Authored by 周少峰

Merge branch 'master' into hotfix/security

@@ -266,7 +266,7 @@ let mobileRegister = (req, res, next) => { @@ -266,7 +266,7 @@ let mobileRegister = (req, res, next) => {
266 } 266 }
267 267
268 /* 手机注册: 调用注册接口*/ 268 /* 手机注册: 调用注册接口*/
269 - let regResult = yield regService.regMobileAes(area, mobile, password, cookie.getShoppingKey(req)); 269 + let regResult = yield regService.regMobileAes(area, mobile, password, code, cookie.getShoppingKey(req));
270 270
271 if (!regResult.code || regResult.code !== 200) { 271 if (!regResult.code || regResult.code !== 200) {
272 data.message = '注册失败'; 272 data.message = '注册失败';
@@ -40,7 +40,8 @@ const syncUserSession = (uid, req, res, sessionKey) => { @@ -40,7 +40,8 @@ const syncUserSession = (uid, req, res, sessionKey) => {
40 let encryptionUid = aes.encryptionUid(data.uid); 40 let encryptionUid = aes.encryptionUid(data.uid);
41 41
42 if (data) { 42 if (data) {
43 - let uidCookie = `${data.profile_name}::${encryptionUid}::${data.vip_info.title}::${token}`; 43 + let uidCookie =
  44 + `${encodeURIComponent(data.profile_name)}::${encryptionUid}::${data.vip_info.title}::${token}`;
44 let isStudent = data.vip_info.is_student || 0; 45 let isStudent = data.vip_info.is_student || 0;
45 46
46 res.cookie('_UID', uidCookie, { 47 res.cookie('_UID', uidCookie, {
@@ -30,27 +30,13 @@ let validMobileCode = (area, mobile, code) => { @@ -30,27 +30,13 @@ let validMobileCode = (area, mobile, code) => {
30 return api.post('', params); 30 return api.post('', params);
31 }; 31 };
32 32
33 -let regMobile = (area, mobile, password, shoppingKey)=> {  
34 - let params = {  
35 - method: 'app.passport.register',  
36 - area: area,  
37 - profile: mobile,  
38 - password: password  
39 - };  
40 -  
41 - if (shoppingKey) {  
42 - params.shopping_key = shoppingKey;  
43 - }  
44 -  
45 - return api.post('', params);  
46 -};  
47 -  
48 -let regMobileAes = (area, mobile, password, shoppingKey)=> { 33 +let regMobileAes = (area, mobile, password, code, shoppingKey)=> {
49 let params = { 34 let params = {
50 method: 'app.passport.registerAES', 35 method: 'app.passport.registerAES',
51 area: area, 36 area: area,
52 profile: mobile, 37 profile: mobile,
53 - password: aes.aesPwd(password) 38 + password: aes.aesPwd(password),
  39 + verifyCode: code
54 }; 40 };
55 41
56 if (shoppingKey) { 42 if (shoppingKey) {
@@ -63,6 +49,5 @@ let regMobileAes = (area, mobile, password, shoppingKey)=> { @@ -63,6 +49,5 @@ let regMobileAes = (area, mobile, password, shoppingKey)=> {
63 module.exports = { 49 module.exports = {
64 sendCodeToMobile, 50 sendCodeToMobile,
65 validMobileCode, 51 validMobileCode,
66 - regMobile,  
67 regMobileAes 52 regMobileAes
68 }; 53 };
@@ -174,7 +174,7 @@ @@ -174,7 +174,7 @@
174 174
175 <input id="country-code-hide" name="countryCode" type="hidden" value="{{countryCode}}"> 175 <input id="country-code-hide" name="countryCode" type="hidden" value="{{countryCode}}">
176 <input id="captcha-sms-token-hide" name="token" type="hidden"> 176 <input id="captcha-sms-token-hide" name="token" type="hidden">
177 - <input id="qrcode" name="qrcode" type="hidden" value="//m.yohobuy.com/signin.html"> 177 + <input id="qrcode" name="qrcode" type="hidden" value="http://m.yohobuy.com/signin.html">
178 <input id="uid" type="hidden"> 178 <input id="uid" type="hidden">
179 179
180 </div> 180 </div>
@@ -269,7 +269,10 @@ const getBrandData = (params, extra, channel) => { @@ -269,7 +269,10 @@ const getBrandData = (params, extra, channel) => {
269 269
270 if (params.shopId) { 270 if (params.shopId) {
271 // 店铺以店铺ID查询商品 271 // 店铺以店铺ID查询商品
272 - queryBase.shop_id = params.shopId; 272 + Object.assign(queryBase, {
  273 + shop_id: params.shopId,
  274 + shop: params.shopId
  275 + });
273 } else { 276 } else {
274 // 品牌以品牌ID查询商品 277 // 品牌以品牌ID查询商品
275 queryBase.brand = extra.brandId; 278 queryBase.brand = extra.brandId;
1 { 1 {
2 "name": "yohobuy-node", 2 "name": "yohobuy-node",
3 - "version": "5.2.3", 3 + "version": "5.2.4",
4 "private": true, 4 "private": true,
5 "description": "A New Yohobuy Project With Express", 5 "description": "A New Yohobuy Project With Express",
6 "repository": { 6 "repository": {
@@ -81,7 +81,7 @@ function getProfileName() { @@ -81,7 +81,7 @@ function getProfileName() {
81 return 0; 81 return 0;
82 } 82 }
83 83
84 - return user[0]; 84 + return decodeURIComponent(user[0]);
85 } 85 }
86 86
87 function getShoppingKey() { 87 function getShoppingKey() {
@@ -1196,8 +1196,6 @@ $deviceSwitcher.on('click', function() { @@ -1196,8 +1196,6 @@ $deviceSwitcher.on('click', function() {
1196 refreshQrCodeAsync().then(pollingThisQrCodeStatusAsync); 1196 refreshQrCodeAsync().then(pollingThisQrCodeStatusAsync);
1197 } 1197 }
1198 1198
1199 - // 临时去掉二维码登陆  
1200 - $(this).parent('.switch-login-type').hide();  
1201 }); 1199 });
1202 1200
1203 // 鼠标移动到二维码上面 1201 // 鼠标移动到二维码上面
@@ -76,8 +76,8 @@ function setLoginStatus(data) { @@ -76,8 +76,8 @@ function setLoginStatus(data) {
76 '<a href="//www.yohobuy.com/logout.html">[退出]</a>'; 76 '<a href="//www.yohobuy.com/logout.html">[退出]</a>';
77 } else { 77 } else {
78 loginHtml = '<span>Hi~</span>&nbsp;' + 78 loginHtml = '<span>Hi~</span>&nbsp;' +
79 - '<a href="//www.yohobuy.com/signin.html?refer="' + window.location.href + '>[请登录]</a>&nbsp;' +  
80 - '<a href="//www.yohobuy.com/reg.html"' + window.location.href + '>[免费注册]</a>'; 79 + '<a href="//www.yohobuy.com/signin.html">[请登录]</a>&nbsp;' +
  80 + '<a href="//www.yohobuy.com/reg.html">[免费注册]</a>';
81 } 81 }
82 $('.header-tool li').eq(0).html(loginHtml); 82 $('.header-tool li').eq(0).html(loginHtml);
83 } 83 }