fe / yohobuy-node · Commits

Go to a project

Authored by 姜枫
Commit 75f37235034144875456d21ec6446750450c2cab 2 parents c0adc969 ce611b4b

merge

Inline Side-by-side
Showing 4 changed files with 166 additions and 173 deletions
... ... @@ -37,7 +37,7 @@ passport.use(new LocalStrategy({
let area = req.body.area || '86';
if (isNaN(parseInt(area, 0)) || _.isEmpty(username) || _.isEmpty(password)) {
if (isNaN(_.parseInt(area)) || _.isEmpty(username) || _.isEmpty(password)) {
logger.info(`【Passport Loginbad params, area:${area} account:${username} password:${password}`);
return done({message: '登录参数错误'}, null);
}
... ... @@ -74,14 +74,14 @@ passport.use(new LocalStrategy({
let cacheGet = [cache.get(errorLoginKey), cache.get(accountKey), cache.get(ipKey)];
Promise.all(cacheGet).then(times => {
let errLoginTimes = parseInt(times[0], 0) || 0;
let accountTimes = parseInt(times[1], 0) || 0;
let ipTimes = parseInt(times[2], 0) || 0;
let errLoginTimes = _.parseInt(times[0]) || 0;
let accountTimes = _.parseInt(times[1]) || 0;
let ipTimes = _.parseInt(times[2]) || 0;
if (accountTimes >= 10) {
done({ message: '您的账号已被暂时锁定,请稍后再试' }, null);
done({message: '您的账号已被暂时锁定,请稍后再试'}, null);
} else if (ipTimes >= 100) {
done({ message: '您尝试的次数过多,账号已被暂时锁定,请稍后再试' }, null);
done({message: '您尝试的次数过多,账号已被暂时锁定,请稍后再试'}, null);
} else {
return AuthHelper.signin(area, username, password, shoppingKey).then((result) => {
if (result.code && result.code === 200 && result.data.uid) {
... ... @@ -98,9 +98,9 @@ passport.use(new LocalStrategy({
// 再次校验
if (ipTimes >= 100) {
done({ message: '您尝试的次数过多,账号已被暂时锁定,请稍后再试' }, null);
done({message: '您尝试的次数过多,账号已被暂时锁定,请稍后再试'}, null);
} else if (accountTimes >= 10) {
done({ message: '您的账号已被暂时锁定,请稍后再试' }, null);
done({message: '您的账号已被暂时锁定,请稍后再试'}, null);
} else if (errLoginTimes >= 3) {
done({
message: `您输入的密码及账户名不匹配,
... ...
... ... @@ -3,6 +3,7 @@
*/
'use strict';
const _ = require('lodash');
const Promise = require('bluebird');
const passportHelper = require('../models/passport-helper');
const regService = require('../models/reg-service');
const userService = require('../models/user-service');
... ... @@ -13,6 +14,56 @@ let helpers = global.yoho.helpers;
let cache = global.yoho.cache;
let cookie = global.yoho.cookie;
/**
* 检查图形验证码
*/
let checkCode = (req, res, next) => {
let verifyCode = _.trim(req.body.verifyCode);
if (verifyCode !== req.session.captcha) {
return res.json({
code: 400,
message: '验证码错误'
});
}
next();
};
/**
* 检查手机格式
*/
let checkMobileMiddleware = (req, res, next) => {
let mobile = +req.body.mobile;
let area = +req.body.area;
if (!_.isNumber(mobile) || !_.isNumber(area)) {
return res.json({
code: 400,
message: '手机号码格式不正确'
});
}
next();
};
/**
* 检查密码格式
*/
let checkPassword = (req, res, next) => {
/* 判断密码是否符合规则 */
let password = req.body.password;
if (!helpers.verifyPassword(password)) {
return res.json({
code: 400,
message: '密码不正确'
});
}
next();
};
/**
* 注册首页
*/
