fe / yohobuywap-node · Commits

Go to a project

Authored by 陈峰
Commit 2fa6ae1c18c3d0ebfc27f374933f807c4ea96268 1 parent daa61684

sessionkey问题

Inline Side-by-side
Showing 9 changed files with 48 additions and 68 deletions
... ... @@ -108,7 +108,10 @@ app.use(cookieSession({
requestKey: 'session2',
cookieName: 'yohobuy_session_cookie',
secret: '82dd7e724f2c6870472c89dfa43cf48d',
domain: 'yohobuy.com'
cookie: {
domain: 'yohobuy.com',
ephemeral: true
}
}));
app.use((req, res, next) => {
... ...
... ... @@ -31,7 +31,7 @@ let _renderData = {
let _channelPage = (req, res, data) => {
return channelModel.getChannelData({
gender: data.gender,
uid: _.toString(req.user.uid),
uid: req.user.uid,
limit: 6// 首屏先获取前6个楼层,其余用ajax获取
}).then(result => {
_renderData.homeHeader.defaultTerms = result.defaultTerms;
... ... @@ -75,7 +75,7 @@ let getResourceContent = (req, res, next) => {
return channelModel.getChannelResource({
gender: req.query.gender,
uid: _.toString(req.user.uid),
uid: req.user.uid,
}).then(result => {
if (result.length) {
... ...
... ... @@ -49,7 +49,6 @@ const _repaymentList = (req, res, opt, params) => {
// 开通分期首页
const index = (req, res) => {
console.log(req.query.session_key);
let uid = req.user.uid;
Promise.all([
... ... @@ -736,8 +735,9 @@ const setMasterCard = (req, res) => {
};
const sessionKeyAuth = (req, res, next) => {
let uid = req.query.uid || req.cookies.installmentUid;
let sessionKey = req.query.session_key || req.session.SESSION_KEY;
let uid = req.query.uid || req.cookies.installmentUid || req.user.uid.toString() || '';
let sessionKey = req.query.session_key ||
req.session.SESSION_KEY || req.user.uid && req.user.uid.sessionKey || '';
if (sessionKey && !req.session.SESSION_KEY) {
req.session.SESSION_KEY = uid.sessionKey;
... ...
... ... @@ -76,7 +76,27 @@ const common = {
domain: 'yohobuy.com'
});
next();
},
clearCookie: (req, res, next) => {
res.clearCookie('_SESSION_KEY', {
domain: 'yohobuy.com'
});
res.clearCookie('_UID', {
domain: 'yohobuy.com'
});
res.clearCookie('_TOKEN', {
domain: 'yohobuy.com'
});
if (req.session2 && req.session2.reset) {
req.session2.reset();
}
if (req.session && req.session.regenerate) {
return req.session.regenerate(() => {
return next();
});
}
}
};
... ... @@ -100,20 +120,6 @@ const local = {
// 设置登录有效时间30分钟, 防机器刷,cache不稳定,改为cookie
// res.cookie('LE' + md5('_LOGIN_EXPIRE'), (new Date()).getTime() / 1000 + 1800);
// 清除cookie
if (req.session && req.session.destroy) {
req.session.destroy();
}
if (req.session2 && req.session2.reset) {
req.session2.reset();
}
res.clearCookie('_UID', {
domain: 'yohobuy.com'
});
res.clearCookie('_TOKEN', {
domain: 'yohobuy.com'
});
res.render('login', {
width750: true,
... ... @@ -162,20 +168,7 @@ const local = {
// 设置登录有效时间30分钟, 防机器刷,cache不稳定,改为cookie
// res.cookie('LE' + md5('_LOGIN_EXPIRE'), (new Date()).getTime() / 1000 + 1800);
// 清除cookie
if (req.session && req.session.destroy) {
req.session.destroy();
}
if (req.session2 && req.session2.reset) {
req.session2.reset();
}
res.clearCookie('_UID', {
domain: 'yohobuy.com'
});
res.clearCookie('_TOKEN', {
domain: 'yohobuy.com'
});
res.render('international', {
width750: true,
... ... @@ -286,19 +279,6 @@ const local = {
})(req, res, next);
},
logout: (req, res) => {
if (req.session && req.session.destroy) {
req.session.destroy();
}
if (req.session2 && req.session2.reset) {
req.session2.reset();
}
res.clearCookie('_UID', {
domain: 'yohobuy.com'
});
res.clearCookie('_TOKEN', {
domain: 'yohobuy.com'
});
res.clearCookie('_SPK');
let refer = req.get('Referer') || config.siteUrl;
... ...
... ... @@ -124,7 +124,6 @@ exports.loginPage = (req, res, next) => {
if (step === 3 && smsLoginStep !== 3) {
return res.redirect(req.path);
}
switch (step) {
case 2:
_step2(req, res, next);
... ...
... ... @@ -7,19 +7,18 @@
'use strict';
const express = require('express');
const cRoot = './controllers';
const login = require(cRoot + '/login');
const back = require(cRoot + '/back');
const bind = require(cRoot + '/bind');
const reg = require(cRoot + '/reg');
