"""
    r = get_user_list(page_num=1, page_size=1, userId=user_id)
    rows = r.get("rows") or []
    if not rows:
        return None
    u = rows[0]
    return {
        "userId": u["userId"],
        "userTgName": u["userTgName"],
        "usdtBalance": u["usdtBalanceAmount"],         # USDT 余额
        "bonus": u["bonusAmount"],                      # 奖金
        "unfinishedWager": u["unfinishedWagerAmount"],  # 未完成流水
        "totalWithdraw": u["totalWithdrawAmount"],      # 累计提现
        "freezeStatus": u["freezeStatus"],              # 冻结状态(0正常)
    }


if __name__ == "__main__":
    import sys
    # 用法：python3 client.py 1000026   （查指定用户余额）
    if len(sys.argv) > 1:
        uid = int(sys.argv[1])
        info = get_user_balance(uid)
        if info is None:
            print(f"用户 {uid} 不存在")
        else:
            print(json.dumps(info, ensure_ascii=False, indent=2))
    else:
        print("=== 商户余额 ===")
        print(json.dumps(get_merchant()["data"], ensure_ascii=False, indent=2))
        print("\n用法：python3 client.py <用户ID>   查指定用户余额")