let index = (req, res, next) => {
// 设置注册有效时间30分钟, 防机器刷
req.session._REG_EXPIRE = Date.now() + 1800000;
... ... @@ -41,6 +92,9 @@ let index = (req, res, next) => {
}).catch(next);
};
/**
* 检查手机号码是否注册过
*/
let checkMobile = (req, res, next) => {
let data = {
code: 400
... ... @@ -48,18 +102,16 @@ let checkMobile = (req, res, next) => {
let mobile = +req.body.mobile;
let area = +req.body.area;
if (!_.isNumber(mobile) || !_.isNumber(area)) {
data.message = '手机号码格式不正确';
return res.json(data);
}
// 判断手机号是否检查超过指定次数
let key = 'checkmobilenum_' + passportHelper.makeAreaMobile(area, mobile);
let regCheckKey = 'regCheckMobileNum_' + passportHelper.makeAreaMobile(area, mobile);
cache.get(key).then((checkNum) => {
cache.get(regCheckKey).then((checkNum) => {
checkNum = +(checkNum || 0);
cache.set(key, ++checkNum).catch(next);
return cache.set(regCheckKey, ++checkNum).then(() => {
return checkNum;
});
}).then((checkNum) => {
if (checkNum > 500) {
data.message = '检查次数太多';
return res.json(data);
... ... @@ -78,104 +130,76 @@ let checkMobile = (req, res, next) => {
}).catch(next);
};
/**
* 图形验证码校验
*/
let picCaptcha = (req, res) => {
let verifyCode = _.trim(req.body.verifyCode);
if (verifyCode !== req.session.captcha) {
return res.json({
code: 400,
message: '验证码错误'
});
}
// 图形验证码已经在中间件校验,如果走到这儿,说明通过校验
return res.json({
code: 200,
message: '验证码正确'
});
};
/**
* 发送验证码
*/
let sendBindMsg = (req, res, next) => {
let data = {
code: 400,
message: '',
data: ''
};
let mobile = +req.body.mobile;
let area = +req.body.area;
// 判断参数是否合法
if (!_.isNumber(mobile) || !_.isNumber(area)) {
data.message = '手机号码格式不正确';
return res.json(data);
}
let verifyCode = _.trim(req.body.verifyCode);
if (verifyCode !== req.session.captcha) {
data.message = '验证码不正确';
return res.json(data);
}
// 检查是否检查过
// let makeMobile = passportHelper.makeAreaMobile(area, mobile);
//
// if (req.session[`checkmobile_${makeMobile}`] !== makeMobile) {
// data.message = '发送失败';
// return res.json(data);
// }
Promise.coroutine(function*() {
let data = {
code: 400,
message: '',
data: ''
};
// 校验是否发送过多
let sendCodeKey = `send_code_${area}_${mobile}`;
let mobile = +req.body.mobile;
let area = +req.body.area;
cache.get(sendCodeKey).then((sendCodeTimes) => {
if (!sendCodeTimes) {
sendCodeTimes = 0;
} else {
sendCodeTimes = +sendCodeTimes;
}
// 检查是否检查过
let checkNum = yield cache.get(`regCheckMobileNum_${passportHelper.makeAreaMobile(area, mobile)}`);
if (sendCodeTimes >= 10) {
data.message = '您已多次提交验证码,请尽快联系客服解决';
if (!checkNum) {
data.message = '发送失败';
return res.json(data);
}
// 校验是否发送过多
let sendCodeKey = `send_code_${area}_${mobile}`;
let sendCodeTimes = yield cache.get(sendCodeKey);
sendCodeTimes = +(sendCodeTimes || 0);
if (sendCodeTimes >= 5) {
data.message = '您收到的验证码短信已超过本日限定最多次数,请您耐心等待';
data.message = sendCodeTimes >= 10 ? '您已多次提交验证码,请尽快联系客服解决' : '您收到的验证码短信已超过本日限定最多次数,请您耐心等待';
return res.json(data);
}
/* 向手机发送注册验证码 */
return regService.sendCodeToMobile(area, mobile).then((result) => {
