fe / ufo-app-web · Files

Go to a project
ssr-api.js 3.22 KB
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 
const serviceApi = global.yoho.ServiceAPI;
const ufoAPI = global.yoho.UfoAPI;
const logger = global.yoho.logger;
const _ = require('lodash');
const md5 = require('yoho-md5');
const checkParams = require('../../utils/check-params');
const apiMaps = require('../../config/api-map');

function checkSign(params, sign) {
  delete params.s;
  const sortKeys = Object.keys(params).sort();
  const str = sortKeys.map(key => {
    return `${key}:${encodeURIComponent(params[key])}`;
  }).join('_');

  const signDiff = md5(`${str}_${str.length}`);

  if (sign === signDiff) {
    return true;
  }
  logger.error(`验签不匹配: 提交sign: ${sign}, 服务端sign: ${signDiff}, params: ${JSON.stringify(params)}`);
  return false;
}

module.exports = async(req, res, next) => {
  const apiInfo = apiMaps[req.path];

  if (!apiInfo) {
    return next();
  }
  let baseParams;
  let reqParams = Object.assign({}, req.query, req.body);

  req.route = {
    path: req.path
  };

  res.set({
    'Cache-Control': 'no-cache',
    Pragma: 'no-cache',
    Expires: (new Date(1900, 0, 1, 0, 0, 0, 0)).toUTCString()
  });

  if (apiInfo.accessLog) {
    logger.info(`[request access log] ${req.yoho.clientIp} | ${req.url} | uid:${req.user.uid} | User-Agent:${req.get('User-Agent')} | ${new Date()}`);
  }

  if (apiInfo.discard) {
    return res.json({
      code: 400,
      message: _.get(apiInfo.discard, 'msg') || '获取失败'
    });
  }

  if (apiInfo.checkSign) {
    if (!checkSign(Object.assign({}, reqParams), reqParams.s)) {
      logger.error(`验签失败!uid: ${_.get(req, 'user.uid', '').toString()}, params: ${JSON.stringify(reqParams)}, ip: ${req.yoho.clientIp}`);
      return res.json({
        code: 400,
        message: '验签失败'
      });
    }
  }

  delete reqParams.s;
  delete reqParams.ts;

  if (!apiInfo.service) {
    baseParams = {
      uid: (req.user && req.user.uid) ? {
        toString: () => {
          return req.user.uid || 0;
        },
        sessionKey: req.user.sessionKey,
        appSessionType: req.user.appSessionType
      } : 1,
      method: apiInfo.api
    };
  }

  try {
    const mergeParams = Object.assign(reqParams, baseParams);
    const params = checkParams.getParams(mergeParams, apiInfo);
    const cache = req.method.toLowerCase() !== 'get' ? false : apiInfo.cache;
    let method = req.method.toLowerCase() === 'post' ? 'post' : 'get';

    let result;

    let apiCtx = req.ctx(global.yoho.BaseModel);

    if (apiInfo.service) {
      result = await apiCtx.get({
        api: serviceApi,
        url: apiInfo.api,
        data: params,
        param: {
          cache: cache,
        }
      });
    } else if (apiInfo.ufo) {
      result = await apiCtx[method]({
        api: ufoAPI,
        url: apiInfo.path || '',
        data: params,
        param: {
          cache: cache
        }
      });
    } else {
      result = await apiCtx[method]({
        data: params,
        url: apiInfo.path || '',
        param: {
          cache: cache
        }
      });
    }
    if (result) {
      return res.json(result);
    }
    return res.json({
      code: 400
    });
  } catch (error) {
    logger.error(error);
    return res.json({
      code: error.code || 500,
      message: error.message || '服务器错误'
    });
  }
};