fe / yohobuywap-node · Commits

Go to a project

Authored by 陈峰
Commit 8372592135ecb05da9506adcc84144c05c56b90b 2 parents 023fa3e2 2fa6ae1c

Merge branch 'feature/session' into 'release/5.5.1' 

sessionkey问题



See merge request !414
Inline Side-by-side
Showing 9 changed files with 48 additions and 68 deletions
@@ -108,7 +108,10 @@ app.use(cookieSession({ @@ -108,7 +108,10 @@ app.use(cookieSession({
108 requestKey: 'session2', 108 requestKey: 'session2',
109 cookieName: 'yohobuy_session_cookie', 109 cookieName: 'yohobuy_session_cookie',
110 secret: '82dd7e724f2c6870472c89dfa43cf48d', 110 secret: '82dd7e724f2c6870472c89dfa43cf48d',
111 - domain: 'yohobuy.com' 111 + cookie: {
  112 + domain: 'yohobuy.com',
  113 + ephemeral: true
  114 + }
112 })); 115 }));
113 116
114 app.use((req, res, next) => { 117 app.use((req, res, next) => {
@@ -31,7 +31,7 @@ let _renderData = { @@ -31,7 +31,7 @@ let _renderData = {
31 let _channelPage = (req, res, data) => { 31 let _channelPage = (req, res, data) => {
32 return channelModel.getChannelData({ 32 return channelModel.getChannelData({
33 gender: data.gender, 33 gender: data.gender,
34 - uid: _.toString(req.user.uid), 34 + uid: req.user.uid,
35 limit: 6// 首屏先获取前6个楼层,其余用ajax获取 35 limit: 6// 首屏先获取前6个楼层,其余用ajax获取
36 }).then(result => { 36 }).then(result => {
37 _renderData.homeHeader.defaultTerms = result.defaultTerms; 37 _renderData.homeHeader.defaultTerms = result.defaultTerms;
@@ -75,7 +75,7 @@ let getResourceContent = (req, res, next) => { @@ -75,7 +75,7 @@ let getResourceContent = (req, res, next) => {
75 75
76 return channelModel.getChannelResource({ 76 return channelModel.getChannelResource({
77 gender: req.query.gender, 77 gender: req.query.gender,
78 - uid: _.toString(req.user.uid), 78 + uid: req.user.uid,
79 }).then(result => { 79 }).then(result => {
80 80
81 if (result.length) { 81 if (result.length) {
@@ -49,7 +49,6 @@ const _repaymentList = (req, res, opt, params) => { @@ -49,7 +49,6 @@ const _repaymentList = (req, res, opt, params) => {
49 49
50 // 开通分期首页 50 // 开通分期首页
51 const index = (req, res) => { 51 const index = (req, res) => {
52 - console.log(req.query.session_key);  
53 let uid = req.user.uid; 52 let uid = req.user.uid;
54 53
55 Promise.all([ 54 Promise.all([
@@ -736,8 +735,9 @@ const setMasterCard = (req, res) => { @@ -736,8 +735,9 @@ const setMasterCard = (req, res) => {
736 }; 735 };
737 736
738 const sessionKeyAuth = (req, res, next) => { 737 const sessionKeyAuth = (req, res, next) => {
739 - let uid = req.query.uid || req.cookies.installmentUid;  
740 - let sessionKey = req.query.session_key || req.session.SESSION_KEY; 738 + let uid = req.query.uid || req.cookies.installmentUid || req.user.uid.toString() || '';
  739 + let sessionKey = req.query.session_key ||
  740 + req.session.SESSION_KEY || req.user.uid && req.user.uid.sessionKey || '';
741 741
742 if (sessionKey && !req.session.SESSION_KEY) { 742 if (sessionKey && !req.session.SESSION_KEY) {
743 req.session.SESSION_KEY = uid.sessionKey; 743 req.session.SESSION_KEY = uid.sessionKey;
@@ -76,7 +76,27 @@ const common = { @@ -76,7 +76,27 @@ const common = {
76 domain: 'yohobuy.com' 76 domain: 'yohobuy.com'
77 }); 77 });
78 next(); 78 next();
  79 + },
  80 + clearCookie: (req, res, next) => {
  81 + res.clearCookie('_SESSION_KEY', {
  82 + domain: 'yohobuy.com'
  83 + });
