Showing
7 changed files
with
123 additions
and
0 deletions
| @@ -6,6 +6,7 @@ | @@ -6,6 +6,7 @@ | ||
| 6 | 'use strict'; | 6 | 'use strict'; |
| 7 | const _ = require('lodash'); | 7 | const _ = require('lodash'); |
| 8 | const UserModel = require('../models/user'); | 8 | const UserModel = require('../models/user'); |
| 9 | +const authYoho = require('../../../utils/authYoho'); | ||
| 9 | 10 | ||
| 10 | const INVALID_SESSION = '用户SESSION信息缺失, 请重新验证'; | 11 | const INVALID_SESSION = '用户SESSION信息缺失, 请重新验证'; |
| 11 | const GET_USER_INFO_SUCCESS = '获取用户信息成功'; | 12 | const GET_USER_INFO_SUCCESS = '获取用户信息成功'; |
| @@ -77,6 +78,27 @@ const userController = { | @@ -77,6 +78,27 @@ const userController = { | ||
| 77 | } | 78 | } |
| 78 | }) | 79 | }) |
| 79 | .catch(next); | 80 | .catch(next); |
| 81 | + }, | ||
| 82 | + | ||
| 83 | + /** | ||
| 84 | + * YOHO授权登录 | ||
| 85 | + * @param req | ||
| 86 | + * @param res | ||
| 87 | + */ | ||
| 88 | + yohoAuth(req, res) { | ||
| 89 | + const refer = req.session.auth_refer; | ||
| 90 | + const yh_sign = req.query.yh_sign.toLowerCase(); | ||
| 91 | + const lastSign = authYoho.sign(req.query).toLowerCase(); | ||
| 92 | + | ||
| 93 | + if (yh_sign !== lastSign) { | ||
| 94 | + return res.json({ | ||
| 95 | + code: 401, | ||
| 96 | + message: 'yh_sign签名验证错误' | ||
| 97 | + }); | ||
| 98 | + } | ||
| 99 | + | ||
| 100 | + _.set(req.session, 'yh_auth_id', req.query.yh_uid); | ||
| 101 | + res.redirect(refer); | ||
| 80 | } | 102 | } |
| 81 | }; | 103 | }; |
| 82 | 104 |
| @@ -12,5 +12,6 @@ const router = express.Router(); // eslint-disable-line | @@ -12,5 +12,6 @@ const router = express.Router(); // eslint-disable-line | ||
| 12 | // SMS 短信 | 12 | // SMS 短信 |
| 13 | router.post('/sms/sendCode', sms.beforeSend, sms.sendCode); | 13 | router.post('/sms/sendCode', sms.beforeSend, sms.sendCode); |
| 14 | router.post('/sms/checkCode', sms.checkCode, user.userInfo); | 14 | router.post('/sms/checkCode', sms.checkCode, user.userInfo); |
| 15 | +router.get('/yohoAuth', user.yohoAuth); | ||
| 15 | 16 | ||
| 16 | module.exports = router; | 17 | module.exports = router; |
| @@ -21,7 +21,9 @@ module.exports = { | @@ -21,7 +21,9 @@ module.exports = { | ||
| 21 | singleApi: 'http://api-test3.yohops.com:9999/' | 21 | singleApi: 'http://api-test3.yohops.com:9999/' |
| 22 | }, | 22 | }, |
| 23 | corsAllowOrigin: [ | 23 | corsAllowOrigin: [ |
| 24 | + 'http://localhost:7000', | ||
| 24 | 'http://localhost:8081', | 25 | 'http://localhost:8081', |
| 26 | + 'http://feature.yoho.cn', | ||
| 25 | 'http://localhost:63342' | 27 | 'http://localhost:63342' |
| 26 | ], | 28 | ], |
| 27 | useCache: false, | 29 | useCache: false, |
doraemon/data/sign.json
0 → 100644
doraemon/middleware/yohoAuth.js
0 → 100644
| 1 | +/** | ||
| 2 | + * 登录判断 | ||
| 3 | + * @author: lq | ||
| 4 | + * @date: 2017/9/1 | ||
| 5 | + */ | ||
| 6 | +'use strict'; | ||
| 7 | +const _ = require('lodash'); | ||
