auth-helper.js 5.96 KB
'use strict';
const _ = require('lodash');
const aes = require('./aes-pwd');
const authcode = require('../../../utils/authcode');
const logger = global.yoho.logger;
const sign = global.yoho.sign;
const api = global.yoho.API;
const uuid = require('uuid');
const url = require('url');
const md5 = require('yoho-md5');
const moment = require('moment');
const querystring = require('querystring');
const thirdAccount = require('../data/third-account.json');
const FROM = require('../../../config/from');

class Auth {

    static signin(area, profile, password, shoppingKey) {
        let param = {
            method: 'app.passport.signin',
            area: area,
            profile: profile,
            password: password
        };

        if (shoppingKey) {
            param.shopping_key = shoppingKey;
        }

        return api.post('', param);
    }

    static signinAes(area, profile, password, shoppingKey, ip, isSkip, from) {
        let param = {
            method: 'sesame.flowering.higher',
            area: area,
            profile: profile,
            password: aes.aesPwd(password),
            isSkip: isSkip ? isSkip : 'N',
            business_line: FROM[from]
        };

        if (shoppingKey) {
            param.shopping_key = shoppingKey;
        }

        logger.info(`${profile}, login from ${ip}`);

        return api.post('', param, {
            headers: {
                'user-agent': 'yoho/nodejs',
                'X-YOHO-IP': ip,
                'X-Forwarded-For': ip
            }
        });
    }

    static signinByOpenID(nickname, openId, sourceType, shoppingKey) {
        let param = {
            nickname: nickname,
            openId: openId,
            source_type: sourceType, // esline-disable-line
            method: 'app.passport.signinByOpenID',
            shoppingKey: shoppingKey
        };

        if (shoppingKey) {
            param.shopping_key = shoppingKey;
        }

        return api.get('', param);
    }

    static profile(uid) {
        let param = {
            uid: uid,
            method: 'app.passport.profile'
        };

        return api.get('', param);
    }

    static thirdSign(params, clientSecret) {
        let secretParams = {},
            secretStr = '';

        for (const k of Object.keys(params).sort()) {
            if (k === 'yh_sign') {
                continue;
            }
            secretParams[k] = params[k];
        }
        secretStr = _.join(_.map(secretParams, (v, k) => {
            return `${k}=${v}`;
        }), '&');
        return md5(secretStr + clientSecret);
    }

    static thirdLogin(req, res, uid) {
        if (req.cookies.third_type && req.cookies.third_backurl && req.cookies.third_refer) {
            let backurl = url.parse(req.cookies.third_backurl),
                account = thirdAccount[req.cookies.third_type];

            let params = Object.assign({
                yh_uid: uid,
                yh_type: req.cookies.third_type,
                yh_time: moment().format('YYYY-MM-DD HH:mm:ss')
            }, querystring.parse(backurl.query));
            let signStr = this.thirdSign(params, account.clientSecret);

            params.yh_sign = signStr;
            let queryStr = _.join(_.map(params, (v, k) => {
                return `${k}=${encodeURIComponent(v)}`;
            }), '&');

            return {
                refer: `${backurl.protocol}//${backurl.host}${backurl.pathname}?${queryStr}`
            };
        }
        res.clearCookie('third_type', {
            domain: 'yohobuy.com'
        });
        res.clearCookie('third_backurl', {
            domain: 'yohobuy.com'
        });
        res.clearCookie('third_refer', {
            domain: 'yohobuy.com'
        });
    }

    static syncUserSession(uid, req, res, sessionKey) {
        let userId = {
            toString: () => {
                return uid;
            }
        };

        if (sessionKey) {
            // 弃用
            // global.yoho.cache.set(`java_session_key:${uid}`, sessionKey).catch(() => {
            //     global.yoho.logger.error('write session key fail');
            // });
            req.session.SESSION_KEY = sessionKey;
            res.cookie('_SESSION_KEY', authcode(sessionKey, '_SESSION_KEY', 2592000000, 'encode'), {
                domain: 'yohobuy.com',
                expires: new Date(Date.now() + 2592000000) // 有效期一年
            });
            userId.sessionKey = sessionKey;
        }
        res.cookie('_LOGIN_IS_REPORT', false, {
            domain: 'm.yohobuy.com',
            path: '/'
        });
        return Auth.profile(userId).then((userInfo) => {
            let salt = uuid.v4().substr(0, 8);
            let saltedUid = uid + salt;

            let saltedToken = sign.makeToken(saltedUid);
            let publicToken = saltedToken + salt;

            let data = userInfo.data;
            let encryptionUid = aes.encryptionUid(uid);

            if (data) {
                data.profile_name = (data.profile_name || '').replace(/::/g, '');

                let uidCookie =
                    `${data.profile_name}::${encryptionUid}::${data.vip_info && data.vip_info.title}::${saltedToken}`;

                res.cookie('_UID', uidCookie, {
                    domain: 'yohobuy.com',
                    expires: new Date(Date.now() + 2592000000) // 有效期一年
                });

                req.session.AVATAR = data.head_ico;
                _.set(req.session, 'USER.AVATAR', data.head_ico);
                _.set(req.session, 'USER.NAME', data.profile_name);
            }

            req.session.TOKEN = publicToken;
            req.session.LOGIN_UID = uid;

            _.set(req.session, 'USER.ENCRYPTION_UID', encryptionUid);

            res.cookie('_TOKEN', publicToken, {
                httpOnly: true,
                domain: 'yohobuy.com',
                expires: new Date(Date.now() + 2592000000) // 有效期一年
            });

            // 第三方登录逻辑
            return this.thirdLogin(req, res, uid);
        });
    }
}

module.exports = Auth;