  84 + res.clearCookie('_UID', {
  85 + domain: 'yohobuy.com'
  86 + });
  87 + res.clearCookie('_TOKEN', {
  88 + domain: 'yohobuy.com'
  89 + });
  90 + if (req.session2 && req.session2.reset) {
  91 + req.session2.reset();
  92 + }
  93 + if (req.session && req.session.regenerate) {
  94 + return req.session.regenerate(() => {
  95 + return next();
  96 + });
  97 + }
79 } 98 }
  99 +
80 }; 100 };
81 101
82 102
@@ -100,20 +120,6 @@ const local = { @@ -100,20 +120,6 @@ const local = {
100 // 设置登录有效时间30分钟, 防机器刷,cache不稳定,改为cookie 120 // 设置登录有效时间30分钟, 防机器刷,cache不稳定,改为cookie
101 // res.cookie('LE' + md5('_LOGIN_EXPIRE'), (new Date()).getTime() / 1000 + 1800); 121 // res.cookie('LE' + md5('_LOGIN_EXPIRE'), (new Date()).getTime() / 1000 + 1800);
102 122
103 - // 清除cookie  
104 - if (req.session && req.session.destroy) {  
105 - req.session.destroy();  
106 - }  
107 - if (req.session2 && req.session2.reset) {  
108 - req.session2.reset();  
109 - }  
110 -  
111 - res.clearCookie('_UID', {  
112 - domain: 'yohobuy.com'  
113 - });  
114 - res.clearCookie('_TOKEN', {  
115 - domain: 'yohobuy.com'  
116 - });  
117 123
118 res.render('login', { 124 res.render('login', {
119 width750: true, 125 width750: true,
@@ -162,20 +168,7 @@ const local = { @@ -162,20 +168,7 @@ const local = {
162 // 设置登录有效时间30分钟, 防机器刷,cache不稳定,改为cookie 168 // 设置登录有效时间30分钟, 防机器刷,cache不稳定,改为cookie
163 // res.cookie('LE' + md5('_LOGIN_EXPIRE'), (new Date()).getTime() / 1000 + 1800); 169 // res.cookie('LE' + md5('_LOGIN_EXPIRE'), (new Date()).getTime() / 1000 + 1800);
164 170
165 - // 清除cookie  
166 - if (req.session && req.session.destroy) {  
167 - req.session.destroy();  
168 - }  
169 - if (req.session2 && req.session2.reset) {  
170 - req.session2.reset();  
171 - }  
172 171
173 - res.clearCookie('_UID', {  
174 - domain: 'yohobuy.com'  
175 - });  
176 - res.clearCookie('_TOKEN', {  
177 - domain: 'yohobuy.com'  
178 - });  
179 172
180 res.render('international', { 173 res.render('international', {
181 width750: true, 174 width750: true,
@@ -286,19 +279,6 @@ const local = { @@ -286,19 +279,6 @@ const local = {
286 })(req, res, next); 279 })(req, res, next);
287 }, 280 },
288 logout: (req, res) => { 281 logout: (req, res) => {
289 - if (req.session && req.session.destroy) {  
290 - req.session.destroy();  
291 - }  
292 - if (req.session2 && req.session2.reset) {  
293 - req.session2.reset();  
294 - }  
295 -  
296 - res.clearCookie('_UID', {  
297 - domain: 'yohobuy.com'  
298 - });  
299 - res.clearCookie('_TOKEN', {  
300 - domain: 'yohobuy.com'  
301 - });  
302 res.clearCookie('_SPK'); 282 res.clearCookie('_SPK');
303 let refer = req.get('Referer') || config.siteUrl; 283 let refer = req.get('Referer') || config.siteUrl;
304 284
@@ -124,7 +124,6 @@ exports.loginPage = (req, res, next) => { @@ -124,7 +124,6 @@ exports.loginPage = (req, res, next) => {
124 if (step === 3 && smsLoginStep !== 3) { 124 if (step === 3 && smsLoginStep !== 3) {
125 return res.redirect(req.path); 125 return res.redirect(req.path);
126 } 126 }
127 -  
128 switch (step) { 127 switch (step) {
129 case 2: 128 case 2:
130 _step2(req, res, next); 129 _step2(req, res, next);
@@ -7,19 +7,18 @@ @@ -7,19 +7,18 @@
7 'use strict'; 7 'use strict';
8 8
9 const express = require('express'); 9 const express = require('express');
10 -const cRoot = './controllers';  
