Merge branch 'hotfix/session' into 'master'
修复分期sessionkey See merge request !526
Showing
1 changed file
with
26 additions
and
23 deletions
| @@ -6,33 +6,36 @@ const authcode = require('../../utils/authcode'); | @@ -6,33 +6,36 @@ const authcode = require('../../utils/authcode'); | ||
| 6 | 6 | ||
| 7 | module.exports = () => { | 7 | module.exports = () => { |
| 8 | return (req, res, next) => { | 8 | return (req, res, next) => { |
| 9 | - // 从 SESSION 中获取到当前登录用户的 UID | ||
| 10 | - if (req.session && _.isNumber(req.session.LOGIN_UID)) { | ||
| 11 | - // 调用接口传参时切勿使用toString获得字符串 | ||
| 12 | - req.user.uid = { | ||
| 13 | - toString: () => { | ||
| 14 | - return req.session.LOGIN_UID; | ||
| 15 | - }, | ||
| 16 | - sessionKey: req.session.SESSION_KEY | ||
| 17 | - }; | ||
| 18 | - let userData = _.get(req.session, 'USER', {}); | ||
| 19 | 9 | ||
| 20 | - _.merge(req.user, userData); | ||
| 21 | - } | 10 | + if (!req.yoho.isApp) { |
| 11 | + // 从 SESSION 中获取到当前登录用户的 UID | ||
| 12 | + if (req.session && _.isNumber(req.session.LOGIN_UID)) { | ||
| 13 | + // 调用接口传参时切勿使用toString获得字符串 | ||
| 14 | + req.user.uid = { | ||
| 15 | + toString: () => { | ||
| 16 | + return _.parseInt(req.session.LOGIN_UID); | ||
| 17 | + }, | ||
| 18 | + sessionKey: req.session.SESSION_KEY | ||
| 19 | + }; | ||
| 20 | + let userData = _.get(req.session, 'USER', {}); | ||
| 22 | 21 | ||
| 23 | - // session 没有读取到的时候,从 cookie 读取 UID | ||
| 24 | - if (!req.user.uid && req.cookies._UID) { | ||
| 25 | - let sessionKey = req.cookies._SESSION_KEY && authcode(req.cookies._SESSION_KEY, '_SESSION_KEY', 2592000000); | 22 | + _.merge(req.user, userData); |
| 23 | + } | ||
| 26 | 24 | ||
| 27 | - // 调用接口传参时切勿使用toString获得字符串 | ||
| 28 | - req.user.uid = { | ||
| 29 | - toString: () => { | ||
| 30 | - return cookie.getUid(req); | ||
| 31 | - }, | ||
| 32 | - sessionKey | ||
| 33 | - }; | ||
| 34 | - } | 25 | + // session 没有读取到的时候,从 cookie 读取 UID |
| 26 | + if (!req.user.uid && req.cookies._UID) { | ||
| 27 | + let sessionKey = req.cookies._SESSION_KEY && | ||
| 28 | + authcode(req.cookies._SESSION_KEY, '_SESSION_KEY', 2592000000); | ||
| 35 | 29 | ||
| 30 | + // 调用接口传参时切勿使用toString获得字符串 | ||
| 31 | + req.user.uid = { | ||
| 32 | + toString: () => { | ||
| 33 | + return _.parseInt(cookie.getUid(req)); | ||
| 34 | + }, | ||
| 35 | + sessionKey | ||
| 36 | + }; | ||
| 37 | + } | ||
| 38 | + } | ||
| 36 | if (!req.user.uid && | 39 | if (!req.user.uid && |
| 37 | req.cookies.app_uid && | 40 | req.cookies.app_uid && |
| 38 | req.cookies.app_uid !== '0' && | 41 | req.cookies.app_uid !== '0' && |
-
Please register or login to post a comment