fe / yohobuywap-node · Commits

Go to a project

Authored by 毕凯
Commit 2f2be14fe594f2acca8d770f5eccc0fb596d14e4 2 parents cc06f3cb 28571ba2

Merge branch 'hotfix/login' into 'master' 

Hotfix/login



See merge request !454
Inline Side-by-side
Showing 13 changed files with 193 additions and 136 deletions
... ... @@ -31,4 +31,4 @@ exports.sidebar = function(req, res, next) {
layout: false
});
}).catch(next);
}
\ No newline at end of file
};
... ...
... ... @@ -81,7 +81,9 @@ const common = {
let passLogin = _.get(req, 'cookies._WX_PASS_LOGIN', false);
if (req.yoho.isWechat && !passLogin) {
return res.redirect('/passport/login/wechat');
return res.redirect(helpers.urlFormat('/passport/login/wechat', {
refer: req.query.refer || req.get('Referer') || '/'
}));
}
next();
},
... ... @@ -128,11 +130,13 @@ const local = {
// 设置登录有效时间30分钟, 防机器刷,cache不稳定,改为cookie
// res.cookie('LE' + md5('_LOGIN_EXPIRE'), (new Date()).getTime() / 1000 + 1800);
// 170406 账户密码方式登录可以选择是否开启验证码,默认开关是关闭状态,此时开启验证码,开关开启,无需验证
let captchaShow = _.get(req.app.locals.wap, 'close.loginValidation', false);
res.render('login', {
width750: true,
loginIndex: true, // 模板中使用JS的标识
captchaShow: true, // 170306 因为暴力破解密码问题,要求每次都展示验证码
captchaShow: !captchaShow, // 170306 因为暴力破解密码问题,要求每次都展示验证码
backUrl: 'javascript:history.go(-1)', // eslint-disable-line
showHeaderImg: true, // 控制显示头部图片
isPassportPage: true, // 模板中模块标识
... ... @@ -170,13 +174,14 @@ const local = {
// 设置登录有效时间30分钟, 防机器刷,cache不稳定,改为cookie
// res.cookie('LE' + md5('_LOGIN_EXPIRE'), (new Date()).getTime() / 1000 + 1800);
// 170406 账户密码方式登录可以选择是否开启验证码,默认开关是关闭状态,此时开启验证码,开关开启,无需验证
let captchaShow = _.get(req.app.locals.wap, 'close.loginValidation', false);
res.render('international', {
width750: true,
backUrl: 'javascript:history.go(-1)', // eslint-disable-line
loginInternational: true, // 模板中使用JS的标识
captchaShow: true, // 170306 因为暴力破解密码问题,要求每次都展示验证码
captchaShow: !captchaShow, // 170306 因为暴力破解密码问题,要求每次都展示验证码
isPassportPage: true, // 模板中模块标识
headerText: '登录',
areaCode: '+86', // 默认区号
... ... @@ -250,6 +255,18 @@ const local = {
const wechat = {
login: (req, res, next) => {
// 微信里边已经登录的时候,不再跳转登录
if (req.user.uid) {
let refer = req.query.refer || decodeURI(req.cookies.refer) || config.siteUrl;
if (/sign|login/.test(refer)) {
refer = `${config.siteUrl}/home`;
}
refer = utils.refererLimit(refer);
return res.redirect(refer);
}
// 设置为原链接标识originalUrl
req.session.originalUrl = 'true';
req.session.authState = uuid.v4();
... ...
... ... @@ -20,6 +20,11 @@ const check = (req, res, next) => {
return next();
}
// 170406 采用账号密码方式登录验证码可以配置关闭,默认开关是关闭状态,这时需要验证,开关开启,无需验证
if (_.get(req.app.locals.wap, 'close.loginValidation', false) && req.path === '/passport/login/auth') {
return next();
}
// 使用极验证
let useGeetest = !_.get(req.app.locals.wap, 'geetest.validation', false);
... ...
... ... @@ -2,6 +2,7 @@
const _ = require('lodash');
const aes = require('./aes-pwd');
const authcode = require('../../../utils/authcode');
const logger = global.yoho.logger;
const sign = global.yoho.sign;
const api = global.yoho.API;
const uuid = require('uuid');
... ... @@ -35,10 +36,13 @@ class Auth {
param.shopping_key = shoppingKey;
}
logger.info(`${profile}, login from ${ip}`);
return api.post('', param, {
headers: {
'user-agent': 'yoho/nodejs',
'X-YOHO-IP': ip
'X-YOHO-IP': ip,
'X-Forwarded-For': ip
}
});
}
... ...
... ... @@ -27,7 +27,7 @@ const router = express.Router(); // eslint-disable-line
router.get('/passport/geetest/register', geetest.register);
// 兼容老的路由
router.get('/signin.html', validateCode.load, login.common.weixinCheck,
router.get('/signin.html', login.common.weixinCheck, validateCode.load,
login.common.beforeLogin, login.common.clearCookie, smsLogin.loginPage);
router.get('/reg.html', validateCode.load, disableBFCahce, reg.index);
router.get('/login.html', validateCode.load,