11 -const login = require(cRoot + '/login');  
12 -const back = require(cRoot + '/back');  
13 -const bind = require(cRoot + '/bind');  
14 -const reg = require(cRoot + '/reg'); 10 +const login = require('./controllers/login');
  11 +const back = require('./controllers/back');
  12 +const bind = require('./controllers/bind');
  13 +const reg = require('./controllers/reg');
15 14
16 const disableBFCahce = require('../../doraemon/middleware/disable-BFCache'); 15 const disableBFCahce = require('../../doraemon/middleware/disable-BFCache');
17 16
18 -const smsLogin = require(cRoot + '/sms');  
19 -const update = require(cRoot + '/update');  
20 -const agreement = require(cRoot + '/app-agreement'); 17 +const smsLogin = require('./controllers/sms');
  18 +const update = require('./controllers/update');
  19 +const agreement = require('./controllers/app-agreement');
21 20
22 -const geetest = require(cRoot + '/geetest'); 21 +const geetest = require('./controllers/geetest');
23 22
24 const router = express.Router(); // eslint-disable-line 23 const router = express.Router(); // eslint-disable-line
25 24
@@ -27,25 +26,25 @@ const router = express.Router(); // eslint-disable-line @@ -27,25 +26,25 @@ const router = express.Router(); // eslint-disable-line
27 router.get('/passport/geetest/register', geetest.register); 26 router.get('/passport/geetest/register', geetest.register);
28 27
29 // 兼容老的路由 28 // 兼容老的路由
30 -router.get('/signin.html', login.common.beforeLogin, smsLogin.loginPage); 29 +router.get('/signin.html', login.common.beforeLogin, login.common.clearCookie, smsLogin.loginPage);
31 router.get('/reg.html', disableBFCahce, reg.index); 30 router.get('/reg.html', disableBFCahce, reg.index);
32 -router.get('/login.html', login.common.beforeLogin, login.local.international); 31 +router.get('/login.html', login.common.beforeLogin, login.common.clearCookie, login.local.international);
33 router.get('/phoneback.html', back.indexMobilePage); 32 router.get('/phoneback.html', back.indexMobilePage);
34 router.get('/emailback.html', back.indexEmailPage); 33 router.get('/emailback.html', back.indexEmailPage);
35 34
36 // 登出 35 // 登出
37 -router.get('/passport/signout/index', login.local.logout); 36 +router.get('/passport/signout/index', login.common.clearCookie, login.local.logout);
38 37
39 // 登录页面 38 // 登录页面
40 -router.get('/passport/login', login.common.beforeLogin, login.local.loginPage);  
41 -router.get('/passport/international', login.common.beforeLogin, login.local.international); 39 +router.get('/passport/login', login.common.beforeLogin, login.common.clearCookie, login.local.loginPage);
  40 +router.get('/passport/international', login.common.beforeLogin, login.common.clearCookie, login.local.international);
42 41
43 // 本地登录 42 // 本地登录
44 router.post('/passport/login/auth', geetest.validate, login.local.login); 43 router.post('/passport/login/auth', geetest.validate, login.local.login);
45 44
46 // SMS 短信 45 // SMS 短信
47 router.use('/passport/sms_login', login.common.beforeLogin, smsLogin.beforeIn); 46 router.use('/passport/sms_login', login.common.beforeLogin, smsLogin.beforeIn);
48 -router.get('/passport/sms_login', smsLogin.loginPage); 47 +router.get('/passport/sms_login', login.common.clearCookie, smsLogin.loginPage);
49 router.post('/passport/sms_login/step1_check', smsLogin.indexCheck); 48 router.post('/passport/sms_login/step1_check', smsLogin.indexCheck);
