passport.js 9.82 KB

const _ = require('lodash');
const url = require('url');
const uuid = require('uuid');
const passport = require('passport');
const TaobaoStrategy = require('./passport-taobao');
const authcode = require('../../utils/authcode');
const redis = require('../../utils/redis');
const aes = require('./aes');

const log = global.yoho.logger;
const sign = global.yoho.sign;
const config = global.yoho.config;

const isProduction = process.env.NODE_ENV === 'production';

const loginPage = '//m.yohobuy.com/signin.html';
const homePage = `${config.siteUrl}/xianyu/index/channel`;

const URL_BIND_KEY = 'bind_code';
const MAX_MSG_SEND_TIMES = 20;

// taobao 登录
passport.use('taobao', new TaobaoStrategy({
    clientID: '27930297',
    clientSecret: '29b30287153a02f531c160df17da8078',
    callbackURL: `${config.siteUrl}/xianyu/passport/callback/taobao`,
    requireState: false
}, (accessToken, refreshToken, profile, done) => {
    done(null, profile);
}));

function handleReferUrl(refer) {
    let referParse = url.parse(refer, true);
    let query = [];

    _.forEach(referParse.query, (val, key) => {
        if (key !== URL_BIND_KEY) {
            query.push(`${key}=${val}`);
        }
    });

    return `${refer.split('?')[0]}${query.length ? '?' : ''}${query.join('&')}`;
}

class passportModel extends global.yoho.BaseModel {
    constructor(ctx) {
        super(ctx);
    }
    signinByOpenID({ nickname, openId, sourceType, sourceTypeSecond, businessLine}) {
        let param = {
            nickname: nickname || '',
            openId: openId,
            source_type: sourceType, // esline-disable-line
            method: 'app.passport.signinByOpenID'
        };

        if (businessLine) {
            param.business_line = businessLine;
        }

        if (sourceTypeSecond) {
            param.source_type_second = sourceTypeSecond;
        }

        return this.get({ data: param });
    }
    syncUserSession({uid, sessionKey, req, res}) {
        let userId = {
            toString: () => {
                return uid;
            }
        };

        if (sessionKey) {
            req.session.LOGIN_UID_ = uid;
            req.session.SESSION_KEY = sessionKey;
            res.cookie('_SESSION_KEY', authcode(sessionKey, '_SESSION_KEY', 2592000000, 'encode'), {
                domain: 'yohobuy.com',
                expires: new Date(Date.now() + 2592000000), // 有效期一年
                httpOnly: true
            });
            userId.sessionKey = sessionKey;
        }

        return this.get({
            data: {
                uid: userId,
                method: 'app.passport.profile'
            }
        }).then((userInfo) => {
            let salt = uuid.v4().substr(0, 8);
            let saltedUid = uid + salt;

            let saltedToken = sign.makeToken(saltedUid);
            let publicToken = saltedToken + salt;

            let data = userInfo.data;
            let encryptionUid = aes.encryptionUid(uid);

            if (data) {
                data.profile_name = (data.profile_name || '').replace(/::/g, '');

                let uidCookie = `${data.profile_name}::${encryptionUid}::${data.vip_info && data.vip_info.title}::${saltedToken}`;

                res.cookie('_UID', uidCookie, {
                    domain: 'yohobuy.com',
                    expires: new Date(Date.now() + 2592000000) // 有效期一年
                });

                req.session.AVATAR = data.head_ico;
                _.set(req.session, 'USER.AVATAR', data.head_ico);
                _.set(req.session, 'USER.NAME', data.profile_name);
            }

            req.session.TOKEN = publicToken;
            req.session.LOGIN_UID_ = uid;

            _.set(req.session, 'USER.ENCRYPTION_UID', encryptionUid);

            res.cookie('_TOKEN', publicToken, {
                httpOnly: true,
                domain: 'yohobuy.com',
                expires: new Date(Date.now() + 2592000000) // 有效期一年
            });
        }).catch(e => {
            log.info(`[sync profile error] uid: ${uid} | err: ${JSON.stringify(e)}`);
        });
    }
    sendTaobaoBindCode(mobile, sourceTypeSecond) {
        let data = {
            method: 'app.bind.sendCodeByTB',
            source_type: 'taobao',
            mobile
        };

        if (sourceTypeSecond) {
            data.source_type_second = sourceTypeSecond;
        }

        return this.post({ data });
    }
    bindTaobaoAccountByCode({ mobile, code, openId, sourceTypeSecond }) {
        let data = {
            method: 'app.bind.bindTBByCode',
            source_type: 'taobao',
            mobile,
            code,
            open_id: openId
        };

