增加用户权限的控制。

htoooth
Commit 62398bdd84f5a5d651cc4ee5b7d31a5f964f09ab 1 parent a46bc69a
Showing 2 changed files with 20 additions and 1 deletions
apps/product/router.js
doraemon/middleware/auth.js
--- a/apps/product/router.js
View file @62398bd
+++ b/apps/product/router.js
View file @62398bd
@@ -8,6 +8,7 @@
 
 const router = require('express').Router(); // eslint-disable-line
 const cRoot = './controllers';
+ const auth = require(`${global.middleware}/auth`);
 
 // 商品详情controller
 const detail = require(`${cRoot}/detail`);
@@ -45,7 +46,7 @@ router.get('/list', list.index); // 商品列表页
 router.get(/\/pro_([\d]+)_([\d]+)\/(.*)/, detail.showMain); // 商品详情routers
 router.get('/detail/comment', detail.indexComment);// 商品评论
 router.get('/detail/consult', detail.indexConsult);// 商品咨询
- router.post('/detail/consult', detail.createConsult);// 创建咨询
+ router.post('/detail/consult', auth, detail.createConsult);// 创建咨询
 router.get('/detail/hotarea', detail.indexHotArea);// 商品热区
 router.post('/index/favoriteBrand', favorite.changeFavoriteBrand);// 收藏品牌
 router.post('/item/togglecollect', favorite.collectProduct); // 收藏商品
--- a/doraemon/middleware/auth.js
View file @62398bd
+++ b/doraemon/middleware/auth.js
View file @62398bd
@@ -6,6 +6,24 @@
 
 'use strict';
 
+ const _ = require('lodash');
+ const helpers = global.yoho.helpers;
+ 
 module.exports = (req, res, next) => {
+     let refer = req.method === 'GET'? req.get('Referer'):'';
+ 
+     let loginUrl = helpers.urlFormat('/passport/login', {refer: refer});
+ 
+     if (_.isEmpty(req.user) || !req.user.uid) {
+         if (req.xhr) {
+             return res.json({
+                 code: 400,
+                 message: '抱歉，您暂未登录！',
+                 data: {refer: loginUrl}
+             });
+         }
+ 
+         return res.redirect(loginUrl);
+     }
     next();
 };