50 router.get('/passport/sms_login/token.json', 49 router.get('/passport/sms_login/token.json',
51 smsLogin.tokenBefore, 50 smsLogin.tokenBefore,
@@ -137,7 +136,7 @@ router.get('/passport/yohobuy', agreement.aboutYoho);// 关于有货 @@ -137,7 +136,7 @@ router.get('/passport/yohobuy', agreement.aboutYoho);// 关于有货
137 router.get('/passport/agreement', agreement.agreement);// 服务条款 136 router.get('/passport/agreement', agreement.agreement);// 服务条款
138 137
139 // 验证码 138 // 验证码
140 -let captcha = require(`${cRoot}/captcha`); 139 +let captcha = require('./controllers/captcha');
141 140
142 router.get('/passport/captcha/get', captcha.get); 141 router.get('/passport/captcha/get', captcha.get);
143 router.get('/passport/img-check.jpg', captcha.imgCheck); 142 router.get('/passport/img-check.jpg', captcha.imgCheck);
@@ -2,14 +2,13 @@ @@ -2,14 +2,13 @@
2 2
3 const _ = require('lodash'); 3 const _ = require('lodash');
4 const cookie = global.yoho.cookie; 4 const cookie = global.yoho.cookie;
5 -const crypto = global.yoho.crypto;  
6 const authcode = require('../../utils/authcode'); 5 const authcode = require('../../utils/authcode');
7 6
8 module.exports = () => { 7 module.exports = () => {
9 return (req, res, next) => { 8 return (req, res, next) => {
10 // 从 SESSION 中获取到当前登录用户的 UID 9 // 从 SESSION 中获取到当前登录用户的 UID
11 if (req.session && _.isNumber(req.session.LOGIN_UID)) { 10 if (req.session && _.isNumber(req.session.LOGIN_UID)) {
12 - // 不要使用 === 判断uid的值,如果需要判断使用 == 11 + // 调用接口传参时切勿使用toString获得字符串
13 req.user.uid = { 12 req.user.uid = {
14 toString: () => { 13 toString: () => {
15 return req.session.LOGIN_UID; 14 return req.session.LOGIN_UID;
@@ -23,9 +22,9 @@ module.exports = () => { @@ -23,9 +22,9 @@ module.exports = () => {
23 22
24 // session 没有读取到的时候,从 cookie 读取 UID 23 // session 没有读取到的时候,从 cookie 读取 UID
25 if (!req.user.uid && req.cookies._UID) { 24 if (!req.user.uid && req.cookies._UID) {
26 - // 不要使用 === 判断uid的值,如果需要判断使用 ==  
27 let sessionKey = req.cookies._SESSION_KEY && authcode(req.cookies._SESSION_KEY, '_SESSION_KEY', 2592000000); 25 let sessionKey = req.cookies._SESSION_KEY && authcode(req.cookies._SESSION_KEY, '_SESSION_KEY', 2592000000);
28 26
  27 + // 调用接口传参时切勿使用toString获得字符串
29 req.user.uid = { 28 req.user.uid = {
30 toString: () => { 29 toString: () => {
31 return cookie.getUid(req); 30 return cookie.getUid(req);
@@ -51,7 +51,7 @@ @@ -51,7 +51,7 @@
51 "uuid": "^3.0.1", 51 "uuid": "^3.0.1",
52 "xml2js": "^0.4.17", 52 "xml2js": "^0.4.17",
53 "yoho-express-session": "^2.0.0", 53 "yoho-express-session": "^2.0.0",
54 - "yoho-node-lib": "=0.2.10", 54 + "yoho-node-lib": "=0.2.11",
55 "yoho-zookeeper": "^1.0.8" 55 "yoho-zookeeper": "^1.0.8"
56 }, 56 },
57 "devDependencies": { 57 "devDependencies": {
@@ -162,7 +162,7 @@ class ChosePanel { @@ -162,7 +162,7 @@ class ChosePanel {
162 $yohoPage.on('touchstart', '.btn-plus,.btn-minus', (e) => { 162 $yohoPage.on('touchstart', '.btn-plus,.btn-minus', (e) => {
163 this._numClick(e); 163 this._numClick(e);
164 }); 164 });
165 - $yohoPage.on('touchstart', '.thumb', (e) => { 165 + $yohoPage.on('touchstart', '.thumb-img .thumb', (e) => {
166 this._thumbClick(e); 166 this._thumbClick(e);
167 }); 167 });
168 $yohoPage.on('touchstart', '#chose-btn-sure', (e) => { 168 $yohoPage.on('touchstart', '#chose-btn-sure', (e) => {