Merge branch 'feature/passport' of git.yoho.cn:fe/yohobuy-node into feature/passport
Showing
7 changed files
with
50 additions
and
42 deletions
| @@ -39,7 +39,7 @@ passport.use(new LocalStrategy({ | @@ -39,7 +39,7 @@ passport.use(new LocalStrategy({ | ||
| 39 | 39 | ||
| 40 | if (isNaN(parseInt(area, 0)) || _.isEmpty(username) || _.isEmpty(password)) { | 40 | if (isNaN(parseInt(area, 0)) || _.isEmpty(username) || _.isEmpty(password)) { |
| 41 | logger.info(`【Passport Login】bad params, area:${area} account:${username} password:${password}`); | 41 | logger.info(`【Passport Login】bad params, area:${area} account:${username} password:${password}`); |
| 42 | - return done('登录参数错误', null); | 42 | + return done({message: '登录参数错误'}, null); |
| 43 | } | 43 | } |
| 44 | 44 | ||
| 45 | let verifyEmail = helpers.verifyEmail(username); | 45 | let verifyEmail = helpers.verifyEmail(username); |
| @@ -47,13 +47,19 @@ passport.use(new LocalStrategy({ | @@ -47,13 +47,19 @@ passport.use(new LocalStrategy({ | ||
| 47 | 47 | ||
| 48 | if (!verifyEmail && !verifyMobile) { | 48 | if (!verifyEmail && !verifyMobile) { |
| 49 | logger.info(`【Passport Login】bad account, email:${verifyEmail} mobile:${verifyMobile}`); | 49 | logger.info(`【Passport Login】bad account, email:${verifyEmail} mobile:${verifyMobile}`); |
| 50 | - return done('登录账号格式错误', null); | 50 | + return done({message: '登录账号格式错误'}, null); |
| 51 | } | 51 | } |
| 52 | 52 | ||
| 53 | let expire = req.cookies['LE' + md5('_LOGIN_EXPIRE')]; | 53 | let expire = req.cookies['LE' + md5('_LOGIN_EXPIRE')]; |
| 54 | 54 | ||
| 55 | if (_.isEmpty(expire) || expire < (new Date()).getTime() / 1000) { | 55 | if (_.isEmpty(expire) || expire < (new Date()).getTime() / 1000) { |
| 56 | - return done('页面停留时间过长,请刷新页面', null); | 56 | + return done({message: '页面停留时间过长,请刷新页面'}, null); |
| 57 | + } | ||
| 58 | + | ||
| 59 | + let verifyCode = req.body.captcha; | ||
| 60 | + | ||
| 61 | + if (verifyCode && verifyCode !== req.session.captcha) { | ||
| 62 | + return done({message: '验证码不正确或验证码过期', needCaptcha: true}, null); | ||
| 57 | } | 63 | } |
| 58 | 64 | ||
| 59 | let shoppingKey = cookie.getShoppingKey(req); | 65 | let shoppingKey = cookie.getShoppingKey(req); |
| @@ -72,15 +78,12 @@ passport.use(new LocalStrategy({ | @@ -72,15 +78,12 @@ passport.use(new LocalStrategy({ | ||
| 72 | let accountTimes = parseInt(times[1], 0) || 0; | 78 | let accountTimes = parseInt(times[1], 0) || 0; |
| 73 | let ipTimes = parseInt(times[2], 0) || 0; | 79 | let ipTimes = parseInt(times[2], 0) || 0; |
| 74 | 80 | ||
| 75 | - console.log(errLoginTimes); | ||
| 76 | - | ||
| 77 | if (accountTimes >= 10) { | 81 | if (accountTimes >= 10) { |
| 78 | done({ message: '您的账号已被暂时锁定,请稍后再试' }, null); | 82 | done({ message: '您的账号已被暂时锁定,请稍后再试' }, null); |
| 79 | } else if (ipTimes >= 100) { | 83 | } else if (ipTimes >= 100) { |
| 80 | done({ message: '您尝试的次数过多,账号已被暂时锁定,请稍后再试' }, null); | 84 | done({ message: '您尝试的次数过多,账号已被暂时锁定,请稍后再试' }, null); |