return cache.set(sendCodeKey, sendCodeTimes + 1, 3600).then(() => {
if (result.code) {
return res.json(result);
} else {
data.message = '发送失败';
return res.json(data);
}
});
let result = yield regService.sendCodeToMobile(area, mobile);
return cache.set(sendCodeKey, sendCodeTimes + 1, 3600).then(() => {
if (result.code) {
return res.json(result);
} else {
data.message = '发送失败';
return res.json(data);
}
});
}).catch(next);
})().catch(next);
};
/**
* 短信验证码校验
*/
let msgCaptcha = (req, res, next) => {
let data = {
code: 400,
message: '',
data: ''
};
let area = +req.body.area;
let mobile = +req.body.mobile;
let code = +req.body.code; // 短信验证码
// 判断参数是否合法
if (!_.isNumber(mobile) || !_.isNumber(area)) {
data.message = '手机号码格式不正确';
return res.json(data);
}
regService.validMobileCode(area, mobile, code).then((result) => {
if (result.code) {
return res.json(result);
... ... @@ -186,51 +210,29 @@ let msgCaptcha = (req, res, next) => {
}).catch(next);
};
/**
* 注册接口
*/
let mobileRegister = (req, res, next) => {
let data = {
code: 400,
message: '',
data: ''
};
let area = +req.body.area;
let mobile = +req.body.mobile;
// 判断参数是否合法
if (!_.isNumber(mobile) || !_.isNumber(area)) {
data.message = '手机号码格式不正确';
return res.json(data);
}
/* 判断是否是有效的注册方式,防注册机刷 */
let regExpireTime = req.session._REG_EXPIRE;
if (!regExpireTime || regExpireTime < Date.now()) {
data.message = '注册超时';
return res.json(data);
}
let verifyCode = _.trim(req.body.verifyCode);
if (verifyCode !== req.session.captcha) {
data.message = '验证码不正确';
return res.json(data);
}
Promise.coroutine(function*() {
let data = {
code: 400,
message: '',
data: ''
};
/* 判断密码是否符合规则 */
let code = +req.body.code; // 短信验证码
let password = req.body.password;
/* 判断是否是有效的注册方式,防注册机刷 */
let regExpireTime = req.session._REG_EXPIRE;
if (!helpers.verifyPassword(password)) {
data.message = '密码不正确';
return res.json(data);
}
if (!regExpireTime || regExpireTime < Date.now()) {
data.message = '注册超时';
return res.json(data);
}
/* IP仅允许点击注册500次/时 */
let ip = req.ip;
let ipKey = 'ip_register_' + ip;
/* IP仅允许点击注册500次/时 */
let ipKey = 'ip_register_' + req.ip;
let ipTimes = yield cache.get(ipKey);
cache.get(ipKey).then((ipTimes) => {
if (!ipTimes) {
ipTimes = 0;
} else {
... ... @@ -242,52 +244,40 @@ let mobileRegister = (req, res, next) => {
return res.json(data);
}
return cache.set(ipKey, ipTimes + 1, 3600).then(() => {
/* 验证注册的标识码是否有效 */
return regService.validMobileCode(area, mobile, code).then((result) => {
if (!result.code || result.code !== 200) {
data.message = '验证码错误';
return res.json(data);
}
yield cache.set(ipKey, ipTimes + 1, 3600);
let shoppingKey = cookie.getShoppingKey(req);
/* 手机注册: 调用注册接口,ip限制计数 */
return regService.regMobile(area, mobile, password, shoppingKey).then((regResult) => {
if (!regResult.code || regResult.code !== 200) {
data.message = '注册失败';
return res.json(data);
}
// 返回跳转到来源页面
let refer = req.cookies.refer;
if (refer) {
