...
|
...
|
@@ -8,8 +8,9 @@ |
|
|
const _ = require('lodash');
|
|
|
const passport = require('passport');
|
|
|
|
|
|
// const md5 = require('yoho-md5');
|
|
|
const uuid = require('uuid');
|
|
|
const url = require('url');
|
|
|
const moment = require('moment');
|
|
|
const co = Promise.coroutine;
|
|
|
const cookie = global.yoho.cookie;
|
|
|
const helpers = global.yoho.helpers;
|
...
|
...
|
@@ -19,6 +20,8 @@ const cache = global.yoho.cache; |
|
|
const utils = require(global.utils);
|
|
|
const RegService = require('../models/reg-service');
|
|
|
const AuthHelper = require('../models/auth-helper');
|
|
|
const thirdAccount = require('../data/third-account.json');
|
|
|
const auth = require('../models/auth-helper');
|
|
|
|
|
|
const loginPage = `${config.siteUrl}/signin.html`;
|
|
|
|
...
|
...
|
@@ -50,8 +53,9 @@ function doPassportCallback(openId, nickname, sourceType, req, res) { |
|
|
refer: refer
|
|
|
});
|
|
|
} else if (result.code === 200 && result.data.uid) {
|
|
|
return AuthHelper.syncUserSession(result.data.uid, req, res, result.data.session_key).then(() => {
|
|
|
return refer;
|
|
|
return AuthHelper.syncUserSession(result.data.uid, req, res, result.data.session_key)
|
|
|
.then((authData) => {
|
|
|
return _.get(authData, 'refer') || refer;
|
|
|
});
|
|
|
}
|
|
|
}).then((redirectTo) => {
|
...
|
...
|
@@ -63,6 +67,73 @@ function doPassportCallback(openId, nickname, sourceType, req, res) { |
|
|
}
|
|
|
|
|
|
const common = {
|
|
|
// 第三方登录有货逻辑
|
|
|
thirdLogin(req, res, next) {
|
|
|
let refer = req.get('referer');
|
|
|
let thirdRefer = req.cookies.third_refer;
|
|
|
|
|
|
if (thirdRefer && !/signin|login|passport\/international/.test(refer)) {
|
|
|
res.clearCookie('third_refer', {
|
|
|
domain: 'yohobuy.com'
|
|
|
});
|
|
|
}
|
|
|
|
|
|
// TODO 记录token并验证有效期或者实现oauth
|
|
|
if (req.query.yh_type &&
|
|
|
req.query.yh_sign &&
|
|
|
req.query.yh_time &&
|
|
|
req.query.yh_backurl) {
|
|
|
let reqTime = moment(req.query.yh_time);
|
|
|
let timeDiff = moment().diff(reqTime);
|
|
|
|
|
|
if (!reqTime.isValid() ||
|
|
|
timeDiff >= 1000 * 60 * 5 || // 如果服务器之间大于5分钟验证失败
|
|
|
timeDiff < 0) {
|
|
|
|
|
|
return res.json({
|
|
|
code: 401,
|
|
|
message: 'yh_time已过期或者格式错误'
|
|
|
});
|
|
|
}
|
|
|
let account = thirdAccount[req.query.yh_type];
|
|
|
|
|
|
if (!account) {
|
|
|
return res.json({
|
|
|
code: 401,
|
|
|
message: 'yh_type验证失败'
|
|
|
});
|
|
|
}
|
|
|
let backurl = url.parse(req.query.yh_backurl);
|
|
|
let regDomain = new RegExp(`${account.domain.replace(/\./g, '\\.')}$`);
|
|
|
|
|
|
if (!regDomain.test(backurl.host || '')) {
|
|
|
return res.json({
|
|
|
code: 401,
|
|
|
message: 'yh_backurl回调域名验证失败'
|
|
|
});
|
|
|
}
|
|
|
let signStr = auth.thirdSign(req.query, account.clientSecret);
|
|
|
|
|
|
if (signStr.toLowerCase() !== req.query.yh_sign.toLowerCase()) {
|
|
|
return res.json({
|
|
|
code: 401,
|
|
|
message: 'yh_sign签名验证错误'
|
|
|
});
|
|
|
}
|
|
|
res.cookie('third_refer', refer, {
|
|
|
domain: 'yohobuy.com'
|
|
|
});
|
|
|
res.cookie('third_type', req.query.yh_type, {
|
|
|
domain: 'yohobuy.com'
|
|
|
});
|
|
|
res.cookie('third_backurl', req.query.yh_backurl, {
|
|
|
domain: 'yohobuy.com'
|
|
|
});
|
|
|
|
|
|
req.query.from = req.query.yh_type;
|
|
|
}
|
|
|
next();
|
|
|
},
|
|
|
beforeLogin: (req, res, next) => {
|
|
|
if (req.session.passwordWeak) {
|
|
|
return res.redirect('/passport/password/resetpage');
|
...
|
...
|
@@ -297,10 +368,11 @@ const local = { |
|
|
return res.json(passwordWeakReturn);
|
|
|
}
|
|
|
|
|
|
AuthHelper.syncUserSession(user.uid, req, res, user.session_key).then(() => {
|
|
|
AuthHelper.syncUserSession(user.uid, req, res, user.session_key).then((authData) => {
|
|
|
if (user.weakPassword) {
|
|
|
return res.json(passwordWeakReturn);
|
|
|
} else {
|
|
|
user.href = _.get(authData, 'refer', user.href);
|
|
|
res.json({
|
|
|
code: 200,
|
|
|
data: user
|
...
|
...
|
|