fe / yohobuy-portal-fe · Commits

Go to a project

Authored by 王钱钧
Commit bf10b88ef3177a47cab1cdaf42b4bc9e7a872055 1 parent 564ff58c

回退master分支登陆代码。

Inline Side-by-side
Showing 3 changed files with 74 additions and 150 deletions
... ... @@ -8,9 +8,6 @@ var _= require('lodash');
var ipaddr = require('ipaddr.js');
var options=require('../staticConfig.js').staticDir;
var author=require("../stub/service/auth");
/**
* 不需要权限校验配置
*/
... ... @@ -45,7 +42,14 @@ module.exports = function(req, res, next) {
//方法名称
var method = req.method;
function nextRedirect(method,path){
//访问路由路径
var path = req.route?req.route.path:'';
if(req.session.user&&!checkPath(req.path,req)) {
res.status(403);
res.render('error/error_nolayout',{message:NO_AUTH,layout:false,cssfile:CSS_FILE});
return;
}
//进行白名单验证和session验证
if(guestAccessList[method+":"+path]||req.session.user) {
//判断是否已存在appendData
... ... @@ -69,38 +73,6 @@ module.exports = function(req, res, next) {
//如果是登陆界面不加载布局
res.render('pages/login',{layout:false,cssfile:CSS_FILE});
}
}
function filterOriginalUrl(path){
if(!/\.\w+/.test(path)){
return path.replace(/\?.+/,'');
}
return "";
}
//访问路由路径
var path = req.route?req.route.path:filterOriginalUrl(req.originalUrl);
if(req.session.user) {
if(guestAccessList[method+":"+path]){
nextRedirect(method,path);
return;
}
/*判断权限*/
if(path&&req.session.user.allRight[path]){
author.validateAuthor(req.session.user.auth.pid,req.session.user.auth.role_id,path,function(data){
if(data.code!=200){
res.status(403);
res.render('error/error_nolayout',{message:NO_AUTH,layout:false,cssfile:CSS_FILE});
return;
}
nextRedirect(method,path);
});
}else{
nextRedirect(method,path);
}
}else{
nextRedirect(method,path);
}
// nextRedirect(method,path);
}
/**
... ... @@ -138,6 +110,24 @@ function addActiveMenu(req,res) {
}
/**
* 检查路径是否没有权限
* @param {String} path
* @param {Object} req
* @return {Boolean}
*/
function checkPath(path,req) {
var right = req.session.user.noRight;
var ret = true;
_.forEach(right,function(v,k){
if(path.indexOf(k)>-1) {
ret = false;
return;
}
});
return ret;
}
/**
* 附加管理员的信息
* @param {Request} req 请求对象
* @param {Number} uid 用户ID
... ...
... ... @@ -6,7 +6,6 @@ var request = require('request');
var config = require('../config/gray');
var _ = require('lodash');
var fs = require('fs');
/**
* 灰度界面配置
... ... @@ -33,6 +32,7 @@ module.exports = function(proxyRoute) {
//如果新系统路由没有,代理到老平台
if(!proxyRoute.interfacesConfig[key]) {
//老系统调用地址
var callUrl = config.url + req.originalUrl;
var options = {
... ... @@ -45,7 +45,6 @@ module.exports = function(proxyRoute) {
}
//删除提交内容长度,代理会改变长度
delete options.headers['content-length'];
delete options.headers["accept-encoding"];
//设置代理host
options.headers['host'] = config.url.replace('http://','');
if(!req.session.gray) {
... ... @@ -53,23 +52,18 @@ module.exports = function(proxyRoute) {
} else {
options.headers['cookie'] = req.session.gray;
}
if(req.files && _.keys(req.files).length>0) {
options.formData = addFiles(req);
delete options.form;
}
logger.log('info','grayroute: request options: %j',options,{});
//发起代理请求
if(req.headers['accept'].indexOf('text/html')>-1||req.xhr) {
if(req.is('html')) {
request(options,function(err,res,body) {
if(err) {
logger.log('error','grayroute: request error:',err);
ress.status(500).send('');
} else if(res&&res.statusCode === 302) {
//跳转
ress.redirect(res.caseless.get('location'));
}else {
request(options).pipe(ress);
} else {
setGrayCookie(req,res);
ress.status(res.statusCode).send(body);
}
});
} else {
... ... @@ -93,15 +87,17 @@ module.exports = function(proxyRoute) {
}
}
/**
* 添加文件到body中
* @param {Object} req 请求对象
/**
* 灰度cookie设置
* @param {Object} req express request
* @param {Object} res request的响应
*/
function addFiles(req) {
var body = {};
_.forEach(req.files,function(v,k){
body[k] = fs.createReadStream(v.path);
});
_.merge(body,req.body);
return body;
function setGrayCookie(req,res) {
//cookie透传到老系统
var cookie = res.caseless.get('set-cookie');
//如果没有设置到session