refer = decodeURI(req.cookies.refer);
} else {
refer = '/?go=1';
}
if (/signin|login/.test(refer)) {
refer = '/?go=1';
}
return authHelper.syncUserSession(regResult.data.uid, req, res).then(() => {
return res.json({
code: 200,
message: '注册成功',
data: {
href: helpers.urlFormat('/passport/reg/success', {
next: refer,
goShoppingUrl: config.siteUrl
})
}
});
});
});
let area = +req.body.area;
let mobile = +req.body.mobile;
let code = +req.body.code; // 短信验证码
let password = req.body.password;
let result = yield regService.validMobileCode(area, mobile, code); // 验证注册的标识码是否有效
if (!result.code || result.code !== 200) {
data.message = '验证码错误';
return res.json(data);
}
/* 手机注册: 调用注册接口*/
let regResult = yield regService.regMobile(area, mobile, password, cookie.getShoppingKey(req));
if (!regResult.code || regResult.code !== 200) {
data.message = '注册失败';
return res.json(data);
}
return authHelper.syncUserSession(regResult.data.uid, req, res).then(() => {
return res.json({
code: 200,
message: '注册成功',
data: {
href: helpers.urlFormat('/passport/reg/success', {
next: cookie.getRefer(req, '/?go=1'),
goShoppingUrl: config.siteUrl
})
}
});
});
}).catch(next);
})().catch(next);
};
let success = (req, res, next) => {
... ... @@ -308,6 +298,9 @@ let success = (req, res, next) => {
};
module.exports = {
checkCode,
checkMobileMiddleware,
checkPassword,
index,
success,
checkMobile,
... ...
... ... @@ -62,11 +62,11 @@ router.post('/autouserinfo/bindMobile', bind.bindMobile);
* 注册页面路由
*/
router.get('/reg/index', reg.index);
router.post('/reg/checkmobile', reg.checkMobile);
router.post('/reg/piccaptcha', reg.picCaptcha);
router.post('/reg/msgcaptcha', reg.msgCaptcha);
router.post('/reg/sendBindMsg', reg.sendBindMsg);
router.post('/reg/mobileregister', reg.mobileRegister);
router.post('/reg/checkmobile', reg.checkMobileMiddleware, reg.checkMobile);
router.post('/reg/piccaptcha', reg.checkCode, reg.picCaptcha);
router.post('/reg/msgcaptcha', reg.checkMobileMiddleware, reg.msgCaptcha);
router.post('/reg/sendBindMsg', reg.checkMobileMiddleware, reg.checkCode, reg.sendBindMsg);
router.post('/reg/mobileregister', reg.checkMobileMiddleware, reg.checkPassword, reg.checkCode, reg.mobileRegister);
router.get('/reg/success', reg.success);
/**
... ...
... ... @@ -83,7 +83,7 @@
"postcss-center": "^1.0.0",
"postcss-clearfix": "^1.0.0",
"postcss-crip": "^2.0.0",
"postcss-opacity": "^3.0.0",
"postcss-opacity": "^4.0.0",
"postcss-position": "^0.5.0",
"postcss-pxtorem": "^3.3.1",
"postcss-short": "^1.4.0",
... ... @@ -92,7 +92,7 @@
"precss": "^1.4.0",
"rewire": "^2.5.1",
"shelljs": "^0.7.0",
"stylelint": "^6.6.0",
"stylelint": "^6.8.0",
"stylelint-config-yoho": "^1.2.4",
"webpack": "^1.13.1",
"webpack-dev-server": "^1.14.1",
... ... @@ -100,7 +100,7 @@
"yoho-handlebars": "^4.0.5",
"yoho-jquery": "^1.12.4",
"yoho-jquery-lazyload": "^1.9.7",
"yoho-jquery-placeholder": "0.0.3",
"yoho-jquery-placeholder": "^2.3.1",
"yoho-slider": "0.0.2"
}
}
... ...