| 81 | } else { | 85 | } else { |
| 82 | return AuthHelper.signin(area, username, password, shoppingKey).then((result) => { | 86 | return AuthHelper.signin(area, username, password, shoppingKey).then((result) => { |
| 83 | - console.log(result); | ||
| 84 | if (result.code && result.code === 200 && result.data.uid) { | 87 | if (result.code && result.code === 200 && result.data.uid) { |
| 85 | cache.del(errorLoginKey); | 88 | cache.del(errorLoginKey); |
| 86 | 89 |
| @@ -48,7 +48,7 @@ const validateInputAPI = (req, res, next) => { | @@ -48,7 +48,7 @@ const validateInputAPI = (req, res, next) => { | ||
| 48 | /** | 48 | /** |
| 49 | * 校验用户输入信息,是否是已经注册的用户 | 49 | * 校验用户输入信息,是否是已经注册的用户 |
| 50 | */ | 50 | */ |
| 51 | -const validateUserPage = (req, res, next) => { | 51 | +const validateInputPage = (req, res, next) => { |
| 52 | let userInput = req.body.phoneNum || ''; | 52 | let userInput = req.body.phoneNum || ''; |
| 53 | let areaCode = (req.body.area || '86').replace('+', ''); | 53 | let areaCode = (req.body.area || '86').replace('+', ''); |
| 54 | 54 | ||
| @@ -78,6 +78,7 @@ const sendCodePage = (req, res, next) => { | @@ -78,6 +78,7 @@ const sendCodePage = (req, res, next) => { | ||
| 78 | service.sendCodeToUserAsync(inputInfo.type, inputInfo.phone, inputInfo.area) | 78 | service.sendCodeToUserAsync(inputInfo.type, inputInfo.phone, inputInfo.area) |
| 79 | .then(result => { | 79 | .then(result => { |
| 80 | if (!(result.code && result.code === 200)) { | 80 | if (!(result.code && result.code === 200)) { |
| 81 | + console.log(result); | ||
| 81 | return res.redirect(helpers.urlFormat('/passport/back/index')); | 82 | return res.redirect(helpers.urlFormat('/passport/back/index')); |
| 82 | } | 83 | } |
| 83 | 84 | ||
| @@ -98,6 +99,7 @@ const saveInSession = (req, res) => { | @@ -98,6 +99,7 @@ const saveInSession = (req, res) => { | ||
| 98 | { | 99 | { |
| 99 | req.session.mobile = req.inputInfo.phone; | 100 | req.session.mobile = req.inputInfo.phone; |
| 100 | req.session.area = req.inputInfo.area; | 101 | req.session.area = req.inputInfo.area; |
| 102 | + req.session.verifyCode = req.session.captcha; | ||
| 101 | res.redirect(helpers.urlFormat('/passport/back/verification')); | 103 | res.redirect(helpers.urlFormat('/passport/back/verification')); |
| 102 | break; | 104 | break; |
| 103 | } | 105 | } |
| @@ -138,9 +140,9 @@ const validateEmailInSession = (req, res, next) => { | @@ -138,9 +140,9 @@ const validateEmailInSession = (req, res, next) => { | ||
| 138 | return res.redirect(helpers.urlFormat('/passport/back/index')); | 140 | return res.redirect(helpers.urlFormat('/passport/back/index')); |
| 139 | } | 141 | } |
| 140 | 142 | ||
| 141 | - let isp = email.split('@')[1]; | 143 | + let isp = email.split('@')[1].toLowerCase(); |
| 142 | const mapperEmailISP = { | 144 | const mapperEmailISP = { |
| 143 | - 'yoho.cn': 'http://smail.yoho.cn' | 145 | + 'yoho.cn': 'http://exmail.qq.com/login' |
| 144 | }; | 146 | }; |
| 145 | 147 | ||
