Merge branch 'hotfix/smslogin-improve' into release/5.2

陈轩
Commit a6e161c3c60e0226aea65bc93dd4343345326ba6 2 parents b8992172 fe5e0afd
Showing 1 changed file with 7 additions and 5 deletions
apps/passport/controllers/sms.js
--- a/apps/passport/controllers/sms.js
View file @a6e161c
+++ b/apps/passport/controllers/sms.js
View file @a6e161c
@@ -121,23 +121,25 @@ exports.tokenBefore = (req, res, next) => {
     let step = _.get(req.session, 'smsLogin.step');
     let count = _.get(req.session, 'smsLogin.count');
     let interval = _.get(req.session, 'smsLogin.interval');
+     let captcha1 = _.get(req.session, 'smsLogin.captcha');
+     let captcha2 = (req.query.captcha || '').trim();
 
-     if (!req.xhr && !req.session.smsLogin) {
+ 
+     if (!req.xhr && !captcha1) {
         return next(404);
     }
 
-     if ([area, mobile].some(val => val === '')) {
+     if ([area, mobile, captcha2].some(val => val === '')) {
         return res.json({
             code: 401,
             message: '请求参数，无法处理'
         });
     }
 
+     delete req.session.smsLogin.captcha; // 图形验证码 一次性
+ 
     // step1 要 校验图形验证码
     if (step === 1) {
-         let captcha1 = _.get(req.session, 'smsLogin.captcha');
-         let captcha2 = (req.query.captcha || '').trim();
- 
         if (captcha1 !== captcha2) {
             return res.json({
                 code: 400,