fe / yoho-blk · Files

Go to a project
login-auth-service.js 4.84 KB
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 
/**
 * passport 验证策略注册
 * @author: jiangfeng<jeff.jiang@yoho.cn>
 * @date: 2016/5/31
 */

'use strict';
const _ = require('lodash');
const passport = require('passport');
const WeixinStrategy = require('passport-weixin');
const SinaStrategy = require('passport-sina').Strategy;
const LocalStrategy = require('passport-local').Strategy;
const QQStrategy = require('passport-qq').Strategy;
const AlipayStrategy = require('./passport-alipay').Strategy;

const md5 = require('md5');

const LoginService = require('./login-service');

const config = global.yoho.config;
const helpers = global.yoho.helpers;
const cookie = global.yoho.cookie;
const logger = global.yoho.logger;
const cache = global.yoho.cache;

let siteUrl = config.siteUrl.indexOf('//') === 0 ? 'http:' + config.siteUrl : config.siteUrl;


function getLoginStat(ip) {
    let errorLoginKey = 'loginErrorIp:' + ip;

    return cache.get(errorLoginKey);
}

// 本地登录
passport.use('local', new LocalStrategy({
    usernameField: 'account',
    passwordField: 'password',
    passReqToCallback: true
}, (req, username, password, done) => {
    let area = req.body.areaCode || '86';
    let type = req.body.loginType;
    let clientIp = req.yoho.clientIp;
    let errorLoginKey = 'loginErrorIp:' + clientIp;

    return getLoginStat(clientIp).then((times) => {
        let errLoginTimes = _.parseInt(times) || 0;
        let verifyCode = req.body.captcha;

        if (errLoginTimes > 0 && type !== 'SMSLogin') {
            if (!verifyCode || verifyCode !== req.session.captcha) {
                return done({message: '验证码不正确或验证码过期', needCaptcha: true}, null);
            }
        }


        if (isNaN(_.parseInt(area)) || _.isEmpty(username) || _.isEmpty(password)) {
            logger.info(`【Passport Loginbad params, area:${area} account:${username} password:${password}`);
            return done({message: '登录参数错误'}, null);
        }

        let verifyEmail = helpers.verifyEmail(username);
        let verifyMobile = area === '86' ? helpers.verifyAreaMobile(area + '-' + username) : true;

        if (!verifyEmail && !verifyMobile) {
            logger.info(`【Passport Loginbad account, email:${verifyEmail} mobile:${verifyMobile}`);
            return done({message: '登录账号格式错误'}, null);
        }

        let expire = req.cookies['LE' + md5('_LOGIN_EXPIRE')] || '';

        if (expire && expire < (new Date()).getTime() / 1000) {
            return done({message: '页面停留时间过长,请刷新页面'}, null);
        }


        if (type !== 'SMSLogin' && verifyCode && verifyCode !== req.session.captcha) {
            return done({message: '验证码不正确或验证码过期', needCaptcha: true}, null);
        }

        let shoppingKey = cookie.getShoppingKey(req);

        return LoginService.signin(type, area, username, password, shoppingKey, req).then((result) => {
            if (result.code && result.code === 200 && result.data.uid) {
                cache.del(errorLoginKey).catch(() => {});
                done(null, result.data);
            } else {
                cache.set(errorLoginKey, errLoginTimes + 1, 3600).catch(() => {});
                done({
                    message: '请输入正确的账号或密码',
                    needCaptcha: true
                });
            }
        }).catch(e => {
            logger.error('call the signin service fail,', e);
            done('登录失败,请稍后重试', null);
        });
    }).catch(e => {
        logger.error('call the signin service fail,', e);
        return done('登录失败,请稍后重试', null);
    });

    
}));

/**
 * wechat登录
 */

passport.use('wechat', new WeixinStrategy({
    clientID: config.thirdLogin.wechat.appID,
    clientSecret: config.thirdLogin.wechat.appSecret,
    callbackURL: `${siteUrl}/passport/login/wechat/callback`,
    requireState: true,
    scope: 'snsapi_login'
}, (accessToken, refreshToken, profile, done) => {
    done(null, profile);
}));

// sina 登录
passport.use('sina', new SinaStrategy({
    clientID: config.thirdLogin.sina.appID,
    clientSecret: config.thirdLogin.sina.appSecret,
    callbackURL: `${siteUrl}/passport/login/sina/callback`,
    requireState: false
}, (accessToken, refreshToken, profile, done) => {
    done(null, profile);
}));

// qq 登录
passport.use('qq', new QQStrategy({
    clientID: config.thirdLogin.qq.appID,
    clientSecret: config.thirdLogin.qq.appSecret,
    callbackURL: `${siteUrl}/passport/login/qq/callback`,
    requireState: false
}, (accessToken, refreshToken, profile, done) => {
    done(null, profile);
}));

// alipay 登录
passport.use('alipay', new AlipayStrategy({
    partner: config.thirdLogin.alipay.partnerID,
    key: config.thirdLogin.alipay.appSecret,
    return_url: `${siteUrl}/passport/login/alipay/callback`
}, (profile, done) => {
    done(null, profile);
}));