| 146 | req.body.emailUrl = mapperEmailISP[isp] || `http://mail.${isp}`; | 148 | req.body.emailUrl = mapperEmailISP[isp] || `http://mail.${isp}`; |
| @@ -254,9 +256,9 @@ const resetPwdSuccessPage = (req, res, next) => { | @@ -254,9 +256,9 @@ const resetPwdSuccessPage = (req, res, next) => { | ||
| 254 | }; | 256 | }; |
| 255 | 257 | ||
| 256 | const verifyCodeByMobileAPI = (req, res) => { | 258 | const verifyCodeByMobileAPI = (req, res) => { |
| 257 | - let mobile = req.param('mobile', ''); | ||
| 258 | - let area = req.param('area', '86'); | ||
| 259 | - let mobileCode = req.param('code', ''); | 259 | + let mobile = req.body.mobile || ''; |
| 260 | + let area = req.body.area || '86'; | ||
| 261 | + let mobileCode = req.body.code || ''; | ||
| 260 | const ERR = { | 262 | const ERR = { |
| 261 | code: 400, | 263 | code: 400, |
| 262 | message: '验证码错误!', | 264 | message: '验证码错误!', |
| @@ -279,7 +281,6 @@ const verifyCodeByMobileAPI = (req, res) => { | @@ -279,7 +281,6 @@ const verifyCodeByMobileAPI = (req, res) => { | ||
| 279 | }; | 281 | }; |
| 280 | 282 | ||
| 281 | const validateExistCodePage = (req, res, next) => { | 283 | const validateExistCodePage = (req, res, next) => { |
| 282 | - | ||
| 283 | let code = req.query.code || req.body.code; | 284 | let code = req.query.code || req.body.code; |
| 284 | 285 | ||
| 285 | if (!code) { | 286 | if (!code) { |
| @@ -343,7 +344,7 @@ const updatePwdAPI = (req, res, next) => { | @@ -343,7 +344,7 @@ const updatePwdAPI = (req, res, next) => { | ||
| 343 | 344 | ||
| 344 | const validateMobileInSession = (req, res, next) => { | 345 | const validateMobileInSession = (req, res, next) => { |
| 345 | req.body.mobile = req.session.mobile || ''; | 346 | req.body.mobile = req.session.mobile || ''; |
| 346 | - req.body.verifyCode = req.session.verifyCode || ''; | 347 | + req.body.verifyCode = req.session.captcha || ''; |
| 347 | req.body.area = req.session.area || ''; | 348 | req.body.area = req.session.area || ''; |
| 348 | 349 | ||
| 349 | if (!(req.body.mobile && req.body.verifyCode)) { | 350 | if (!(req.body.mobile && req.body.verifyCode)) { |
| @@ -371,7 +372,7 @@ module.exports = { | @@ -371,7 +372,7 @@ module.exports = { | ||
| 371 | resetPwdSuccessPage, // 重设密码成功页面 | 372 | resetPwdSuccessPage, // 重设密码成功页面 |
| 372 | 373 | ||
| 373 | validateInputAPI, // 验证用户输入的邮箱或者手机是否合法,返回是json | 374 | validateInputAPI, // 验证用户输入的邮箱或者手机是否合法,返回是json |
| 374 | - validateUserPage, // 验证用户输入的邮箱或者手机是否合法,跳转是页面 | 375 | + validateInputPage, // 验证用户输入的邮箱或者手机是否合法,跳转是页面 |
| 375 | 376 | ||
| 376 | validateEmailInSession, // 验证邮箱是否在session中 | 377 | validateEmailInSession, // 验证邮箱是否在session中 |
| 377 | validateMobileInSession, // 验证手机是否在session中 | 378 | validateMobileInSession, // 验证手机是否在session中 |
| @@ -4,13 +4,11 @@ | @@ -4,13 +4,11 @@ | ||
| 4 | 4 | ||
| 5 | 'use strict'; | 5 | 'use strict'; |
| 6 | 6 | ||
| 7 | -const Captchapng = require('captchapng'); | ||
| 8 | -const _ = require('lodash'); | ||
