merge-master

@@ -148,17 +148,6 @@ app.use((req, res, next) => {
     req.yoho = {}; // req和res绑定yoho对象，用于传递全局数据, 如req.yoho.channel等
     req.app.locals.wap = app.locals.wap; // zookeper对象赋值
 
-    // 临时增加错误日志记录
-    let sendJson = res.json;
-
-    res.json = function(...args) {
-        try {
-            sendJson(...args);
-        } catch (e) {
-            logger.error(`res.json error data: ${JSON.stringify(args)}`);
-        }
-    };
-
     next();
 });
 

@@ -241,7 +241,7 @@ const getPriceGiftList = (promotionIds, promotionType) => {
         method: 'app.Shopping.queryPromotionGifts',
         promotion_ids: promotionIds
     }).then((data) => {
-        return data.code === 200 ? cartProcess.procPriceGiftData(data.data, promotionType) : void 0;
+        return data.code === 200 ? cartProcess.procPriceGiftData(data.data, promotionType) : {};
     });
 };
 

@@ -201,7 +201,7 @@ const packageData = (id, isApp, isWeixin, channel, isShare) => {
 
         return Promise.all(promises).then(datas => {
 
-            let getArticleContent = {};
+            let getArticleContent = [];
 
             if (datas) {
                 if (datas[1]) {

@@ -10,10 +10,12 @@ const passport = require('passport');
 
 // const md5 = require('yoho-md5');
 const uuid = require('uuid');
+const co = Promise.coroutine;
 const cookie = global.yoho.cookie;
 const helpers = global.yoho.helpers;
 const log = global.yoho.logger;
 const config = global.yoho.config;
+const cache = global.yoho.cache;
 const utils = require(global.utils);
 const RegService = require('../models/reg-service');
 const AuthHelper = require('../models/auth-helper');
@@ -122,21 +124,10 @@ const local = {
             req.session.captchaValidCount = 5;
         }
 
-        // 先清除cookie
-        // res.clearCookie('LE' + md5('_LOGIN_EXPIRE'), {
-        //     domain: 'yohobuy.com'
-        // });
-
-        // 设置登录有效时间30分钟, 防机器刷，cache不稳定，改为cookie
-        // res.cookie('LE' + md5('_LOGIN_EXPIRE'), (new Date()).getTime() / 1000 + 1800);
-
-        // 170406 账户密码方式登录可以选择是否开启验证码，默认开关是关闭状态，此时开启验证码，开关开启，无需验证
-        let captchaShow = _.get(req.app.locals.wap, 'close.loginValidation', false);
-
         res.render('login', {
             width750: true,
             loginIndex: true, // 模板中使用JS的标识
-            captchaShow: !captchaShow, // 170306 因为暴力破解密码问题，要求每次都展示验证码
+            captchaShow: req.yoho.captchaShow,
             backUrl: 'javascript:history.go(-1)', // eslint-disable-line
             showHeaderImg: true, // 控制显示头部图片
             isPassportPage: true, // 模板中模块标识
@@ -166,22 +157,11 @@ const local = {
             req.session.captchaValidCount = 5;
         }
 
-        // 先清除cookie
-        // res.clearCookie('LE' + md5('_LOGIN_EXPIRE'), {
-        //     domain: 'yohobuy.com'
-        // });
-
-        // 设置登录有效时间30分钟, 防机器刷，cache不稳定，改为cookie
-        // res.cookie('LE' + md5('_LOGIN_EXPIRE'), (new Date()).getTime() / 1000 + 1800);
-
-        // 170406 账户密码方式登录可以选择是否开启验证码，默认开关是关闭状态，此时开启验证码，开关开启，无需验证
-        let captchaShow = _.get(req.app.locals.wap, 'close.loginValidation', false);
-
         res.render('international', {
             width750: true,
             backUrl: 'javascript:history.go(-1)', // eslint-disable-line
             loginInternational: true, // 模板中使用JS的标识
-            captchaShow: !captchaShow, // 170306 因为暴力破解密码问题，要求每次都展示验证码
+            captchaShow: req.yoho.captchaShow,
             isPassportPage: true, // 模板中模块标识
             headerText: '登录',
             areaCode: '+86', // 默认区号
@@ -211,6 +191,8 @@ const local = {
                     captchaShow: true
                 };
 
+                cache.set(`loginErrorIp:${req.yoho.clientIp}`, true, 3600).catch(log.error);
+
                 res.json(obj);
             } else {
                 let refer = req.cookies.refer;
@@ -406,6 +388,36 @@ exports.user = function(req, res, next) {
     res.jsonp(result);
 };
 
+/**
+ * 中间件
+ * 根据用户登录是否成功决定是否展示验证码
+ */
+exports.loginShowCaptchaByIp = function(req, res, next) {
+    // 总开关状态
+    req.yoho.captchaShow = !_.get(req.app.locals.wap, 'close.loginValidation', false);
+
+    // 开关打开，不走任何验证逻辑
+    if (!req.yoho.captchaShow) {
+        return next();
+    } else {
+        req.yoho.captchaShow = false;
+    }
+
+    co(function*() {
+        let hasErrorLog = yield cache.get(`loginErrorIp:${req.yoho.clientIp}`);
+
+        log.info(`Pagerender clientip ${req.yoho.clientIp} status is ` + hasErrorLog);
+
+        if (hasErrorLog) {
+            req.yoho.captchaShow = true;
+        }
+        next();
+    })().catch(function(e) {
+        req.yoho.captchaShow = true;
+        next();
+    });
+};
+
 exports.common = common;
 exports.local = local;
 exports.wechat = wechat;

