yss-project/src/app/custom-wxwork-auth-guard.ts

import { CanActivateFn, Router } from '@angular/router';
import { inject } from '@angular/core';
import { WxworkAuth, FmodeParse } from 'fmode-ng/core';

/**
 * 自定义企微认证守卫
 * 🔥 修复：如果是从客服板块跳转，跳过激活检查，直接允许访问
 * 如果用户未激活，重定向到身份激活页面
 * 如果用户已激活，允许访问
 */
export const CustomWxworkAuthGuard: CanActivateFn = async (route, state) => {
  const router = inject(Router);
  
  console.log('🔐 CustomWxworkAuthGuard 执行，当前路由:', state.url);
  
  try {
    // 🔥 检查是否从客服板块或组长看板进入（跳过激活检查）
    const fromCustomerService = localStorage.getItem('enterFromCustomerService');
    const customerServiceMode = localStorage.getItem('customerServiceMode');
    const teamLeaderMode = localStorage.getItem('teamLeaderMode');
    const enterAsTeamLeader = localStorage.getItem('enterAsTeamLeader');
    
    console.log('🔍 检查进入模式标记:', {
      enterFromCustomerService: fromCustomerService,
      customerServiceMode: customerServiceMode,
      teamLeaderMode: teamLeaderMode,
      enterAsTeamLeader: enterAsTeamLeader
    });
    
    // 如果是从客服板块进入（一次性标记）或处于客服模式（持久化标记），都跳过激活检查
    if (fromCustomerService === '1' || customerServiceMode === 'true') {
      console.log('✅ 客服模式，跳过激活检查，直接允许访问');
      // 清除一次性标记（customerServiceMode保留，用于权限控制）
      if (fromCustomerService === '1') {
        localStorage.removeItem('enterFromCustomerService');
      }
      return true;
    }
    
    // 🔥 新增：如果是从组长看板进入，也跳过激活检查
    if (teamLeaderMode === 'true' || enterAsTeamLeader === '1') {
      console.log('✅ 组长模式，跳过激活检查，直接允许访问');
      // 清除一次性标记（teamLeaderMode保留，用于权限控制）
      if (enterAsTeamLeader === '1') {
        localStorage.removeItem('enterAsTeamLeader');
      }
      return true;
    }
    
    // 🔥 新增：如果从 /team-leader 路径进入，也跳过激活检查
    if (typeof window !== 'undefined' && (
        window.location.pathname.includes('/team-leader/') ||
        document.referrer.includes('/team-leader/')
    )) {
      console.log('✅ 检测到组长路径，跳过激活检查，直接允许访问');
      return true;
    }
    
    // 获取 cid
    let cid = route.paramMap.get('cid') || 
              route.queryParamMap.get('cid') || 
              localStorage.getItem('company');
    
    if (cid) {
      localStorage.setItem('company', cid);
    }
    
    if (!cid) {
      console.error('❌ 缺少 cid 参数');
      return false;
    }
    
    // 测试模式：跳过企微认证，直接检查 Profile
    if (cid === 'test' || cid === 'demo') {
      console.log('🧪 测试模式：跳过企微认证');
      
      const Parse = FmodeParse.with('nova');
      const query = new Parse.Query('Profile');
      query.equalTo('userid', 'test_user_001');
      const profile = await query.first();
      
      if (!profile || !profile.get('isActivated')) {
        console.log('⚠️ 测试用户未激活，跳转到激活页面');
        await router.navigate(['/wxwork', cid, 'activation']);
        return false;
      }
      
      console.log('✅ 测试模式认证通过');
      return true;
    }
    
    // 生产模式：真实企微认证
    // 初始化 WxworkAuth
    const wxAuth = new WxworkAuth({ cid, appId: 'crm' });
    
    // 尝试获取用户信息
    let userInfo;
    try {
      userInfo = await wxAuth.getUserInfo();
      console.log('✅ 获取用户信息成功:', userInfo?.name);
    } catch (err) {
      console.log('⚠️ 需要授权，跳转到激活页面');
      // 需要授权，跳转到激活页面
      await router.navigate(['/wxwork', cid, 'activation']);
      return false;
    }
    
    if (!userInfo) {
      console.log('⚠️ 无用户信息，跳转到激活页面');
      await router.navigate(['/wxwork', cid, 'activation']);
      return false;
    }
    
    // 检查用户是否已激活
    const profile = await wxAuth.currentProfile();
    
    if (!profile || !profile.get('isActivated')) {
      console.log('⚠️ 用户未激活，跳转到激活页面');
      await router.navigate(['/wxwork', cid, 'activation']);
      return false;
    }
    
    // 用户已激活，自动登录
    await wxAuth.autoLogin(userInfo);
    
    console.log('✅ 认证通过');
    return true;
    
  } catch (error) {
    console.error('❌ 认证守卫错误:', error);
    return false;
  }
};