fe / yohobuy-node · Commits

Go to a project

Authored by 陈峰
Commit 2995032cd322242af0bf770375a1278823d85c42 2 parents 58fdadcb dab9695c

Merge branch 'release/6.5.5' into 'gray' 

Release/6.5.5

去除QQ登陆&风控&seo列表页跳转

See merge request !262
Inline Side-by-side
Showing 10 changed files with 159 additions and 12 deletions
... ... @@ -134,6 +134,7 @@ const logger = global.yoho.logger;
// dispatcher
try {
const setYohoData = require('./doraemon/middleware/set-yoho-data');
const riskManagement = require('./doraemon/middleware/risk-management');
const htaccess = require('./doraemon/middleware/htaccess');
const subDomain = require('./doraemon/middleware/sub-domain');
const mobileRefer = require('./doraemon/middleware/mobile-refer');
... ... @@ -149,6 +150,7 @@ try {
// YOHO 前置中间件
app.use(setYohoData());
app.use(riskManagement());
app.use(htaccess());
app.use(subDomain());
app.use(mobileRefer());
... ...
... ... @@ -31,7 +31,7 @@ const isHuman = (req, res) => {
delete req.session.apiLimitValidate;
logger.warn('isHuman', remoteIp);
return robotCheckService.removeBlack(remoteIp, apiLimitValidate).then(() => {
return robotCheckService.removeBlack(remoteIp, apiLimitValidate, req.headers.referer).then(() => {
return res.json({
code: 200
});
... ...
'use strict';
const url = require('url');
const cache = global.yoho.cache.master;
const Promise = require('bluebird');
const co = Promise.coroutine;
... ... @@ -17,9 +18,15 @@ const index = co(function* (channel) {
};
});
const removeBlack = (remoteIp, apiLimitValidate) => {
const removeBlack = (remoteIp, apiLimitValidate, referer) => {
let operations = [];
if (referer) {
let pid = _.get(url.parse(referer, true), 'query.pid');
pid && operations.push(cache.delAsync(`${pid}:${remoteIp}`));
}
operations.push(cache.delAsync(`${config.app}:limiter:${remoteIp}`));
// 验证码之后一小时之内不再限制qps
... ...
... ... @@ -46,20 +46,20 @@ router.get('/passport/autosign/sina', login.common.beforeLogin, login.sina.login
router.get('/passport/login/sina/callback', login.sina.callback);
// qq登录
router.get('/passport/autosign/qq', login.common.beforeLogin, login.qq.login);
router.get('/passport/login/qq/callback', login.qq.callback);
// router.get('/passport/autosign/qq', login.common.beforeLogin, login.qq.login);
// router.get('/passport/login/qq/callback', login.qq.callback);
// alipay登录
router.get('/passport/autosign/alipay', login.common.beforeLogin, login.alipay.login);
router.get('/passport/login/alipay/callback', login.alipay.callback);
// douban登录
router.get('/passport/autosign/douban', login.common.beforeLogin, login.douban.login);
router.get('/passport/autosign/doubanback', login.douban.callback);
// router.get('/passport/autosign/douban', login.common.beforeLogin, login.douban.login);
// router.get('/passport/autosign/doubanback', login.douban.callback);
// renren登录
router.get('/passport/autosign/renren', login.common.beforeLogin, login.renren.login);
router.get('/passport/login/renren/callback', login.renren.callback);
// router.get('/passport/autosign/renren', login.common.beforeLogin, login.renren.login);
// router.get('/passport/login/renren/callback', login.renren.callback);
// 第三方登录后绑定手机号
router.get('/passport/thirdlogin/index', captcha.required, bind.indexPage);
... ...
... ... @@ -116,9 +116,6 @@
<a href="{{weixinLogin}}" data-type="4">
<span class="icon weixin"></span>
</a>
<a href="{{qqLogin}}" data-type="1">
<span class="icon qq"></span>
</a>
<a href="{{weiboLogin}}" data-type="2">
<span class="icon weibo"></span>
</a>
... ...
... ... @@ -10,6 +10,8 @@ const helpers = global.yoho.helpers;
const logger = global.yoho.logger;
const _ = require('lodash');
const handleFilterUrl = require(`${global.utils}/parameter`).fullParamToMinPath;
// 搜索相关接口
const searchApi = require('../models/search-api');
const list = require('../models/list');
... ... @@ -24,6 +26,11 @@ exports.index = (req, res, next) => {
let resData = {};
let qs = '';
if (req.originalUrl && req.originalUrl.indexOf('.html') < 0 &&
!_.isEmpty(req.query)) {
return res.redirect(301, helpers.urlFormat(handleFilterUrl('/list', req.query)));
