移除防御性逻辑到中间件

陈轩
Commit add2719cdede4be9d8b58ce0436c25e158c8ff0b 1 parent 6843a353
Showing 2 changed files with 33 additions and 15 deletions
apps/passport/controllers/sms.js
apps/passport/router.js
--- a/apps/passport/controllers/sms.js
View file @add2719
+++ b/apps/passport/controllers/sms.js
View file @add2719
@@ -98,8 +98,10 @@ exports.loginPage = (req, res, next) => {
     }
 };
 
- // AJAX 获取验证码
- exports.token = (req, res, next) => {
+ exports.tokenBefore = (req, res, next) => {
+     let area = req.query.area = (req.query.area || '').trim();
+     let mobile = req.query.mobile = (req.query.mobile || '').trim();
+ 
     if (!req.xhr) {
         return next(404);
     }
@@ -111,16 +113,22 @@ exports.token = (req, res, next) => {
         });
     }
 
-     let area = (req.query.area || '').trim();
-     let mobile = (req.query.mobile || '').trim();
 
-     if ([area, mobile].some(val=> val === '')) {
+     if ([area, mobile].some(val => val === '')) {
         return res.json({
             code: 401,
             message: '请求参数，无法处理'
         });
     }
 
+     next();
+ };
+ 
+ // AJAX 获取验证码
+ exports.token = (req, res, next) => {
+     let mobile = req.query.area;
+     let area = req.query.mobile;
+ 
     PhoneService.sendSMS(mobile, area, 1).then(result => {
         if (result.code === 200) {
             req.session.smsLogin = {
@@ -139,25 +147,31 @@ exports.token = (req, res, next) => {
     });
 };
 
+ exports.checkBefore = (req, res, next) => {
+     let code = req.query.code = (req.query.code || '').trim();
 
- // AJAX 校验验证码 in step2
- exports.check = (req, res, next) => {
     if (!req.xhr && req.session.smsLoginStep !== 2) {
         return next(404);
     }
 
-     let code = (req.query.code || '').trim();
-     const mobile = req.session.smsLogin.mobile;
-     const area = req.session.smsLogin.area;
-     const shopping_key = cookie.getShoppingKey(req); // eslint-disable-line
- 
     if (!code) {
-         res.json({
+         return res.json({
             code: 404,
             message: CODE_REQUIRED
         });
     }
 
+     next();
+ };
+ 
+ // AJAX 校验验证码 in step2
+ exports.check = (req, res, next) => {
+     const code = req.query.code;
+     const mobile = req.session.smsLogin.mobile;
+     const area = req.session.smsLogin.area;
+     const shopping_key = cookie.getShoppingKey(req); // eslint-disable-line
+ 
+ 
     Promise.all([
         PhoneService.checkUserPhoneExist(mobile, area),
         PhoneService.verifySMS(mobile, area, code, 1)
--- a/apps/passport/router.js
View file @add2719
+++ b/apps/passport/router.js
View file @add2719
@@ -37,8 +37,12 @@ router.post('/passport/login/auth', login.local.login);
 // SMS 短信
 router.use('/passport/sms_login', login.common.beforeLogin, smsLogin.beforeIn);
 router.get('/passport/sms_login', smsLogin.loginPage);
- router.get('/passport/sms_login/token.json', smsLogin.token); // only ajax;
- router.get('/passport/sms_login/check.json', smsLogin.check); // only ajax
+ router.get('/passport/sms_login/token.json',
+     smsLogin.tokenBefore,
+     smsLogin.token); // only ajax;
+ router.get('/passport/sms_login/check.json',
+     smsLogin.checkBefore,
+     smsLogin.check); // only ajax
 router.post('/passport/sms_login/password.json', smsLogin.password);
 
 // 微信登录