fe / yohobuy-node · Commits

Go to a project

Authored by htoooth
Commit 83133e1abf542249c9a7813d8b905ea9abe0954d 1 parent f4c87bbf

fix

Inline Side-by-side
Showing 1 changed file with 30 additions and 46 deletions
... ... @@ -25,15 +25,10 @@ const cache = global.yoho.cache;
let siteUrl = config.siteUrl.indexOf('//') === 0 ? 'http:' + config.siteUrl : config.siteUrl;
function getLoginStat(ip) {
let errorLoginKey = 'loginErrorIp:' + ip;
let accountKey = 'signinErrorIp:' + ip;
let cacheGet = [cache.get(errorLoginKey), cache.get(accountKey)];
return Promise.all(cacheGet).catch(() => {
return [0, 0];
});
return cache.get(errorLoginKey);
}
// 本地登录
... ... @@ -42,7 +37,6 @@ passport.use('local', new LocalStrategy({
passwordField: 'password',
passReqToCallback: true
}, (req, username, password, done) => {
let area = req.body.areaCode || '86';
if (_.isEmpty(password)) {
... ... @@ -55,48 +49,38 @@ passport.use('local', new LocalStrategy({
let clientIp = req.yoho.clientIp;
let errorLoginKey = 'loginErrorIp:' + clientIp;
let accountKey = 'signinErrorIp:' + clientIp;
getLoginStat(clientIp).then(times => {
let errLoginTimes = _.parseInt(times[0]) || 0;
let accountTimes = _.parseInt(times[1]) || 0;
if (accountTimes >= 10) {
done({message: '您的账号已被暂时锁定,请稍后再试'}, null);
} else {
return LoginApi.signin(type, area, username, password, shoppingKey, clientIp).then((result) => {
if (result.code && result.code === 200 && result.data.uid) {
cache.del(errorLoginKey).catch(() => {});
req.session.type = '';
done(null, result.data);
getLoginStat(clientIp).then((times) => {
let errLoginTimes = _.parseInt(times) || 0;
return LoginApi.signin(type, area, username, password, shoppingKey, clientIp).then((result) => {
if (result.code && result.code === 200 && result.data.uid) {
cache.del(errorLoginKey).catch(() => {});
req.session.type = '';
done(null, result.data);
} else {
errLoginTimes = errLoginTimes + 1;
cache.set(errorLoginKey, errLoginTimes, 3600).catch(() => {});
// 再次校验
if (errLoginTimes >= 1) {
req.session.type = 'needCaptcha';
done({
message: `您输入的密码及账户名不匹配,
是否<a href="${helpers.urlFormat('/passport/back/index')}" target="_blank">忘记密码?</a>`,
needCaptcha: true,
type: type
});
} else {
errLoginTimes = errLoginTimes + 1;
accountTimes = accountTimes + 1;
cache.set(errorLoginKey, errLoginTimes).catch(() => {});
cache.set(accountKey, accountTimes, 3600).catch(() => {});
// 再次校验
if (accountTimes >= 10) {
done({message: '您的账号已被暂时锁定,请稍后再试'}, null);
} else if (errLoginTimes >= 1) {
req.session.type = 'needCaptcha';
done({
message: `您输入的密码及账户名不匹配,
是否<a href="${helpers.urlFormat('/passport/back/index')}" target="_blank">忘记密码?</a>`,
needCaptcha: true,
type: type
});
} else {
done({
message: `您输入的密码及账户名不匹配,
是否<a href="${helpers.urlFormat('/passport/back/index')}" target="_blank">忘记密码?</a>`,
needCaptcha: false
});
}
done({
message: `您输入的密码及账户名不匹配,
是否<a href="${helpers.urlFormat('/passport/back/index')}" target="_blank">忘记密码?</a>`,
needCaptcha: false
});
}
});
}
}
});
}).catch(e => {
logger.error('call the signin service fail,', e);
done('登录失败,请稍后重试', null);
... ...