user.js 3.73 KB
'use strict';

const _ = require('lodash');
const cookie = global.yoho.cookie;
const authcode = require('../../utils/authcode');
const config = global.yoho.config;
const logger = global.yoho.logger;

module.exports = () => {
    return (req, res, next) => {

        if (!req.yoho.isApp) {
            // 从 SESSION 中获取到当前登录用户的 UID
            if (req.session && _.isNumber(req.session.LOGIN_UID)) {
                // 调用接口传参时切勿使用toString获得字符串
                req.user.uid = {
                    toString: () => {
                        return _.parseInt(req.session.LOGIN_UID);
                    },
                    sessionKey: req.session.SESSION_KEY
                };
                let userData = _.get(req.session, 'USER', {});

                _.merge(req.user, userData);
            }

            // session 没有读取到的时候,从 cookie 读取 UID
            if (!req.user.uid && req.cookies._UID) {
                let sessionKey = req.cookies._SESSION_KEY &&
                    authcode(req.cookies._SESSION_KEY, '_SESSION_KEY', 2592000000);

                // 调用接口传参时切勿使用toString获得字符串
                req.user.uid = {
                    toString: () => {
                        return _.parseInt(cookie.getUid(req));
                    },
                    sessionKey
                };
            }
        } else {
            if (!req.user.uid &&
                (
                    (req.query.uid && req.query.uid !== '0') ||
                    (
                        req.cookies.app_uid &&
                        req.cookies.app_uid !== '0' &&
                        req.cookies.app_version &&
                        req.cookies.app_client_type
                    )
                )
            ) {
                let appUid = req.query.uid || req.cookies.app_uid;
                let appVersion = req.query.app_version || req.cookies.app_version || config.appVersion;
                let appSessionType = req.query.client_type || req.cookies.app_client_type;
                let sessionKey = req.query.session_key || req.cookies.app_session_key;

                if (req.query.app_version && req.query.client_type) {
                    logger.warn(`app session from querystring, url:${req.originalUrl}`);
                }

                req.user.uid = req.query.uid = {
                    toString: () => {
                        return _.parseInt(appUid);
                    },
                    appVersion: appVersion,
                    sessionKey: sessionKey,
                    appSessionType: appSessionType
                };

                // 此处 cookie 为了 pagecache 放到前端去写
                // res.cookie('app_uid', appUid.toString());
                // res.cookie('app_version', appVersion);
                // res.cookie('app_client_type', appSessionType);
            }

            if (!req.user.uid &&
                req.cookies.app_uid &&
                req.cookies.app_uid !== '0' &&
                req.cookies.app_session_key &&
                req.cookies.app_version &&
                req.cookies.app_client_type) {
                // 调用接口传参时切勿使用toString获得字符串
                req.user.uid = {
                    toString: () => {
                        return _.parseInt(req.cookies.app_uid);
                    },
                    sessionKey: req.cookies.app_session_key,
                    appVersion: req.cookies.app_version || req.query.app_version || config.appVersion,
                    appSessionType: req.cookies.app_client_type
                };
            }
        }

        res.locals.isLogin = Boolean(req.user.uid); // 用户是否登录
        next();
    };
};