| 9 | - | 7 | +const captchaService = require('../models/captcha-service'); |
| 10 | const helpers = global.yoho.helpers; | 8 | const helpers = global.yoho.helpers; |
| 11 | 9 | ||
| 12 | const requiredAPI = (req, res, next) => { | 10 | const requiredAPI = (req, res, next) => { |
| 13 | - let captchaToken = +(req.body.verifyCode || '').toLowerCase(); | 11 | + let captchaToken = req.body.verifyCode || ''; |
| 14 | 12 | ||
| 15 | if (captchaToken === req.session.captcha) { | 13 | if (captchaToken === req.session.captcha) { |
| 16 | return next(); | 14 | return next(); |
| @@ -23,7 +21,7 @@ const requiredAPI = (req, res, next) => { | @@ -23,7 +21,7 @@ const requiredAPI = (req, res, next) => { | ||
| 23 | }; | 21 | }; |
| 24 | 22 | ||
| 25 | const requiredPage = (req, res, next) => { | 23 | const requiredPage = (req, res, next) => { |
| 26 | - let captchaToken = +(req.body.verifyCode || '').toLowerCase(); | 24 | + let captchaToken = req.body.verifyCode || ''; |
| 27 | 25 | ||
| 28 | if (captchaToken === req.session.captcha) { | 26 | if (captchaToken === req.session.captcha) { |
| 29 | return next(); | 27 | return next(); |
| @@ -32,28 +30,11 @@ const requiredPage = (req, res, next) => { | @@ -32,28 +30,11 @@ const requiredPage = (req, res, next) => { | ||
| 32 | } | 30 | } |
| 33 | }; | 31 | }; |
| 34 | 32 | ||
| 35 | - | ||
| 36 | -const _generateCaptcha = (width, height, length) => { | ||
| 37 | - let min = Math.pow(10, (length - 1 || 1)); | ||
| 38 | - let max = Math.pow(10, (length - 1 || 1)) * 9; | ||
| 39 | - let token = '' + _.random(min, max); | ||
| 40 | - | ||
| 41 | - let png = new Captchapng(width, height, token);// | ||
| 42 | - | ||
| 43 | - png.color(0, 0, 0, 0); // First color: background (red, green, blue, alpha) | ||
| 44 | - png.color(80, 80, 80, 255); // Second color: paint (red, green, blue, alpha) | ||
| 45 | - | ||
| 46 | - return { | ||
| 47 | - image: new Buffer(png.getBase64(), 'base64'), | ||
| 48 | - text: token | ||
| 49 | - }; | ||
| 50 | -}; | ||
| 51 | - | ||
| 52 | const generate = (req, res) => { | 33 | const generate = (req, res) => { |
| 53 | let width = req.query.w || 150; | 34 | let width = req.query.w || 150; |
| 54 | let height = req.query.h || 50; | 35 | let height = req.query.h || 50; |
| 55 | let length = +(req.query.l || 4); | 36 | let length = +(req.query.l || 4); |
| 56 | - let captcha = _generateCaptcha(width, height, length); | 37 | + let captcha = captchaService.generateCaptcha(width, height, length); |
| 57 | 38 | ||
| 58 | req.session.captcha = captcha.text; | 39 | req.session.captcha = captcha.text; |
| 59 | res.writeHead(200, { | 40 | res.writeHead(200, { |
| @@ -91,7 +91,6 @@ const common = { | @@ -91,7 +91,6 @@ const common = { | ||
| 91 | 91 | ||
| 92 | cache.get(errorLoginKey).then(errloginTimes => { | 92 | cache.get(errorLoginKey).then(errloginTimes => { |
| 93 | errloginTimes = parseInt(errloginTimes, 0) || 0; | 93 | errloginTimes = parseInt(errloginTimes, 0) || 0; |
| 94 | - console.log(errloginTimes); | ||
