auth.js
4.48 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
/**
* 认证中间件
* @author h1bomb
*/
var _= require('lodash');
var ipaddr = require('ipaddr.js');
var options=require('../staticConfig.js').staticDir;
var author=require("../stub/service/auth");
/**
* 不需要权限校验配置
*/
var guestAccessList = {
"POST:/login":true,
"GET:/logout":true
}
var NO_AUTH = '没有权限!';
var WEBSITE = 2;
var CSS_FILE = '/dist/login.css';
var STATIC_PATH = '';
var env = process.env.NODE_ENV || 'development';
//设置对于环境环境
if(env!=='development') {
CSS_FILE = options[env].path+'/login.css';
STATIC_PATH = options[env].path;
}
/**
* 认证中间件
* @param {Object} req 请求对象
* @param {Object} res 响应对象
* @param {Function} next 执行下个中间件
* @return {void} 无返回
*/
module.exports = function(req, res, next) {
//方法名称
var method = req.method;
function nextRedirect(method,path){
//进行白名单验证和session验证
if(guestAccessList[method+":"+path]||req.session.user) {
//判断是否已存在appendData
if(!res.appendData) {
res.appendData = _.cloneDeep(req.session.user);
} else {
res.appendData = _.merge({},res.appendData,req.session.user);
}
//添加当前菜单激活
addActiveMenu(req,res);
//添加管理员信息到http头
if(req.session.user) {
appendAdminInfo(req,req.session.user.auth);
}
next();
} else {
req.app.logger.log('info',"CurentView:Login");
//如果是登陆界面不加载布局
res.render('pages/login',{layout:false,cssfile:CSS_FILE,path:STATIC_PATH});
}
}
function filterOriginalUrl(path){
if(!/\.\w+/.test(path)){
return path.replace(/\?.+/,'');
}
return "";
}
//访问路由路径
var path = req.route?req.route.path:filterOriginalUrl(req.originalUrl);
if(req.session.user) {
if(guestAccessList[method+":"+path]){
nextRedirect(method,path);
return;
}
/*判断权限*/
if(path&&req.session.user.allRight[path]){
author.validateAuthor(req.session.user.auth.pid,req.session.user.auth.role_id,path,function(data){
if(data.code!=200){
res.status(403);
res.render('error/error_nolayout',{message:NO_AUTH,layout:false,cssfile:CSS_FILE});
return;
}
nextRedirect(method,path);
});
}else{
nextRedirect(method,path);
}
}else{
nextRedirect(method,path);
}
}
/**
* 添加当前激活的菜单
* @param {Object} req 请求对象
* @param {Object} res 返回对象
*/
function addActiveMenu(req,res) {
var curUrl = req.originalUrl;
var lastOpen = req.headers['referer'];
var hasActive = false;
if(!res.appendData||!res.appendData.menu) {
return;
}
var menu = _.cloneDeep(res.appendData.menu);
function loop(list,condition) {
_.forEach(menu,function(v,k) {
_.forEach(v.menu,function(val,key) {
if(condition(val.href,curUrl)) {
v.active = 'active';
val.active = 'active';
hasActive = true;
}
});
});
}
loop(menu,function(url) { return url === curUrl;});
if(!hasActive && lastOpen) {
loop(menu,function(url) { return lastOpen.indexOf(url)>-1;});
}
res.appendData.menu = menu;
}
/**
* 检查路径是否没有权限
* @param {String} path
* @param {Object} req
* @return {Boolean}
*/
function checkPath(path,req) {
var right = req.session.user.noRight;
var ret = true;
_.forEach(right,function(v,k){
if(path.indexOf(k)>-1) {
ret = false;
return;
}
});
return ret;
}
/**
* 附加管理员的信息
* @param {Request} req 请求对象
* @param {Number} uid 用户ID
* @param {String} name 用户名
* @return {Object} 用户信息对象
*/
function appendAdminInfo(req,auth) {
var ipObject = ipaddr.process(req.ip).octets;
var ip = ipObject?ipObject.join('.'):req.ip;
req._yoheaders = {
'x-user-id':auth.pid,
'x-user-name':auth.account,
'x-site-type':WEBSITE,
'x-client-ip':ip,
'x-shop-id':auth.shopId
};
}