if(cookie && cookie.length>0 && !req.session.gray) {
req.session.gray = cookie[0];
}
return cookie;
}
\ No newline at end of file
... ...
... ... @@ -25,7 +25,11 @@ var errorMessage = {
util.setLogger(res.app.logger);
var options = {
url:oldService.login,
form:'["'+user+'","'+password+'",'+WEBSITE+']'//'["zhiyuan","lzy111111",1]'//
form:{
account:user,
password:password,
website:WEBSITE
}
}
//调用登陆
... ... @@ -34,9 +38,8 @@ var errorMessage = {
res.json(errorMessage);
return;
} else {
console.log(ret);
//调用菜单
_callGetMenu(ret.data.pid,ret.data.role_id,function(err,data){
_callGetMenu(ret.data.pid,function(err,data){
if(err) {
res.json(errorMessage);
} else {
... ... @@ -44,11 +47,10 @@ var errorMessage = {
var userInfo = {
auth:userData,
menu:data.menu,
allRight:data.allRight
noRight:data.noRight
}
userInfo.auth.uid = userData.pid;
userInfo.auth.name = userData.truename;
res.json({
code:20003,
data:userInfo
... ... @@ -64,23 +66,26 @@ var errorMessage = {
* @param {Number} pid 操作员ID
* @param {Function} callback 回调
*/
function _callGetMenu(pid,roleid,callback) {
function _callGetMenu(pid,callback) {
var options = {
url:oldService.getResourceByPid,
form:'['+pid+','+roleid+','+WEBSITE+']'
form:{
pid:pid,
website:WEBSITE
}
}
console.log(options);
util.httpCall(options,function(err,ret){
if(err) {
callback(err);
} else {
var menuData = {menu:[],right:{}};
if(ret.data) {
if(ret.data && ret.data.length>0) {
menuData = _makeMenu(ret.data);
}
_getAllRight(function(ret){
menuData.allRight = ret;
_getAllMenu(function(ret){
menuData.noRight = filterRight(ret,menuData);
delete menuData.right;
callback(null,menuData);
});
... ... @@ -97,17 +102,14 @@ console.log(options);
function filterRight(ret,menuData) {
var noRight = {};
//匹配没有权限
for(var key in ret){
var item=ret[key];
for(var i in item.sub){
var v=item.sub[i];
if(v.menu_url!=='') {
if(!menuData.right[v.menu_url]) {
noRight[v.menu_url] = true;
}
}
_.forEach(ret,function(v,k){
if(v.module_url!=='') {
if(!menuData.right[v.module_url]) {
noRight[v.module_url] = true;
}
}
});
return noRight;
}
... ... @@ -118,7 +120,7 @@ function filterRight(ret,menuData) {
function _getAllMenu (callback) {
var options = {
url:oldService.getAllResByWebsite+'?website='+WEBSITE+'&sort=',
form:'['+WEBSITE+']'
method:'GET'
}
util.httpCall(options,function(err,ret){
... ... @@ -138,94 +140,30 @@ function _getAllMenu (callback) {
function _makeMenu (data) {
var menu = [];
var right = {};
for(var key in data){
var v=data[key];
_.forEach(data,function(v){
var item = {
title:v.menu_name,
title:v.resource_name,
}
if(v.parent_id === "0") {
item.parent = 'menu-template';
var itemSubs = [];
_.forEach(v.sub,function(val) {
var sub = {
title:val.menu_name,
href:val.menu_url,
title:val.resource_name,
href:val.module_url,
icon: 'list-alt'
}
right[val.menu_url] = true;
right[val.module_url] = true;
itemSubs.push(sub);
});
item.menu = itemSubs;
}
menu.push(item);
}
// _.forEach(data,function(v){
// var item = {
// title:v.menu_name,
// }
// if(v.parent_id === "0") {
// item.parent = 'menu-template';
// var itemSubs = [];
// _.forEach(v.sub,function(val) {
// console.log(v.sub);
// var sub = {
// title:val.menu_name,
// href:val.menu_url,
// icon: 'list-alt'
// }
// right[val.menu_url] = true;
// itemSubs.push(sub);
// });
// item.menu = itemSubs;
// }
// menu.push(item);
// });
});
return {
menu:menu,
right:right
};
}
/**
* 验证权限
*/
exports.validateAuthor=function(pid,roleid,path,callback){
var options = {
url:oldService.isUsedMenuAuth,
form:'['+pid+','+roleid+', "'+path+'", "", "", '+WEBSITE+']'
}
util.httpCall(options,function(err,ret){
if(err) {
callback({});
} else {
callback(ret.data);
}
});
}
function _getAllRight(callback){
var options = {
url:oldService.allRight,
form:'[false]'
}
console.log(options);
util.httpCall(options,function(err,ret){
if(err) {
callback({});
} else {
var map={};
ret.data.forEach(function(data){
console.log(data);
if(data.platform_id==WEBSITE){
map[data.path]=true;
}
});
callback(map);
}
});
}
... ...