... ... @@ -78,10 +78,6 @@ router.get('/passport/login/qq/callback', login.qq.callback);
router.get('/passport/login/alipay', login.common.beforeLogin, login.alipay.login);
router.get('/passport/login/alipay/callback', login.alipay.callback);
// alipay登录
router.get('/login/alipay', login.common.beforeLogin, login.alipay.login);
router.get('/login/alipay/callback', login.alipay.callback);
// 登录绑定
router.get('/passport/bind/index', validateCode.load, bind.indexPage);
router.post('/passport/bind/bindCheck', validateCode.check, bind.bindCheck);
... ...
... ... @@ -10,7 +10,7 @@
<input id="pwd" class="pwd input" type="password" placeholder="密码">
</div>
{{!--图片验证--}}
<div data-geetest="{{useGeetest}}" id="js-img-check"></div>
<div data-userverify="{{captchaShow}}" data-geetest="{{useGeetest}}" id="js-img-check"></div>
<span id="btn-login" class="btn btn-login disble row">登录</span>
</div>
... ...
... ... @@ -9,7 +9,7 @@
<input id="pwd" class="pwd input" type="password" placeholder="密码">
</div>
{{!--图片验证--}}
<div data-geetest="{{useGeetest}}" id="js-img-check"></div>
<div data-userverify="{{captchaShow}}" data-geetest="{{useGeetest}}" id="js-img-check"></div>
<span id="btn-login" class="btn btn-login disable">登录</span>
<p class="op-container">
<a class="op-item internat" href={{internationalUrl}}>海外手机</a>
... ...
... ... @@ -22,7 +22,7 @@ module.exports = (req, res, next) => {
return next();
}
if (res.statusCode == 403) {
if (_.toNumber(res.statusCode) === 403) {
return res.end();
}
... ...
... ... @@ -21,7 +21,11 @@ const _getClientIp = req => {
remoteIp = _.trim(arr[arr.length - 1]);
}
return remoteIp;
if (_.startsWith(remoteIp, '10.66.')) {
remoteIp = req.get('X-Real-IP');
}
return _.trim(remoteIp);
};
module.exports = () => {
... ...
{
"name": "m-yohobuy-node",
"version": "5.5.11",
"version": "5.5.12",
"private": true,
"description": "A New Yohobuy Project With Express",
"repository": {
... ...
... ... @@ -13,6 +13,7 @@ let $phoneNum = $('#phone-num'),
$loginBtn = $('#btn-login'),
$captcha = $('#js-img-check'),
useVerify = $captcha.data('userverify'), // 170406 是否使用验证
pnPass = false,
pwdPass = false;
... ... @@ -23,15 +24,18 @@ let tip = require('plugin/tip');
let trim = $.trim;
let showErrTip = tip.show;
let validate = new Validate($captcha, {
useREM: {
rootFontSize: 40,
picWidth: 150
}
});
let validate = {};
validate.init();
if (useVerify) {
validate = new Validate($captcha, {
useREM: {
rootFontSize: 40,
picWidth: 150
}
});
validate.init();
}
// 登录按钮状态切换
function switchLoginBtnStatus() {
... ... @@ -45,6 +49,47 @@ function resetForm() {
$loginBtn.text('登录').addClass('disable');
}
/**
* 登录校验
*/
function loginAuth(params) {
$.ajax({
type: 'POST',
url: '/passport/login/auth',
data: params,
success: function(data) {
let res;
validate && validate.type === 2 && validate.refresh();
if (data.code === 200) {
res = data.data;
showErrTip('登录成功');
// 3秒后强制跳转
setTimeout(() => {
location.href = res.href;
}, 1500);
$loginBtn.text('登录成功');
showErrTip('登录成功');
} else {
if (useVerify && data.captchaShow) {
((data.changeCaptcha && validate.type !== 2) && validate.refresh());
}
showErrTip(data.message);
resetForm();
}
},
error: function() {
showErrTip('网络断开连接啦~');
$loginBtn.text('登录');
validate && validate.refresh();
}
});
}
// Android-UC下显示select的direction:rtl无效的临时解决办法
api.selectCssHack($countrySelect);
... ... @@ -90,52 +135,21 @@ $loginBtn.on('touchstart', function() {
}
if ((api.phoneRegx[areaCode].test(pn) || areaCode !== '+86') && api.pwdValidate(pwd)) {
validate.getResults().then((result) => {
$loginBtn.text('正在登录...').addClass('disable');
let params = {
areaCode: areaCode.replace('+', ''),
account: pn,
password: pwd
};
$.extend(params, result);
$.ajax({
type: 'POST',
url: '/passport/login/auth',
data: params,
success: function(data) {
let res;
validate.type === 2 && validate.refresh();
if (data.code === 200) {
res = data.data;
showErrTip('登录成功');
