增加用户权限的控制。

htoooth
Commit 62398bdd84f5a5d651cc4ee5b7d31a5f964f09ab 1 parent a46bc69a
Showing 2 changed files with 20 additions and 1 deletions
apps/product/router.js
doraemon/middleware/auth.js
--- a/apps/product/router.js
View file @62398bd
+++ b/apps/product/router.js
View file @62398bd
@@ -8,6 +8,7 @@
 const router = require('express').Router(); // eslint-disable-line
 const cRoot = './controllers';
+const auth = require(`${global.middleware}/auth`);
 // 商品详情controller
 const detail = require(`${cRoot}/detail`);
@@ -45,7 +46,7 @@ router.get('/list', list.index); // 商品列表页
 router.get(/\/pro_([\d]+)_([\d]+)\/(.*)/, detail.showMain); // 商品详情routers
 router.get('/detail/comment', detail.indexComment);// 商品评论
 router.get('/detail/consult', detail.indexConsult);// 商品咨询
-router.post('/detail/consult', detail.createConsult);// 创建咨询
+router.post('/detail/consult', auth, detail.createConsult);// 创建咨询
 router.get('/detail/hotarea', detail.indexHotArea);// 商品热区
 router.post('/index/favoriteBrand', favorite.changeFavoriteBrand);// 收藏品牌
 router.post('/item/togglecollect', favorite.collectProduct); // 收藏商品
--- a/doraemon/middleware/auth.js
View file @62398bd
+++ b/doraemon/middleware/auth.js
View file @62398bd
@@ -6,6 +6,24 @@
 'use strict';
+const _ = require('lodash');
+const helpers = global.yoho.helpers;
+
 module.exports = (req, res, next) => {
+    let refer = req.method === 'GET'? req.get('Referer'):'';
+
+    let loginUrl = helpers.urlFormat('/passport/login', {refer: refer});
+
+    if (_.isEmpty(req.user) || !req.user.uid) {
+        if (req.xhr) {
+            return res.json({
+                code: 400,
+                message: '抱歉，您暂未登录！',
+                data: {refer: loginUrl}
+            });
+        }
+
+        return res.redirect(loginUrl);
+    }
     next();
 };