弱密码中间件

郝肖肖
Commit 5158ddd746457a8af7688a667b12028dffd0845e 1 parent 640349c5
Showing 5 changed files with 33 additions and 4 deletions
app.js
apps/passport/controllers/back.js
apps/passport/controllers/login.js
apps/passport/views/action/back/weak-pwd.hbs
doraemon/middleware/weak-pass-check.js
--- a/app.js
View file @5158ddd
+++ b/app.js
View file @5158ddd
@@ -176,6 +176,7 @@ try {
     const layoutTools = require('./doraemon/middleware/layout-tools');
     const pageCache = require('./doraemon/middleware/page-cache');
     const devtool = require('./doraemon/middleware/devtools');
+     const weakPassCheck = require('./doraemon/middleware/weak-pass-check');
 
     // YOHO 前置中间件
     app.use(setYohoData());
@@ -193,6 +194,8 @@ try {
         app.use(devtool());
     }
 
+     app.use(weakPassCheck());
+ 
     require('./dispatch')(app);
 
     app.all('*', errorHanlder.notFound()); // 404
--- a/apps/passport/controllers/back.js
View file @5158ddd
+++ b/apps/passport/controllers/back.js
View file @5158ddd
@@ -432,7 +432,8 @@ const weakPasswordPage = (req, res, next) => {
             resetPwd: {
                 coverHref: result.url,
                 coverImg: result.img,
-                 refer: refer
+                 refer: refer,
+                 isCanSkip: req.cookies.canSkip === 'Y'
             }
         }));
     }).catch(next);
--- a/apps/passport/controllers/login.js
View file @5158ddd
+++ b/apps/passport/controllers/login.js
View file @5158ddd
@@ -166,7 +166,6 @@ const local = {
     },
     login: (req, res, next) => {
         passport.authenticate('local', (err, user) => {
-             console.log(err, user, ' === ');
             if (err) {
                 return res.json({
                     code: 400,
@@ -202,7 +201,7 @@ const local = {
             loginService.syncUserSession(user, req, res).then((noCertTip) => {
                 // 弱密码
                 if (user.code === 510) {
-                     refer = `${config.siteUrl}/passport/back/weak?token=${user.token}&refer=${refer}`;
+                     refer = `${config.siteUrl}/passport/back/weak?refer=${refer}`;
                 } else if (noCertTip === true) {
                     refer = `${config.siteUrl}/passport/cert/tip?refer=${refer}`;
                 }
--- a/apps/passport/views/action/back/weak-pwd.hbs
View file @5158ddd
+++ b/apps/passport/views/action/back/weak-pwd.hbs
View file @5158ddd
@@ -41,7 +41,7 @@
                         <input id="reset-pwd-btn" class="btn reset-pwd-btn disable" type="button" value="重新登录" disabled="true">
                     </li>
                     <li class="input-container-li">
-                         <a class="weak-pwd-pass" href="{{refer}}" data-url="{{refer}}">跳过<i class="iconfont right-icon"></i></a>
+                         <a class="weak-pwd-pass {{#unless isCanSkip}} hide{{/unless}}" href="{{refer}}" data-url="{{refer}}">跳过<i class="iconfont right-icon"></i></a>
                     </li>
                 </ul>
             </form>
--- a/doraemon/middleware/weak-pass-check.js 0 → 100644
View file @5158ddd
+++ b/doraemon/middleware/weak-pass-check.js 0 → 100644
View file @5158ddd
+ /**
+  * 弱密码检测
+  * @author: xiaoxiao.hao<xiaoxiao.hao@yoho.cn>
+  * @date: 2017/4/17
+  */
+ 
+ 'use strict';
+ 
+ const helpers = global.yoho.helpers;
+ 
+ module.exports = () => {
+     return (req, res, next) => {
+         let refer = req.method === 'GET' ? req.get('Referer') : '';
+ 
+         refer = helpers.urlFormat('/passport/back/weak', {
+             refer: refer && refer.indexOf('passport/back/weak') > -1 ? '/' : refer
+         });
+ 
+         if (!req.xhr && req.user && req.user.uid && req.user.uid.isValid() &&
+             req.cookies.CSToken && req.cookies.canSkip !== 'Y' && req.path.indexOf('passport/back/weak') < 0) {
+             return res.redirect(refer);
+         }
+ 
+         next();
+     };
+ };