// 3秒后强制跳转
setTimeout(() => {
location.href = res.href;
}, 1500);
$loginBtn.text('登录成功');
showErrTip('登录成功');
} else {
if (data.captchaShow) {
((data.changeCaptcha && validate.type !== 2) && validate.refresh());
}
showErrTip(data.message);
resetForm();
}
},
error: function() {
showErrTip('网络断开连接啦~');
$loginBtn.text('登录');
validate.refresh();
}
let params = {
areaCode: areaCode.replace('+', ''),
account: pn,
password: pwd
};
if (useVerify) {
validate.getResults().then((result) => {
$loginBtn.text('正在登录...').addClass('disable');
$.extend(params, result);
loginAuth(params);
});
});
} else {
loginAuth(params);
}
} else {
showErrTip('账号或密码有错误,请重新输入');
$loginBtn.text('登录').addClass('disable');
... ...
... ... @@ -14,6 +14,7 @@ let $account = $('#account'),
$ways = $('#retrive-pwd-ways'),
$captcha = $('#js-img-check'),
useVerify = $captcha.data('userverify'), // 170406 是否使用验证
accPass = false,
pwdPass = false;
... ... @@ -25,14 +26,18 @@ let trim = $.trim;
let showErrTip = tip.show;
let validate = new Validate($captcha, {
useREM: {
rootFontSize: 40,
picWidth: 150
}
});
let validate = {};
if (useVerify) {
validate = new Validate($captcha, {
useREM: {
rootFontSize: 40,
picWidth: 150
}
});
validate.init();
validate.init();
}
// 登录按钮状态切换
function switchLoginBtnStatus() {
... ... @@ -60,6 +65,62 @@ function hideRetrivePanel() {
$ways.hide();
}
/**
* 登录校验
*/
function loginAuth(params, acc) {
$.ajax({
type: 'POST',
url: '/passport/login/auth',
data: params,
success: function(data) {
let res,
LOGI_TYPE;
if (acc.indexOf('@') > 0) {
LOGI_TYPE = 8;
} else {
LOGI_TYPE = 5;
}
if (window._yas && window._yas.sendCustomInfo) {
window._yas.sendCustomInfo({
op: 'YB_MY_LOGIN_C',
param: JSON.stringify({
C_ID: window._ChannelVary[window.cookie('_Channel')],
LOGI_TYPE: LOGI_TYPE
})
}, true);
}
validate && validate.type === 2 && validate.refresh();
if (data.code === 200) {
res = data.data;
showErrTip('登录成功');
location.href = res.href;
$loginBtn.text('登录成功');
} else {
if (useVerify && data.captchaShow) {
((data.changeCaptcha && validate.type !== 2) && validate.refresh());
}
showErrTip(data.message);
resetForm();
}
return data;
},
error: function() {
showErrTip('网络断开连接啦~');
validate && validate.refresh();
},
complete: function() {
$loginBtn.text('登录').removeClass('disable');
}
});
}
// 密码显示与隐藏
api.bindEyesEvt();
... ... @@ -95,67 +156,23 @@ $loginBtn.on('touchstart', function() {
// 验证账号(数字或者邮箱)和密码合理性
if ((/^[0-9]+$/.test(acc) || api.emailRegx.test(acc)) && api.pwdValidate(pwd)) {
validate.getResults().then((result) => {
$loginBtn.text('正在登录...').addClass('disable');
let params = {
account: acc,
password: pwd
};
$.extend(params, result);
$.ajax({
type: 'POST',
url: '/passport/login/auth',
data: params,
success: function(data) {
let res,
LOGI_TYPE;
if (acc.indexOf('@') > 0) {
LOGI_TYPE = 8;
} else {
LOGI_TYPE = 5;
}
if (window._yas && window._yas.sendCustomInfo) {
window._yas.sendCustomInfo({
op: 'YB_MY_LOGIN_C',
param: JSON.stringify({
C_ID: window._ChannelVary[window.cookie('_Channel')],
LOGI_TYPE: LOGI_TYPE
})
}, true);
}
validate.type === 2 && validate.refresh();
if (data.code === 200) {
res = data.data;
showErrTip('登录成功');
location.href = res.href;
$loginBtn.text('登录成功');
} else {
if (data.captchaShow) {
((data.changeCaptcha && validate.type !== 2) && validate.refresh());
}
showErrTip(data.message);
resetForm();
}
return data;
},
error: function() {
showErrTip('网络断开连接啦~');
validate.refresh();
},
complete: function() {
$loginBtn.text('登录').removeClass('disable');
}
});
}, () => {});
let params = {
account: acc,
password: pwd
};
if (useVerify) {
validate.getResults().then((result) => {
$loginBtn.text('正在登录...').addClass('disable');
$.extend(params, result);
// auth
loginAuth(params, acc);
}, () => {});
} else {
loginAuth(params, acc);
}
} else {
showErrTip('账号或密码有错误,请重新输入');
$loginBtn.text('登录').removeClass('disable');
... ...