| 8 | +const moment = require('moment'); | ||
| 9 | +const authYoho = require('../../utils/authYoho'); | ||
| 10 | +const queryString = require('queryString'); | ||
| 11 | + | ||
| 12 | +module.exports = (req, res, next) => { | ||
| 13 | + const refer = req.get('Referer') || ''; | ||
| 14 | + const yhAuthId = _.get(req.session, 'yh_auth_id', 0); | ||
| 15 | + | ||
| 16 | + if (!yhAuthId) { | ||
| 17 | + let params = { | ||
| 18 | + yh_backurl: 'http://action.yoho.cn/passport/yohoAuth', | ||
| 19 | + yh_type: 'activity', | ||
| 20 | + yh_time: moment(new Date()).format('YYYY-MM-DD HH:mm:ss') | ||
| 21 | + }; | ||
| 22 | + | ||
| 23 | + params.yh_sign = authYoho.sign(params); | ||
| 24 | + _.set(req.session, 'auth_refer', refer); | ||
| 25 | + return res.json({ | ||
| 26 | + code: 401, | ||
| 27 | + message: '抱歉,您暂未登录!', | ||
| 28 | + redirect: `//m.yohobuy.com/signin.html?${queryString.stringify(params)}` | ||
| 29 | + }); | ||
| 30 | + } | ||
| 31 | + | ||
| 32 | + next(); | ||
| 33 | +}; |
public/star-poster.html
0 → 100644
| 1 | +<!DOCTYPE html> | ||
| 2 | +<html lang="en"> | ||
| 3 | +<head> | ||
| 4 | + <meta charset="UTF-8"> | ||
| 5 | + <title>Title</title> | ||
| 6 | +</head> | ||
| 7 | +<body> | ||
| 8 | + 明星海报地址页 | ||
| 9 | + | ||
| 10 | +<script src="https://cdn.bootcss.com/jquery/2.2.2/jquery.js"></script> | ||
| 11 | +<script> | ||
| 12 | + $.ajax({ | ||
| 13 | + method: 'post', | ||
| 14 | + url: 'http://action.yoho.cn/article/test', | ||
| 15 | + headers: { | ||
| 16 | + 'X-Requested-With': 'XMLHttpRequest' | ||
| 17 | + }, | ||
| 18 | + xhrFields: { | ||
| 19 | + withCredentials: true | ||
| 20 | + } | ||
| 21 | + }) | ||
| 22 | + .then(function(res) { | ||
| 23 | + if (res.code === 401 && res.redirect) { | ||
| 24 | + location.href = res.redirect; | ||
| 25 | + } | ||
| 26 | + }); | ||
| 27 | +</script> | ||
| 28 | +</body> | ||
| 29 | +</html> |
utils/authYoho.js
0 → 100644
| 1 | +/** | ||
| 2 | + * YOHO授权登录签名 | ||
| 3 | + * @author: leo | ||
| 4 | + * @date: 2017/9/4 | ||
| 5 | + */ | ||
| 6 | +const _ = require('lodash'); | ||
| 7 | +const md5 = require('yoho-md5'); | ||
| 8 | +const signData = require('../doraemon/data/sign.json'); | ||
| 9 | + | ||
| 10 | + | ||
| 11 | +module.exports = { | ||
| 12 | + sign(params, clientSecret) { | ||
| 13 | + let secretParams = {}; | ||
| 14 | + | ||
| 15 | + clientSecret = clientSecret || signData.yh_auth_login.clientSecret; | ||
| 16 | + | ||
| 17 | + for (const k of Object.keys(params).sort()) { | ||
| 18 | + if (k === 'yh_sign') { | ||
| 19 | + continue; | ||
| 20 | + } | ||
| 21 | + secretParams[k] = params[k]; | ||
| 22 | + } | ||
| 23 | + | ||
| 24 | + let secretStr = _.join(_.map(secretParams, (v, k) => { | ||
| 25 | + return `${k}=${v}`; | ||
| 26 | + }), '&'); | ||
| 27 | + | ||
| 28 | + return md5(secretStr + clientSecret); | ||
| 29 | + } | ||
| 30 | +}; | ||
| 31 | + |
-
Please register or login to post a comment