多处验证码可以重复使用 bug修改

shijian
Commit 1939b87b78e5837953d9ce51c33669bc352eb781 1 parent a09c437d
Showing 4 changed files with 15 additions and 5 deletions
apps/passport/controllers/back.js
apps/passport/controllers/login.js
apps/passport/models/login-auth-service.js
public/js/passport/login/index.js
--- a/apps/passport/controllers/back.js
View file @1939b87
+++ b/apps/passport/controllers/back.js
View file @1939b87
@@ -82,6 +82,15 @@ const getUserInfoAPI = (req, res, next) => {
 const sendCodePage = (req, res, next) => {
     let inputInfo = req.inputInfo;
 
+     if (req.session.mobile && req.session.mobile !== inputInfo.phone) {
+         req.session.mobile = '';
+         req.session.captcha = '';
+         return res.json({
+             code: 400,
+             message: '验证码失效',
+             data: ''
+         });
+     }
     BackService.sendCodeToUserAsync(inputInfo.type, inputInfo.phone, inputInfo.area)
         .then(result => {
             if (!(result.code && result.code === 200)) {
@@ -122,8 +131,8 @@ const sendBackMobileAPI = (req, res, next) => {
     let area = req.body.area || '86';
 
     // 检查上次的发送短信号码
-     if (req.session.sendMobile && req.session.sendMobile !== mobile) {
-         req.session.sendMobile = '';
+     if (req.session.mobile && req.session.mobile !== mobile) {
+         req.session.mobile = '';
         req.session.captcha = '';
         return res.json({
             code: 400,
@@ -135,7 +144,7 @@ const sendBackMobileAPI = (req, res, next) => {
     BackService.sendCodeToMobileAsync(area, mobile)
         .then(result => {
             // 记录发送短信的号码
-             req.session.sendMobile = mobile;
+             req.session.mobile = mobile;
             res.json(result);
         })
         .catch(next);
--- a/apps/passport/controllers/login.js
View file @1939b87
+++ b/apps/passport/controllers/login.js
View file @1939b87
@@ -253,6 +253,7 @@ const local = {
 
             LoginService.sendPasswordBySMS(area, mobile).then((result) => {
                 if (result && result.code === 200) {
+                     req.session.captcha = '';
                     req.session.sendMobile = mobile;
                 }
 
--- a/apps/passport/models/login-auth-service.js
View file @1939b87
+++ b/apps/passport/models/login-auth-service.js
View file @1939b87
@@ -55,7 +55,7 @@ passport.use('local', new LocalStrategy({
 
     let verifyCode = req.body.captcha;
 
-     if (verifyCode && verifyCode !== req.session.captcha) {
+     if (type !== 'SMSLogin' && verifyCode && verifyCode !== req.session.captcha) {
         return done({message: '验证码不正确或验证码过期', needCaptcha: true}, null);
     }
 
--- a/public/js/passport/login/index.js
View file @1939b87
+++ b/public/js/passport/login/index.js
View file @1939b87
@@ -735,7 +735,7 @@ function loginAsync() {
 // 全部的本地验证-- 短信验证登录
 function smsLoginAsync() {
     return validateAccount()
-         .then(validateCaptchaImg)
+         //.then(validateCaptchaImg)
         .then(validateCaptchaSms)
         .then(function() {
             return login();