auth.js 1.1 KB
/**
 * 登录判断
 * @author: xuqi<qi.xu@yoho.cn>
 * @date: 2016/4/25
 */

'use strict';

const _ = require('lodash');
const helpers = global.yoho.helpers;

module.exports = (req, res, next) => {
    let refer = req.method === 'GET' ? req.get('Referer') : '';

    let loginAPI = helpers.urlFormat('/passport/login', {refer: refer});

    let loginPage = helpers.urlFormat('/passport/login', {refer: req.fullUrl()});

    if (_.isEmpty(req.user) || !req.user.uid.isValid()) {
        if (req.xhr) {
            return res.json({
                code: 400,
                message: '抱歉,您暂未登录!',
                data: {refer: loginAPI}
            });
        }

        return res.redirect(loginPage);
    } else if (!req.xhr && req.session.CSToken && req.session.canSkip && req.session.canSkip !== 'Y' &&
            req.path.indexOf('passport/back/weak') < 0) {
        // 登录状态,不是ajax请求 检测弱密码
        return res.redirect(helpers.urlFormat('/passport/back/weak', {
            refer: refer && refer.indexOf('passport/back/weak') > -1 ? '/' : refer
        }));
    }

    next();
};