back.js 8.57 KB
const _ = require('lodash');
const co = Promise.coroutine;
const helpers = global.yoho.helpers;
const sign = global.yoho.sign;
const BackServiceModel = require('../models/back-service');
const SIGN_IN = helpers.urlFormat('/signin.html');

class BackNew {
    /**
     * 通过手机找回密码
     */
    backByMobile(req, res, next) {
        _.set(req.session, 'backupCaptch.verifyResult', false);

        if (req.session.captchaValidCount == null) { // eslint-disable-line
            req.session.captchaValidCount = 5;
        }

        co(function* () {
            let countrysResult = yield req.ctx(BackServiceModel).getAreaDataAsync(); // 地区信息列表
            let countrys = _.get(countrysResult, 'data', []);

            res.render('back/mobile-new', {
                width750: true,
                localCss: true,
                module: 'passport',
                page: 'back-mobile-new',
                countrys: countrys,
            });
        })().catch(next);
    }

    /**
     * 提交表单数据处理,设置新的密码
     */
    setNewPasswordByMobileAPI(req, res, next) {
        let phoneNum = req.body.phoneNum || '';
        let code = req.body.code || '';
        let areaCode = req.body.areaCode || '86';
        let newPwd = req.body.password;

        co(function* () {
            let valiResult = yield req.ctx(BackServiceModel).validateMobileCodeAsync(phoneNum, code, areaCode);

            if (valiResult.code === 200) {
                let token = _.get(valiResult, 'data.token', '');
                let setPwdResult =
                    yield req.ctx(BackServiceModel).modifyPasswordByMobileAsyncAes(phoneNum, token, newPwd, areaCode);

                if (setPwdResult.code === 200) {
                    res.json({
                        code: 200,
                        data: SIGN_IN
                    });
                } else {
                    res.json({
                        code: 400,
                        message: '修改密码失败'
                    });
                }
            } else {
                return res.json({
                    code: 400,
                    message: '验证码失败'
                });
            }
        })().catch(next);
    }

    /**
     * 通过邮箱找回密码
     */
    backByEmail(req, res) {
        res.render('back/email-new', {
            width750: true,
            localCss: true,
            module: 'passport',
            page: 'back-email-new'
        });
    }

    /**
     * 通过邮箱找回密码成功页
     */
    backByEmailSuccess(req, res) {
        let email = req.query.email || '';

        if (!helpers.verifyEmail(email)) {
            res.redirect(400);
        }
        res.render('back/email-success-new', {
            width750: true,
            localCss: true,
            module: 'passport',
            page: 'back-email-success-new',
            doneUrl: helpers.urlFormat('/signin.html'),
            resendUrl: helpers.urlFormat('/passport/back/resendemail', { email: email })
        });
    }

    /**
     * 发送验证码到邮箱
     */
    sendCodeToEmailAPI(req, res) {
        let email = req.body.email || '';
        const ERR = {
            code: 400,
            message: '邮箱格式不正确,请重新输入',
            data: ''
        };

        if (!helpers.verifyEmail(email)) {
            res.json(ERR);
            return;
        }

        req.ctx(BackServiceModel).sendCodeToEmailAsync(email)
            .then(result => {
                if (result.code === 200) {
                    result.data = helpers.urlFormat('/passport/back/success', { email: email });
                }

                res.json(result);
            })
            .catch(() => {
                res.json(ERR);
            });
    }

    /**
     * 重新发送验证码到邮箱
     */
    resendCodeToEmailAPI(req, res) {
        let email = req.query.email || '';

        req.ctx(BackServiceModel).sendCodeToEmailAsync(email)
            .then(result => {
                if (_.isEmpty(result)) {
                    return Promise.rejected('重新发邮件失败');
                }

                res.json(result);
            })
            .catch(err => {
                res.json({
                    code: 400,
                    message: err
                });
            });
    }

    /**
     * 根据邮箱修改密码
     */
    setNewPasswordByEmailAPI(req, res) {
        let pwd = req.body.password || '';
        let code = req.body.code || '';
        let data = {
            code: 200,
            data: SIGN_IN
        };

        req.ctx(BackServiceModel).modifyPasswordByEmailAsyncAes(pwd, code)
            .then(result => {
                if (result.includes('history.back')) {
                    data.code = 400;
                    data.message = '修改失败';
                }

                res.json(data);
            })
            .catch(() => {
                res.json(data);
            });
    }

    /**
     * 发送手机验证码
     */
    sendCodeToMobileAPI(req, res, next) {
        let phoneNum = req.body.phoneNum || '';
        let areaCode = req.body.areaCode || '86';

        let ERR = {
            code: 400,
            message: '输入手机号码出错'
        };

        if (!helpers.verifyMobile(phoneNum)) {
            return res.json(ERR);
        }

        let backCount = _.get(req.session, 'backupCaptch.count'); // 短信验证码 发送次数

        if (!backCount) {
            /* 如果设置了冻结时间,验证 */
            let untilTime = (parseInt(req.session.backupCaptch.timeout, 10) -
                parseInt(Date.now(), 10)) / 1000 / 60;

            if (parseInt(Date.now(), 10) < parseInt(req.session.backupCaptch.timeout, 10)) {
                return res.json({
                    code: 401,
                    message: '请' + (parseInt(untilTime, 10) + 1) + '分钟后尝试!'
                });
            } else {
                _.set(req.session, 'backupCaptch.count', 5);
            }
        }

        _.set(req.session, 'backupCaptch.verifyResult', true);
        req.ctx(BackServiceModel).sendCodeToMobileAsync(phoneNum, areaCode)
            .then(result => {
                if (_.isEmpty(result) || result.code !== 200) {
                    ERR.message = '发送验证码出错';
                    res.json(ERR);
                }

                if (result.code === 200) {
                    let token = sign.makeToken(phoneNum);

                    --req.session.backupCaptch.count;

                    if (!req.session.backupCaptch.count) {
                        _.set(req.session, 'backupCaptch.timeout', Date.now() + 5 * 60 * 1000);
                    }

                    req.session.backupCaptchStep2 = true; // 允许跳到第二步

                    return res.json({
                        code: 200,
                        data: {
                            href: helpers.urlFormat('/passport/back/mobilecode', {
                                phoneNum: phoneNum,
                                areaCode: areaCode
                            }),
                            token: token
                        }
                    });
                }
            })
            .catch(next);
    }

    /**
     * 校验手机验证码
     */
    verifyCodeByMobileAPI(req, res, next) {
        let phoneNum = req.body.phoneNum || '';
        let code = req.body.code || '';
        let areaCode = req.body.areaCode || '86';

        req.ctx(BackServiceModel).validateMobileCodeAsync(phoneNum, code, areaCode)
            .then(result => {
                if (result.code === 200 && result.data) {
                    req.session.backcode = {
                        phoneNum: phoneNum,
                        token: result.data.token,
                        areaCode: areaCode,
                        code: code
                    };

                    res.json({
                        code: 200,
                        data: helpers.urlFormat('/passport/back/backcode')
                    });
                } else {
                    res.json({
                        code: 400,
                        message: '验证码失败'
                    });
                }
            })
            .catch(next);
    }

    /**
     * 直接调用发短信接口的情况
     */
    verifySmsAllow(req, res, next) {
        if (_.get(req, 'session.backupCaptch.verifyResult')) {
            return next();
        } else {
            return res.json({
                code: 400,
                message: '非法请求'
            });
        }
    }
}

module.exports = new BackNew();