...
|
...
|
@@ -4,21 +4,11 @@ |
|
|
* @date: 2017/04/13
|
|
|
*/
|
|
|
const Api = require('../common/api');
|
|
|
const allowdUrls = global.yoho.apiDomain;
|
|
|
const _ = require('lodash');
|
|
|
const Fn = require('lodash/fp');
|
|
|
const blacklist = require('../common/api-blacklist');
|
|
|
const apiDomain = global.yoho.apiDomain;
|
|
|
const logger = global.yoho.logger;
|
|
|
|
|
|
function _matchUrl(path, api) {
|
|
|
return api.path.toLowerCase() === path.toLowerCase();
|
|
|
}
|
|
|
|
|
|
function allowed(path) {
|
|
|
return _.flow(_.toPairs, Fn.find((api) => {
|
|
|
return _matchUrl(path, api[1])
|
|
|
}))(allowdUrls.shop);
|
|
|
}
|
|
|
|
|
|
module.exports = (req, res, next) => {
|
|
|
let api = new Api();
|
|
|
|
...
|
...
|
@@ -26,26 +16,30 @@ module.exports = (req, res, next) => { |
|
|
req,
|
|
|
res
|
|
|
});
|
|
|
let apiMap = req.path.split('/').filter(node => node).join('.');
|
|
|
|
|
|
let allowApi = allowed(req.path);
|
|
|
|
|
|
if (!allowApi) {
|
|
|
logger.error(`proxy [${req.method}] failed`, `${req.path} can't find proxy url`);
|
|
|
return next();
|
|
|
if (_.some(blacklist, n => n === apiMap)) {
|
|
|
return res.status(401).json({
|
|
|
code: 401,
|
|
|
message: '无权限访问的接口'
|
|
|
});
|
|
|
}
|
|
|
|
|
|
logger.info(`proxy [${req.method}] successfully`, `[${req.path}] => [${allowApi[1].url}]`);
|
|
|
let apiUrl = _.get(apiDomain, apiMap);
|
|
|
|
|
|
if (req.method.toLowerCase() === 'get') {
|
|
|
return api.get(allowApi[1].url, req.query).then(data => {
|
|
|
res.json(data);
|
|
|
}).catch(next);
|
|
|
if (!apiUrl) {
|
|
|
logger.error(`proxy [${req.method}] fail`, `${req.path} can't find proxy url`);
|
|
|
return res.status(400).json({
|
|
|
code: 400,
|
|
|
message: '无权限访问的接口'
|
|
|
});
|
|
|
}
|
|
|
let params = Object.assign(req.query, req.body, {
|
|
|
shopsId: _.get(req.user, 'currentShop.shopsId')
|
|
|
});
|
|
|
|
|
|
if (req.method.toLowerCase() === 'post') {
|
|
|
return api.post(allowApi[1].url, req.body).then(data => {
|
|
|
return api[req.method.toLowerCase()](apiUrl, params).then(data => {
|
|
|
res.json(data);
|
|
|
}).catch(next);
|
|
|
}
|
|
|
|
|
|
}; |
...
|
...
|
|