Authored by 郭成尧

yoho-ip

... ... @@ -10,10 +10,12 @@ const passport = require('passport');
// const md5 = require('yoho-md5');
const uuid = require('uuid');
const co = Promise.coroutine;
const cookie = global.yoho.cookie;
const helpers = global.yoho.helpers;
const log = global.yoho.logger;
const config = global.yoho.config;
const cache = global.yoho.cache.master;
const utils = require(global.utils);
const RegService = require('../models/reg-service');
const AuthHelper = require('../models/auth-helper');
... ... @@ -122,21 +124,10 @@ const local = {
req.session.captchaValidCount = 5;
}
// 先清除cookie
// res.clearCookie('LE' + md5('_LOGIN_EXPIRE'), {
// domain: 'yohobuy.com'
// });
// 设置登录有效时间30分钟, 防机器刷,cache不稳定,改为cookie
// res.cookie('LE' + md5('_LOGIN_EXPIRE'), (new Date()).getTime() / 1000 + 1800);
// 170406 账户密码方式登录可以选择是否开启验证码,默认开关是关闭状态,此时开启验证码,开关开启,无需验证
let captchaShow = _.get(req.app.locals.wap, 'close.loginValidation', false);
res.render('login', {
width750: true,
loginIndex: true, // 模板中使用JS的标识
captchaShow: !captchaShow, // 170306 因为暴力破解密码问题,要求每次都展示验证码
captchaShow: req.yoho.captchaShow,
backUrl: 'javascript:history.go(-1)', // eslint-disable-line
showHeaderImg: true, // 控制显示头部图片
isPassportPage: true, // 模板中模块标识
... ... @@ -166,22 +157,11 @@ const local = {
req.session.captchaValidCount = 5;
}
// 先清除cookie
// res.clearCookie('LE' + md5('_LOGIN_EXPIRE'), {
// domain: 'yohobuy.com'
// });
// 设置登录有效时间30分钟, 防机器刷,cache不稳定,改为cookie
// res.cookie('LE' + md5('_LOGIN_EXPIRE'), (new Date()).getTime() / 1000 + 1800);
// 170406 账户密码方式登录可以选择是否开启验证码,默认开关是关闭状态,此时开启验证码,开关开启,无需验证
let captchaShow = _.get(req.app.locals.wap, 'close.loginValidation', false);
res.render('international', {
width750: true,
backUrl: 'javascript:history.go(-1)', // eslint-disable-line
loginInternational: true, // 模板中使用JS的标识
captchaShow: !captchaShow, // 170306 因为暴力破解密码问题,要求每次都展示验证码
captchaShow: req.yoho.captchaShow,
isPassportPage: true, // 模板中模块标识
headerText: '登录',
areaCode: '+86', // 默认区号
... ... @@ -411,7 +391,27 @@ exports.user = function(req, res, next) {
* 根据用户登录是否成功决定是否展示验证码
*/
exports.loginShowCaptchaByIp = function(req, res, next) {
// 总开关状态
req.yoho.captchaShow = !_.get(req.app.locals.wap, 'close.loginValidation', false);
// 开关打开,不走任何验证逻辑
if (!req.yoho.captchaShow) {
return next();
}
co(function*() {
let hasErrorLog = yield cache.getAsync(`loginErrorIp:${req.yoho.clientIp}`);
log.info(`clientip ${req.yoho.clientIp} status is ` + cache.get(`loginErrorIp:${req.yoho.clientIp}`));
if (hasErrorLog) {
req.yoho.captchaShow = true;
}
next();
})().catch(function(e) {
req.yoho.captchaShow = true;
next();
});
};
exports.common = common;
... ...
... ... @@ -7,6 +7,8 @@
'use strict';
const _ = require('lodash');
const config = global.yoho.config;
const co = Promise.coroutine;
const cache = global.yoho.cache.master;
const geetest = require('./geetest');
const captcha = require('./captcha');
... ... @@ -20,8 +22,28 @@ const check = (req, res, next) => {
return next();
}
// 170406 采用账号密码方式登录验证码可以配置关闭,默认开关是关闭状态,这时需要验证,开关开启,无需验证
if (_.get(req.app.locals.wap, 'close.loginValidation', false) && req.path === '/passport/login/auth') {
// 默认取配置总开关来决定是否展示验证码
req.yoho.captchaShow = _.get(req.app.locals.wap, 'close.loginValidation', false);
co(function* () {
// 如果是账号密码登录,那么需要检查是否登录失败过,登录失败过展示验证码
if (req.path === '/passport/login/auth') {
let hasErrorLog = yield cache.getAsync(`loginErrorIp:${req.yoho.clientIp}`);
if (hasErrorLog) {
req.yoho.captchaShow = true;
}
}
return req.yoho.captchaShow;
})().catch(function() {
// memcache 不可用,展示验证码
req.yoho.captchaShow = true;
return req.yoho.captchaShow;
}).then(function() {
// 不是账号密码登录,直接根据配置总开关决定是否需要展示验证码
if (!req.yoho.captchaShow) {
return next();
}
... ... @@ -34,6 +56,7 @@ const check = (req, res, next) => {
}
return (useGeetest ? geetest : captcha).validate(req, res, next);
});
};
/**
... ...