const login = require('./controllers/login');
const back = require('./controllers/back');
const bind = require('./controllers/bind');
const reg = require('./controllers/reg');
const disableBFCahce = require('../../doraemon/middleware/disable-BFCache');
const smsLogin = require(cRoot + '/sms');
const update = require(cRoot + '/update');
const agreement = require(cRoot + '/app-agreement');
const smsLogin = require('./controllers/sms');
const update = require('./controllers/update');
const agreement = require('./controllers/app-agreement');
const geetest = require(cRoot + '/geetest');
const geetest = require('./controllers/geetest');
const router = express.Router(); // eslint-disable-line
... ... @@ -27,25 +26,25 @@ const router = express.Router(); // eslint-disable-line
router.get('/passport/geetest/register', geetest.register);
// 兼容老的路由
router.get('/signin.html', login.common.beforeLogin, smsLogin.loginPage);
router.get('/signin.html', login.common.beforeLogin, login.common.clearCookie, smsLogin.loginPage);
router.get('/reg.html', disableBFCahce, reg.index);
router.get('/login.html', login.common.beforeLogin, login.local.international);
router.get('/login.html', login.common.beforeLogin, login.common.clearCookie, login.local.international);
router.get('/phoneback.html', back.indexMobilePage);
router.get('/emailback.html', back.indexEmailPage);
// 登出
router.get('/passport/signout/index', login.local.logout);
router.get('/passport/signout/index', login.common.clearCookie, login.local.logout);
// 登录页面
router.get('/passport/login', login.common.beforeLogin, login.local.loginPage);
router.get('/passport/international', login.common.beforeLogin, login.local.international);
router.get('/passport/login', login.common.beforeLogin, login.common.clearCookie, login.local.loginPage);
router.get('/passport/international', login.common.beforeLogin, login.common.clearCookie, login.local.international);
// 本地登录
router.post('/passport/login/auth', geetest.validate, login.local.login);
// SMS 短信
router.use('/passport/sms_login', login.common.beforeLogin, smsLogin.beforeIn);
router.get('/passport/sms_login', smsLogin.loginPage);
router.get('/passport/sms_login', login.common.clearCookie, smsLogin.loginPage);
router.post('/passport/sms_login/step1_check', smsLogin.indexCheck);
router.get('/passport/sms_login/token.json',
smsLogin.tokenBefore,
... ... @@ -137,7 +136,7 @@ router.get('/passport/yohobuy', agreement.aboutYoho);// 关于有货
router.get('/passport/agreement', agreement.agreement);// 服务条款
// 验证码
let captcha = require(`${cRoot}/captcha`);
let captcha = require('./controllers/captcha');
router.get('/passport/captcha/get', captcha.get);
router.get('/passport/img-check.jpg', captcha.imgCheck);
... ...
... ... @@ -2,14 +2,13 @@
const _ = require('lodash');
const cookie = global.yoho.cookie;
const crypto = global.yoho.crypto;
const authcode = require('../../utils/authcode');
module.exports = () => {
return (req, res, next) => {
// 从 SESSION 中获取到当前登录用户的 UID
if (req.session && _.isNumber(req.session.LOGIN_UID)) {
// 不要使用 === 判断uid的值,如果需要判断使用 ==
// 调用接口传参时切勿使用toString获得字符串
req.user.uid = {
toString: () => {
return req.session.LOGIN_UID;
... ... @@ -23,9 +22,9 @@ module.exports = () => {
// session 没有读取到的时候,从 cookie 读取 UID
if (!req.user.uid && req.cookies._UID) {
// 不要使用 === 判断uid的值,如果需要判断使用 ==
let sessionKey = req.cookies._SESSION_KEY && authcode(req.cookies._SESSION_KEY, '_SESSION_KEY', 2592000000);
// 调用接口传参时切勿使用toString获得字符串
req.user.uid = {
toString: () => {
return cookie.getUid(req);
... ...
... ... @@ -50,7 +50,7 @@
"uuid": "^2.0.3",
"xml2js": "^0.4.17",
"yoho-express-session": "^2.0.0",
"yoho-node-lib": "=0.2.10",
"yoho-node-lib": "=0.2.11",
"yoho-zookeeper": "^1.0.8"
},
"devDependencies": {
... ...
... ... @@ -162,7 +162,7 @@ class ChosePanel {
$yohoPage.on('touchstart', '.btn-plus,.btn-minus', (e) => {
this._numClick(e);
});
$yohoPage.on('touchstart', '.thumb', (e) => {
$yohoPage.on('touchstart', '.thumb-img .thumb', (e) => {
this._thumbClick(e);
});
$yohoPage.on('touchstart', '#chose-btn-sure', (e) => {
... ...