@@ -7,6 +7,9 @@
 'use strict';
 const _ = require('lodash');
 const config = global.yoho.config;
+const co = Promise.coroutine;
+const cache = global.yoho.cache;
+const log = global.yoho.logger;
 const geetest = require('./geetest');
 const captcha = require('./captcha');
 
@@ -20,20 +23,44 @@ const check = (req, res, next) => {
         return next();
     }
 
-    // 170406 采用账号密码方式登录验证码可以配置关闭，默认开关是关闭状态，这时需要验证，开关开启，无需验证
-    if (_.get(req.app.locals.wap, 'close.loginValidation', false) && req.path === '/passport/login/auth') {
-        return next();
-    }
+    // 默认取配置总开关来决定是否展示验证码
+    req.yoho.captchaShow = !_.get(req.app.locals.wap, 'close.loginValidation', false);
 
-    // 使用极验证
-    let useGeetest = !_.get(req.app.locals.wap, 'geetest.validation', false);
+    co(function* () {
+        // 如果是账号密码登录，那么需要检查是否登录失败过，登录失败过展示验证码
+        if (req.path === '/passport/login/auth') {
+            let hasErrorLog = yield cache.get(`loginErrorIp:${req.yoho.clientIp}`);
 
-    // 某次请求极验证调用注册失败，强制使用自有图形验证码
-    if (req.session.useYohoCaptcha) {
-        useGeetest = false;
-    }
+            log.info(`Check clientip ${req.yoho.clientIp} status is ` + hasErrorLog);
+
+            if (hasErrorLog) {
+                req.yoho.captchaShow = true;
+            } else {
+                req.yoho.captchaShow = false;
+            }
+        }
+
+        return req.yoho.captchaShow;
+    })().catch(function() {
+        // memcache 不可用，展示验证码
+        req.yoho.captchaShow = true;
+        return req.yoho.captchaShow;
+    }).then(function() {
+        // 不是账号密码登录，直接根据配置总开关决定是否需要展示验证码
+        if (!req.yoho.captchaShow) {
+            return next();
+        }
+
+        // 使用极验证
+        let useGeetest = !_.get(req.app.locals.wap, 'geetest.validation', false);
+
+        // 某次请求极验证调用注册失败，强制使用自有图形验证码
+        if (req.session.useYohoCaptcha) {
+            useGeetest = false;
+        }
 
-    return (useGeetest ? geetest : captcha).validate(req, res, next);
+        return (useGeetest ? geetest : captcha).validate(req, res, next);
+    });
 };
 
 /**

@@ -39,10 +39,21 @@ router.get('/emailback.html', back.indexEmailPage);
 router.get('/passport/signout/index', login.common.clearCookie, login.local.logout);
 
 // 登录页面
-router.get('/passport/login', validateCode.load,
-    login.common.beforeLogin, login.common.clearCookie, login.local.loginPage);
-router.get('/passport/international', validateCode.load,
-login.common.beforeLogin, login.common.clearCookie, login.local.international);
+router.get('/passport/login',
+    validateCode.load,
+    login.common.beforeLogin,
+    login.common.clearCookie,
+    login.loginShowCaptchaByIp,
+    login.local.loginPage
+);
+
+router.get('/passport/international',
+    validateCode.load,
+    login.common.beforeLogin,
+    login.common.clearCookie,
+    login.loginShowCaptchaByIp,
+    login.local.international
+);
 
 // 本地登录
 router.post('/passport/login/auth', validateCode.check, login.local.login);

@@ -123,6 +123,8 @@ const selectHotrank = (yhChannel, gender, sort, tabId, limit, page, notab) => {
             }
 
             return formData;
+        } else {
+            return {};
         }
 
     });

@@ -50,7 +50,7 @@
     "xml2js": "^0.4.17",
     "yoho-express-session": "^2.0.0",
     "yoho-md5": "^2.0.0",
-    "yoho-node-lib": "=0.2.16",
+    "yoho-node-lib": "=0.2.17",
     "yoho-zookeeper": "^1.0.8"
   },
   "devDependencies": {

@@ -14,7 +14,6 @@ let $account = $('#account'),
     $ways = $('#retrive-pwd-ways'),
 
     $captcha = $('#js-img-check'),
-    useVerify = $captcha.data('userverify'), // 170406 是否使用验证
 
     accPass = false,
     pwdPass = false;
@@ -26,16 +25,14 @@ let trim = $.trim;
 let showErrTip = tip.show;
 
 
-let validate = {};
-
-if (useVerify) {
-    validate = new Validate($captcha, {
-        useREM: {
-            rootFontSize: 40,
-            picWidth: 150
-        }
-    });
+let validate = new Validate($captcha, {
+    useREM: {
+        rootFontSize: 40,
+        picWidth: 150
+    }
+});
 
+if ($captcha.data('userverify')) {
     validate.init();
 }
 
@@ -100,8 +97,13 @@ function loginAuth(params, acc) {
                 location.href = res.href;
                 $loginBtn.text('登录成功');
             } else {
-                if (useVerify && data.captchaShow) {
-                    ((data.changeCaptcha && validate.type !== 2) && validate.refresh());
+                $captcha.data('userverify', data.captchaShow);
+                if (data.captchaShow) {
+                    if (validate.atWorking) {
+                        ((data.changeCaptcha && validate.type !== 2) && validate.refresh());
+                    } else {
+                        validate.init();
+                    }
                 }
 
                 showErrTip(data.message);
@@ -161,7 +163,7 @@ $loginBtn.on('touchstart', function() {
             password: pwd
         };
 
-        if (useVerify) {
+        if ($captcha.data('userverify')) {
             validate.getResults().then((result) => {
                 $loginBtn.text('正在登录...').addClass('disable');