| 95 | if (!isNaN(errloginTimes) && errloginTimes >= 3) { | 94 | if (!isNaN(errloginTimes) && errloginTimes >= 3) { |
| 96 | result.data = { needCaptcha: true }; | 95 | result.data = { needCaptcha: true }; |
| 97 | } | 96 | } |
apps/passport/models/captcha-service.js
0 → 100644
| 1 | +/** | ||
| 2 | + * Created by TaoHuang on 2016/7/1. | ||
| 3 | + */ | ||
| 4 | + | ||
| 5 | +'use strict'; | ||
| 6 | + | ||
| 7 | +const _ = require('lodash'); | ||
| 8 | +const Captchapng = require('captchapng'); | ||
| 9 | + | ||
| 10 | +exports.generateCaptcha = (width, height, length) => { | ||
| 11 | + let min = Math.pow(10, (length - 1 || 1)); | ||
| 12 | + let max = Math.pow(10, (length - 1 || 1)) * 9; | ||
| 13 | + let token = '' + _.random(min, max); | ||
| 14 | + | ||
| 15 | + let png = new Captchapng(width, height, token);// | ||
| 16 | + | ||
| 17 | + png.color(0, 0, 0, 0); // First color: background (red, green, blue, alpha) | ||
| 18 | + png.color(80, 80, 80, 255); // Second color: paint (red, green, blue, alpha) | ||
| 19 | + | ||
| 20 | + return { | ||
| 21 | + image: new Buffer(png.getBase64(), 'base64'), | ||
| 22 | + text: token | ||
| 23 | + }; | ||
| 24 | +}; |
| @@ -84,14 +84,14 @@ router.post('/back/authcode', | @@ -84,14 +84,14 @@ router.post('/back/authcode', | ||
| 84 | // 提交按钮邮件API | 84 | // 提交按钮邮件API |
| 85 | router.post('/back/email', | 85 | router.post('/back/email', |
| 86 | captcha.requiredPage, | 86 | captcha.requiredPage, |
| 87 | - back.validateUserPage, | 87 | + back.validateInputPage, |
| 88 | back.sendCodePage, | 88 | back.sendCodePage, |
| 89 | back.saveInSession); | 89 | back.saveInSession); |
| 90 | 90 | ||
| 91 | // 提交按钮手机API | 91 | // 提交按钮手机API |
| 92 | router.post('/back/mobile', | 92 | router.post('/back/mobile', |
| 93 | captcha.requiredPage, | 93 | captcha.requiredPage, |
| 94 | - back.validateUserPage, | 94 | + back.validateInputPage, |
| 95 | back.sendCodePage, | 95 | back.sendCodePage, |
| 96 | back.saveInSession); | 96 | back.saveInSession); |
| 97 | 97 | ||
| @@ -108,7 +108,6 @@ router.get('/back/sendEmail', | @@ -108,7 +108,6 @@ router.get('/back/sendEmail', | ||
| 108 | */ | 108 | */ |
| 109 | // 验证手机短信页面 | 109 | // 验证手机短信页面 |
| 110 | router.get('/back/verification', | 110 | router.get('/back/verification', |
| 111 | - captcha.requiredPage, | ||
| 112 | back.validateMobileInSession, | 111 | back.validateMobileInSession, |
| 113 | back.verifyCodeByMobilePage); | 112 | back.verifyCodeByMobilePage); |
| 114 | 113 |
| @@ -11,6 +11,7 @@ const isTest = process.env.NODE_ENV === 'test'; | @@ -11,6 +11,7 @@ const isTest = process.env.NODE_ENV === 'test'; | ||
| 11 | 11 | ||
| 12 | module.exports = { | 12 | module.exports = { |
| 13 | app: 'web', | 13 | app: 'web', |
| 14 | + appVersion: '4.6.0', // 调用api的版本 | ||
| 14 | port: 6002, | 15 | port: 6002, |
| 15 | siteUrl: 'http://www.yohobuy.com', | 16 | siteUrl: 'http://www.yohobuy.com', |
| 16 | domains: { | 17 | domains: { |
-
Please register or login to post a comment