        if (sourceTypeSecond) {
            data.source_type_second = sourceTypeSecond;
        }

        return this.post({ data });
    }
};

const login = {
    taobaoLogin(req, res, next) {
        req.session.authState = uuid.v4();

        return passport.authenticate('taobao', {
            state: req.session.authState,
            failWithError: true
        })(req, res, next);
    },
    taobaoCallback(req, res, next) {
        passport.authenticate('taobao', (err, user) => {
            let redirectUrl = loginPage;
            let referUrl = {};
            let refer;

            if (req.cookies.ali_backurl) {
                try {
                    referUrl = JSON.parse(req.cookies.ali_backurl);
                } catch(e) {
                    log.debug(JSON.stringify(e));
                }

                refer = handleReferUrl(referUrl.b || '');
            }

            redirectUrl += '?nodownload=1&refer=' + encodeURIComponent(refer || homePage);

            if (err || !user) {
                log.error(`[authenticate error] source_type: taobao | err: ${JSON.stringify(err)}`);
                return res.redirect(redirectUrl);
            }

            const model = req.ctx(passportModel);

            return model.signinByOpenID({
                openId: user.open_uid,
                sourceType: 'taobao',
                sourceTypeSecond: req.yoho.isAliApp ? 'xianyu' : ''
            }).then(result => {
                if (result.code === 200) {
                    if (_.get(result, 'data.is_bind') === 'N') {
                        redirectUrl = referUrl.b ? referUrl.b : homePage;
                        redirectUrl += redirectUrl.indexOf('?') > 0 ? '&' : '?';
                        redirectUrl += URL_BIND_KEY + '=' + encodeURIComponent(aes.dynamicEncryption(`taobao::${user.open_uid}`));
                    } else if (+_.get(result, 'data.uid') > 0) {
                        return model.syncUserSession({
                            uid: result.data.uid,
                            sessionKey: result.data.session_key,
                            req,
                            res
                        }).finally(() => {
                            res.clearCookie('ali_backurl');
                            return res.redirect(handleReferUrl(referUrl.s ? referUrl.s : homePage));
                        });
                    }
                } else {
                    log.info(`[third login error] source_type: taobao | open_uid: ${user.open_uid} | msg: ${result.message}`);
                }

                return res.redirect(redirectUrl);
            });
        })(req, res, next);
    }
};

const bind = {
    getBindThirdInfo(bindCode) {
        let info = aes.dynamicDecrypt(bindCode);
        let bindInfo = {
            timestamp: info.timestamp
        };

        if (info.val) {
            let splitArr = info.val.split('::');

            bindInfo.type = splitArr[0];
            bindInfo.openId = splitArr[1];
        }

        return bindInfo;
    },
    async sendSms(req, res, next) {
        let { mobile, bindCode } = req.body || {};
        let info = bind.getBindThirdInfo(bindCode);

        if (info.type === 'taobao') {
            if (isProduction) {
                const timeKey = `${config.app}:bindsms:taobao:${info.openId}`;
                let sendTimes = await redis.getAsync(timeKey);

                sendTimes = (sendTimes || 0) + 1;

                if (sendTimes > MAX_MSG_SEND_TIMES) {
                    log.info(`[SMS delivery times exceeded] type: taobao | openId: ${info.openId} | mobile: ${mobile} | ua: ${req.get('user-agent')}`);

                    return res.json({
                        code: 403,
                        message: '操作频繁,请稍后重试'
                    });
                }

                redis.setex(timeKey, 60 * 60 * 2, sendTimes);
            }
            req.ctx(passportModel).sendTaobaoBindCode(mobile, req.yoho.isAliApp ? 'xianyu' : '').then(res.json).catch(next);
        } else {
            res.json({
                code: 403,
                message: '关联信息异常'
            });
        }
    },
    bindByCode(req, res, next) {
        let { mobile, code, bindCode } = req.body || {};
        let info = bind.getBindThirdInfo(bindCode);

        if (info.type === 'taobao') {
            const model = req.ctx(passportModel);

            model.bindTaobaoAccountByCode({
                mobile,
                code,
                openId: info.openId,
                sourceTypeSecond: req.yoho.isAliApp ? 'xianyu' : ''
            }).then(result => {
                if (_.get(result, 'data.is_bind') === 'Y') {
                    model.syncUserSession({
                        uid: result.data.uid,
                        sessionKey: result.data.session_key,
                        req,
                        res
                    }).finally(() => {
                        delete result.data;
                        res.json(result);
                    });
                } else {
                    res.json(result);
                }
            }).catch(next);
        } else {
            res.json({
                code: 400,
                message: '登录失败请稍后重试'
            });
        }
    }
}

module.exports = {
    login,
    bind
};