auth.js 5.52 KB
/**
 * passport 验证策略注册
 * @author: jiangfeng<jeff.jiang@yoho.cn>
 * @date: 2016/5/31
 */

'use strict';
const _ = require('lodash');
const passport = require('passport');
const WeixinStrategy = require('passport-weixin');
const SinaStrategy = require('passport-sina').Strategy;
const LocalStrategy = require('passport-local').Strategy;
const QQStrategy = require('passport-qq').Strategy;
const DoubanStrategy = require('passport-douban').Strategy;
const RenrenStrategy = require('passport-renren').Strategy;
const AlipayStrategy = require('./models/passport-alipay').Strategy;

const LoginApi = require('./models/login-service');

const config = global.yoho.config;
const helpers = global.yoho.helpers;
const cookie = global.yoho.cookie;
const logger = global.yoho.logger;
const cache = global.yoho.cache;

let siteUrl = config.siteUrl.indexOf('//') === 0 ? 'http:' + config.siteUrl : config.siteUrl;

function getLoginStat(ip) {
    let errorLoginKey = 'loginErrorIp:' + ip;

    return cache.get(errorLoginKey).catch(e => {
        logger.error('call the memcache service fail,', e);
        return 0;
    });
}

// 本地登录
passport.use('local', new LocalStrategy({
    usernameField: 'account',
    passwordField: 'password',
    passReqToCallback: true
}, (req, username, password, done) => {

    let area = req.body.areaCode || '86';

    if (_.isEmpty(password)) {
        logger.info(`【Passport Loginbad params, area:${area} account:${username} password:${password}`);
        return done({message: '登录参数错误'}, null);
    }

    let shoppingKey = cookie.getShoppingKey(req);
    let type = req.body.loginType;

    let clientIp = req.yoho.clientIp;
    let errorLoginKey = 'loginErrorIp:' + clientIp;
    let close = _.get(req.app.locals.pc, 'login.closePasswordLogin', false);

    getLoginStat(clientIp).then((times) => {
        let errLoginTimes = _.parseInt(times) || 0;

        return req.ctx(LoginApi).signin(type, area, username, password, shoppingKey, close).then((result) => {
            if (result.code && (result.code === 200 || result.code === 510) && result.data.uid) {
                cache.del(errorLoginKey).catch(() => {});
                req.session.type = '';

                done(null, Object.assign(result.data, {code: result.code}));
            } else {
                errLoginTimes = errLoginTimes + 1;
                cache.set(errorLoginKey, errLoginTimes, 3600).catch(() => {});

                if (result.code === 4189) {
                    return done({
                        message: `您的密码登录错误次数过多,建议使用手机号码快捷登录或
                               <a href="${helpers.urlFormat('/passport/back/index')}" target="_blank">找回登陆密码</a>!`
                    });
                }

                // 再次校验
                if (errLoginTimes >= 1) {
                    req.session.type = 'needCaptcha';
                    done({
                        message: `您输入的密码及账户名不匹配,
                                是否<a href="${helpers.urlFormat('/passport/back/index')}" target="_blank">忘记密码?</a>`,
                        needCaptcha: true,
                        type: type
                    });
                } else {
                    done({
                        message: `您输入的密码及账户名不匹配,
                                是否<a href="${helpers.urlFormat('/passport/back/index')}" target="_blank">忘记密码?</a>`,
                        needCaptcha: false
                    });
                }
            }
        });
    }).catch(e => {
        logger.error('call the signin service fail,', e);
        done('登录失败,请稍后重试', null);
    });

}));

/**
 * wechat登录
 */

passport.use('wechat', new WeixinStrategy({
    clientID: config.thirdLogin.wechat.appID,
    clientSecret: config.thirdLogin.wechat.appSecret,
    callbackURL: `${siteUrl}/passport/login/wechat/callback`,
    requireState: true,
    scope: 'snsapi_login'
}, (accessToken, refreshToken, profile, done) => {
    done(null, profile);
}));

// sina 登录
passport.use('sina', new SinaStrategy({
    clientID: config.thirdLogin.sina.appID,
    clientSecret: config.thirdLogin.sina.appSecret,
    callbackURL: `${siteUrl}/passport/login/sina/callback`,
    requireState: false
}, (accessToken, refreshToken, profile, done) => {
    done(null, profile);
}));

// qq 登录
passport.use('qq', new QQStrategy({
    clientID: config.thirdLogin.qq.appID,
    clientSecret: config.thirdLogin.qq.appSecret,
    callbackURL: `${siteUrl}/passport/login/qq/callback`,
    requireState: false
}, (accessToken, refreshToken, profile, done) => {
    done(null, profile);
}));

// alipay 登录
passport.use('alipay', new AlipayStrategy({
    partner: config.thirdLogin.alipay.appID,
    key: config.thirdLogin.alipay.appSecret,
    return_url: `${siteUrl}/passport/login/alipay/callback`
}, (profile, done) => {
    done(null, profile);
}));

// douban 登录
passport.use('douban', new DoubanStrategy({
    clientID: config.thirdLogin.douban.appID,
    clientSecret: config.thirdLogin.douban.appSecret,
    callbackURL: `${siteUrl}/passport/autosign/doubanback`
}, (accessToken, refreshToken, profile, done) => {
    done(null, profile);
}));

// renren 登录
passport.use('renren', new RenrenStrategy({
    clientID: config.thirdLogin.renren.appID,
    clientSecret: config.thirdLogin.renren.appSecret,
    callbackURL: `${siteUrl}/passport/login/renren/callback`
}, (accessToken, refreshToken, profile, done) => {
    done(null, profile);
}));