fe / yohobuywap-node · Commits

Go to a project

Authored by 陈峰
Commit 31a0bfd170b0a40e6d72ef3ea4013a138c0de97e 1 parent 3aa4fd2f

第三方登录session改cookie

Inline Side-by-side
Showing 2 changed files with 49 additions and 33 deletions
... ... @@ -69,7 +69,15 @@ function doPassportCallback(openId, nickname, sourceType, req, res) {
const common = {
// 第三方登录有货逻辑
thirdLogin(req, res, next) {
req.session.refer = req.get('referer'); // 记录来源地址
let refer = req.get('referer');
let thirdRefer = req.cookies.third_refer;
if (thirdRefer && !/signin|login|passport\/international/.test(refer)) {
res.clearCookie('third_refer', {
domain: 'yohobuy.com'
});
}
// TODO 记录token并验证有效期或者实现oauth
if (req.query.yh_type &&
req.query.yh_sign &&
... ... @@ -79,7 +87,7 @@ const common = {
let timeDiff = moment().diff(reqTime);
if (!reqTime.isValid() ||
timeDiff >= 1000 * 60 * 120 || // 如果服务器之间大于5分钟验证失败
timeDiff >= 1000 * 60 * 5 || // 如果服务器之间大于5分钟验证失败
timeDiff < 0) {
return res.json({
... ... @@ -112,8 +120,15 @@ const common = {
message: 'yh_sign签名验证错误'
});
}
req.session.thirdType = req.query.yh_type;
req.session.thirdBackurl = req.query.yh_backurl;
res.cookie('third_refer', refer, {
domain: 'yohobuy.com'
});
res.cookie('third_type', req.query.yh_type, {
domain: 'yohobuy.com'
});
res.cookie('third_backurl', req.query.yh_backurl, {
domain: 'yohobuy.com'
});
}
next();
},
... ...
... ... @@ -94,35 +94,36 @@ class Auth {
return md5(secretStr + clientSecret);
}
static thirdLogin(req, uid) {
if (req.session.thirdType && req.session.thirdBackurl && req.session.refer) {
let refer = url.parse(req.session.refer || '');
if (!/m\.yohobuy\.com$/.test(refer.host)) { // 非站内登录
let backurl = url.parse(req.session.thirdBackurl),
account = thirdAccount[req.session.thirdType];
let params = Object.assign({
yh_uid: uid,
yh_type: req.session.thirdType,
yh_time: moment().format('YYYY-MM-DD HH:mm:ss')
}, querystring.parse(backurl.query));
let signStr = this.thirdSign(params, account.clientSecret);
params.yh_sign = signStr;
let queryStr = _.join(_.map(params, (v, k) => {
return `${k}=${encodeURIComponent(v)}`;
}), '&');
return {
refer: `${backurl.protocol}//${backurl.host}?${queryStr}`
};
}
req.session.thirdType && (delete req.session.thirdType);
req.session.thirdBackurl && (delete req.session.thirdBackurl);
req.session.refer && (delete req.session.refer);
static thirdLogin(req, res, uid) {
if (req.cookies.third_type && req.cookies.third_backurl && req.cookies.third_refer) {
let backurl = url.parse(req.cookies.third_backurl),
account = thirdAccount[req.cookies.third_type];
let params = Object.assign({
yh_uid: uid,
yh_type: req.cookies.third_type,
yh_time: moment().format('YYYY-MM-DD HH:mm:ss')
}, querystring.parse(backurl.query));
let signStr = this.thirdSign(params, account.clientSecret);
params.yh_sign = signStr;
let queryStr = _.join(_.map(params, (v, k) => {
return `${k}=${encodeURIComponent(v)}`;
}), '&');
return {
refer: `${backurl.protocol}//${backurl.host}?${queryStr}`
};
}
res.clearCookie('third_type', {
domain: 'yohobuy.com'
});
res.clearCookie('third_backurl', {
domain: 'yohobuy.com'
});
res.clearCookie('third_refer', {
domain: 'yohobuy.com'
});
}
static syncUserSession(uid, req, res, sessionKey) {
... ... @@ -186,7 +187,7 @@ class Auth {
});
// 第三方登录逻辑
return this.thirdLogin(req, uid);
return this.thirdLogin(req, res, uid);
});
}
}
... ...