yoho-ip

郭成尧
Commit b5e03dde9f0ee494b77d1ac7d20c92007d580ce5 1 parent b0ac6b29
Showing 2 changed files with 59 additions and 36 deletions
apps/passport/controllers/login.js
apps/passport/controllers/validateCode.js
--- a/apps/passport/controllers/login.js
View file @b5e03dd
+++ b/apps/passport/controllers/login.js
View file @b5e03dd
@@ -10,10 +10,12 @@ const passport = require('passport');
 
 // const md5 = require('yoho-md5');
 const uuid = require('uuid');
+ const co = Promise.coroutine;
 const cookie = global.yoho.cookie;
 const helpers = global.yoho.helpers;
 const log = global.yoho.logger;
 const config = global.yoho.config;
+ const cache = global.yoho.cache.master;
 const utils = require(global.utils);
 const RegService = require('../models/reg-service');
 const AuthHelper = require('../models/auth-helper');
@@ -122,21 +124,10 @@ const local = {
             req.session.captchaValidCount = 5;
         }
 
-         // 先清除cookie
-         // res.clearCookie('LE' + md5('_LOGIN_EXPIRE'), {
-         //     domain: 'yohobuy.com'
-         // });
- 
-         // 设置登录有效时间30分钟, 防机器刷，cache不稳定，改为cookie
-         // res.cookie('LE' + md5('_LOGIN_EXPIRE'), (new Date()).getTime() / 1000 + 1800);
- 
-         // 170406 账户密码方式登录可以选择是否开启验证码，默认开关是关闭状态，此时开启验证码，开关开启，无需验证
-         let captchaShow = _.get(req.app.locals.wap, 'close.loginValidation', false);
- 
         res.render('login', {
             width750: true,
             loginIndex: true, // 模板中使用JS的标识
-             captchaShow: !captchaShow, // 170306 因为暴力破解密码问题，要求每次都展示验证码
+             captchaShow: req.yoho.captchaShow,
             backUrl: 'javascript:history.go(-1)', // eslint-disable-line
             showHeaderImg: true, // 控制显示头部图片
             isPassportPage: true, // 模板中模块标识
@@ -166,22 +157,11 @@ const local = {
             req.session.captchaValidCount = 5;
         }
 
-         // 先清除cookie
-         // res.clearCookie('LE' + md5('_LOGIN_EXPIRE'), {
-         //     domain: 'yohobuy.com'
-         // });
- 
-         // 设置登录有效时间30分钟, 防机器刷，cache不稳定，改为cookie
-         // res.cookie('LE' + md5('_LOGIN_EXPIRE'), (new Date()).getTime() / 1000 + 1800);
- 
-         // 170406 账户密码方式登录可以选择是否开启验证码，默认开关是关闭状态，此时开启验证码，开关开启，无需验证
-         let captchaShow = _.get(req.app.locals.wap, 'close.loginValidation', false);
- 
         res.render('international', {
             width750: true,
             backUrl: 'javascript:history.go(-1)', // eslint-disable-line
             loginInternational: true, // 模板中使用JS的标识
-             captchaShow: !captchaShow, // 170306 因为暴力破解密码问题，要求每次都展示验证码
+             captchaShow: req.yoho.captchaShow,
             isPassportPage: true, // 模板中模块标识
             headerText: '登录',
             areaCode: '+86', // 默认区号
@@ -411,7 +391,27 @@ exports.user = function(req, res, next) {
  * 根据用户登录是否成功决定是否展示验证码
  */
 exports.loginShowCaptchaByIp = function(req, res, next) {
-     return next();
+     // 总开关状态
+     req.yoho.captchaShow = !_.get(req.app.locals.wap, 'close.loginValidation', false);
+ 
+     // 开关打开，不走任何验证逻辑
+     if (!req.yoho.captchaShow) {
+         return next();
+     }
+ 
+     co(function*() {
+         let hasErrorLog = yield cache.getAsync(`loginErrorIp:${req.yoho.clientIp}`);
+ 
+         log.info(`clientip ${req.yoho.clientIp} status is ` + cache.get(`loginErrorIp:${req.yoho.clientIp}`));
+ 
+         if (hasErrorLog) {
+             req.yoho.captchaShow = true;
+         }
+         next();
+     })().catch(function(e) {
+         req.yoho.captchaShow = true;
+         next();
+     });
 };
 
 exports.common = common;
--- a/apps/passport/controllers/validateCode.js
View file @b5e03dd
+++ b/apps/passport/controllers/validateCode.js
View file @b5e03dd
@@ -7,6 +7,8 @@
 'use strict';
 const _ = require('lodash');
 const config = global.yoho.config;
+ const co = Promise.coroutine;
+ const cache = global.yoho.cache.master;
 const geetest = require('./geetest');
 const captcha = require('./captcha');
 
@@ -20,20 +22,41 @@ const check = (req, res, next) => {
         return next();
     }
 
-     // 170406 采用账号密码方式登录验证码可以配置关闭，默认开关是关闭状态，这时需要验证，开关开启，无需验证
-     if (_.get(req.app.locals.wap, 'close.loginValidation', false) && req.path === '/passport/login/auth') {
-         return next();
-     }
+     // 默认取配置总开关来决定是否展示验证码
+     req.yoho.captchaShow = _.get(req.app.locals.wap, 'close.loginValidation', false);
 
-     // 使用极验证
-     let useGeetest = !_.get(req.app.locals.wap, 'geetest.validation', false);
+     co(function* () {
 
-     // 某次请求极验证调用注册失败，强制使用自有图形验证码
-     if (req.session.useYohoCaptcha) {
-         useGeetest = false;
-     }
+         // 如果是账号密码登录，那么需要检查是否登录失败过，登录失败过展示验证码
+         if (req.path === '/passport/login/auth') {
+             let hasErrorLog = yield cache.getAsync(`loginErrorIp:${req.yoho.clientIp}`);
+ 
+             if (hasErrorLog) {
+                 req.yoho.captchaShow = true;
+             }
+         }
+ 
+         return req.yoho.captchaShow;
+     })().catch(function() {
+         // memcache 不可用，展示验证码
+         req.yoho.captchaShow = true;
+         return req.yoho.captchaShow;
+     }).then(function() {
+         // 不是账号密码登录，直接根据配置总开关决定是否需要展示验证码
+         if (!req.yoho.captchaShow) {
+             return next();
+         }
+ 
+         // 使用极验证
+         let useGeetest = !_.get(req.app.locals.wap, 'geetest.validation', false);
+ 
+         // 某次请求极验证调用注册失败，强制使用自有图形验证码
+         if (req.session.useYohoCaptcha) {
+             useGeetest = false;
+         }
 
-     return (useGeetest ? geetest : captcha).validate(req, res, next);
+         return (useGeetest ? geetest : captcha).validate(req, res, next);
+     });
 };
 
 /**