}
try {
qs = decodeURIComponent(req._parsedOriginalUrl.query || '');
} catch (e) {
... ...
/**
* 控制路由请求次数
* @date: 2018/03/05
*/
'use strict';
const _ = require('lodash');
const cache = global.yoho.cache.master;
const helpers = global.yoho.helpers;
const pathToRegexp = require('path-to-regexp');
const logger = global.yoho.logger;
const statusCode = {
code: 4403,
data: {},
message: '亲,您的访问次数过多,请稍后再试哦...'
};
const INVALIDTIME = 3600 * 24; // 24h
const IP_WHITE_LIST = [
'106.38.38.146',
'106.38.38.147',
'106.39.86.227',
'218.94.75.58',
'218.94.75.50',
'218.94.77.166'
];
const _jumpUrl = (req, res, next, result) => {
if (result.code === 4403) {
if (req.xhr) {
res.set({
'Cache-Control': 'no-cache',
Pragma: 'no-cache',
Expires: (new Date(1900, 0, 1, 0, 0, 0, 0)).toUTCString()
});
return res.status(403).json(result);
}
return res.redirect(`${result.data.url}&refer=${req.originalUrl}`);
}
return next();
};
module.exports = () => {
return (req, res, next) => {
// default open
if (_.get(req.app.locals.pc, 'close.risk', false)) {
return next();
}
let ip = _.get(req.yoho, 'clientIp', '');
let path = req.path || '';
let risks = _.get(req.app.locals.pc, 'json.risk', []);
let router = {};
logger.debug(`risk => risks: ${JSON.stringify(risks)}, path: ${path}, ip: ${ip}`); // eslint-disable-line
if (_.isEmpty(path) || _.isEmpty(risks) || IP_WHITE_LIST.indexOf(ip) > -1) {
return next();
}
_.isArray(risks) && risks.some(item => {
if (item.state === 'off') {
return false;
}
if (!item.regRoute) {
item.regRoute = pathToRegexp(item.route);
item.interval = parseInt(item.interval, 10);
item.requests = parseInt(item.requests, 10);
}
if (item.regRoute.test(path)) {
router = item;
return true;
}
return false;
});
logger.debug(`risk => router: ${JSON.stringify(router)}, path: ${path}`); // eslint-disable-line
if (_.isEmpty(router)) {
return next();
}
let keyPath = `${_.trim(path, '/').replace(/\//g, ':')}`;
let limitKey = `pc:risk:limit:${keyPath}:${ip}`;
let configKey = `pc:risk:${keyPath}:${ip}`;
let checkUrl = helpers.urlFormat('/3party/check', {
pid: `pc:risk:limit:${keyPath}`
});
return Promise.all([
cache.getAsync(limitKey),
cache.getAsync(configKey),
]).then(inters => {
logger.debug(`risk => getCache: ${JSON.stringify(inters)}, path: ${path}`); // eslint-disable-line
if (inters[0]) {
return Object.assign({}, statusCode, {data: {url: checkUrl}});
}
if (typeof inters[1] === 'undefined') {
cache.setAsync(configKey, 1, router.interval || 300);
return {code: 200};
}
inters[1] = parseInt(`0${inters[1]}`, 10);
if (inters[1] <= router.requests) {
router = [];
cache.incrAsync(configKey, 1);
return {code: 200};
}
return Promise.all([
cache.setAsync(limitKey, 1, INVALIDTIME),
cache.delAsync(configKey)
]).then(() => {
return Object.assign({}, statusCode, {data: {url: checkUrl}});
});
}).then(result => {
logger.debug(`risk => result: ${JSON.stringify(result)}, path: ${path}`); // eslint-disable-line
return _jumpUrl(req, res, next, result);
}).catch(e => {
console.log(`risk => path: ${path}, err: ${e.message}`);
return next();
});
};
};
... ...
{
"name": "yohobuy-node",
"version": "6.5.23",
"version": "6.5.24",
"private": true,
"description": "A New Yohobuy Project With Express",
"repository": {
... ... @@ -48,6 +48,7 @@
"passport-sina": "^0.1.0",
"passport-strategy": "1.x.x",
"passport-weixin": "^0.1.0",
"path-to-regexp": "^2.2.0",
"redis": "^2.7.1",
"request": "^2.81.0",
"request-ip": "^1.2.2",
... ...
... ... @@ -140,6 +140,7 @@
.third-party-login {
display: table;
width: 100%;
a {
display: table-cell;
... ...
... ... @@ -5452,6 +5452,10 @@ path-to-regexp@0.1.7:
version "0.1.7"
resolved "http://npm.yohops.com/path-to-regexp/-/path-to-regexp-0.1.7.tgz#df604178005f522f15eb4490e7247a1bfaa67f8c"
path-to-regexp@^2.2.0:
version "2.2.0"
resolved "http://npm.yohops.com/path-to-regexp/-/path-to-regexp-2.2.0.tgz#80f0ff45c1e0e641da74df313644eaf115050972"
path-type@^1.0.0:
version "1.1.0"
resolved "http://npm.yohops.com/path-type/-/path-type-1.1.0.tgz#59c44f7ee491da704da415da5a4070ba4f8fe441"
... ...