/** * 控制路由请求次数 * @date: 2018/03/05 */ 'use strict'; const _ = require('lodash'); const cache = global.yoho.cache.master; const helpers = global.yoho.helpers; const pathToRegexp = require('path-to-regexp'); const logger = global.yoho.logger; const md5 = require('md5'); const statusCode = { code: 4403, data: {}, message: '亲,您的访问次数过多,请稍后再试哦...' }; const INVALIDTIME = 3600 * 24; // 24h const IP_WHITE_LIST = [ '106.38.38.146', '106.38.38.147', '106.39.86.227', '218.94.75.58', '218.94.75.50', '218.94.77.166' ]; const _jumpUrl = (req, res, next, result) => { if (result.code === 4403) { if (req.xhr) { res.set({ 'Cache-Control': 'no-cache', Pragma: 'no-cache', Expires: (new Date(1900, 0, 1, 0, 0, 0, 0)).toUTCString() }); return res.status(403).json(result); } return res.redirect(`${result.data.url}&refer=${req.originalUrl}`); } return next(); }; module.exports = () => { return (req, res, next) => { // default open if (_.get(req.app.locals.pc, 'close.risk', false)) { return next(); } let ip = _.get(req.yoho, 'clientIp', ''); let path = req.path || ''; let risks = _.get(req.app.locals.pc, 'json.risk', []); let router = {}; logger.debug(`risk => risks: ${JSON.stringify(risks)}, path: ${path}, ip: ${ip}`); // eslint-disable-line if (_.isEmpty(path) || _.isEmpty(risks) || IP_WHITE_LIST.indexOf(ip) > -1) { return next(); } _.isArray(risks) && risks.some(item => { if (item.state === 'off') { return false; } if (!item.regRoute) { item.regRoute = pathToRegexp(item.route); item.interval = parseInt(item.interval, 10); item.requests = parseInt(item.requests, 10); } if (item.regRoute.test(path)) { router = item; return true; } return false; }); logger.debug(`risk => router: ${JSON.stringify(router)}, path: ${path}`); // eslint-disable-line if (_.isEmpty(router)) { return next(); } let keyPath = md5(`${router.regRoute}`); let limitKey = `pc:risk:limit:${keyPath}:${ip}`; let configKey = `pc:risk:${keyPath}:${ip}`; let checkUrl = helpers.urlFormat('/3party/check', { pid: `pc:risk:limit:${keyPath}` }); return Promise.all([ cache.getAsync(limitKey), cache.getAsync(configKey), ]).then(inters => { logger.debug(`risk => getCache: ${JSON.stringify(inters)}, path: ${path}`); // eslint-disable-line if (inters[0]) { return Object.assign({}, statusCode, {data: {url: checkUrl}}); } if (typeof inters[1] === 'undefined') { cache.setAsync(configKey, 1, router.interval || 300); return {code: 200}; } inters[1] = parseInt(`0${inters[1]}`, 10); if (inters[1] <= router.requests) { router = []; cache.incrAsync(configKey, 1); return {code: 200}; } return Promise.all([ cache.setAsync(limitKey, 1, INVALIDTIME), cache.delAsync(configKey) ]).then(() => { return Object.assign({}, statusCode, {data: {url: checkUrl}}); }); }).then(result => { logger.debug(`risk => result: ${JSON.stringify(result)}, path: ${path}`); // eslint-disable-line return _jumpUrl(req, res, next, result); }).catch(e => { console.log(`risk => path: ${path}, err: ${e.message}`); return next(); }); }; };