Authored by 郭成尧

Merge branch 'master' into feature/giftcard

... ... @@ -286,17 +286,14 @@ const getOrders = (params) => {
let perOrder = _getOrderStatus(value);
/* 是否是虚拟商品 */
let isTickets = order.virtual_type && parseInt(order.virtual_type, 10) === 3;
Object.assign(perOrder, {
orderNum: value.order_code,
orderStatus: value.status_str,
sumCost: value.amount,
goods: _formatOrderGoods(value.order_goods, count, false, isTickets),
goods: _formatOrderGoods(value.order_goods, count, false),
detailUrl: helpers.urlFormat('/home/orderdetail', {order_code: value.order_code}),
count: value.buy_total,
isVirtual: isTickets,
isVirtual: _.get(value, 'order_goods[0].goods_type'),
orderTitle: value.order_title
});
... ...
... ... @@ -129,9 +129,9 @@
</a>
</div>
<div class="group-list">
<a class="list-item invite" href="http://activity.yoho.cn/feature/357.html?share_id=2391&title=邀请好友50元现金券无限赚">
<a class="list-item invite" href="http://activity.yoho.cn/feature/623.html?share_id=2795&title=邀请好友100元现金券无限赚">
<span class="horn"></span>
邀请好友,50元现金券无限赚
邀请好友,100元礼券无限赚!
<span class="iconfont num">&#xe604;</span>
</a>
<a class="list-item message" href="/home/message">
... ...
... ... @@ -228,8 +228,9 @@ const bind = {
let refer = helpers.urlFormat('/passport/bind/success?type=bind');
if (result && result.code && result.code === 200 && result.data.uid) {
return AuthHelper.syncUserSession(result.data.uid, req, res, result.data.session_key).then(() => {
result.data.refer = refer;
return AuthHelper.syncUserSession(result.data.uid, req, res, result.data.session_key)
.then((authData) => {
result.data.refer = _.get(authData, 'refer') || refer;
return result;
});
} else {
... ... @@ -262,8 +263,9 @@ const bind = {
let refer = helpers.urlFormat('/passport/bind/success', { sourceType: sourceType });
if (result && result.code && result.code === 200 && result.data.uid) {
return AuthHelper.syncUserSession(result.data.uid, req, res, result.data.session_key).then(() => {
result.data.refer = refer;
return AuthHelper.syncUserSession(result.data.uid, req, res, result.data.session_key)
.then((authData) => {
result.data.refer = _.get(authData, 'refer') || refer;
return result;
});
} else {
... ...
... ... @@ -8,8 +8,9 @@
const _ = require('lodash');
const passport = require('passport');
// const md5 = require('yoho-md5');
const uuid = require('uuid');
const url = require('url');
const moment = require('moment');
const co = Promise.coroutine;
const cookie = global.yoho.cookie;
const helpers = global.yoho.helpers;
... ... @@ -19,6 +20,8 @@ const cache = global.yoho.cache;
const utils = require(global.utils);
const RegService = require('../models/reg-service');
const AuthHelper = require('../models/auth-helper');
const thirdAccount = require('../data/third-account.json');
const auth = require('../models/auth-helper');
const loginPage = `${config.siteUrl}/signin.html`;
... ... @@ -50,8 +53,9 @@ function doPassportCallback(openId, nickname, sourceType, req, res) {
refer: refer
});
} else if (result.code === 200 && result.data.uid) {
return AuthHelper.syncUserSession(result.data.uid, req, res, result.data.session_key).then(() => {
return refer;
return AuthHelper.syncUserSession(result.data.uid, req, res, result.data.session_key)
.then((authData) => {
return _.get(authData, 'refer') || refer;
});
}
}).then((redirectTo) => {
... ... @@ -63,6 +67,73 @@ function doPassportCallback(openId, nickname, sourceType, req, res) {
}
const common = {
// 第三方登录有货逻辑
thirdLogin(req, res, next) {
let refer = req.get('referer');
let thirdRefer = req.cookies.third_refer;
if (thirdRefer && !/signin|login|passport\/international/.test(refer)) {
res.clearCookie('third_refer', {
domain: 'yohobuy.com'
});
}
// TODO 记录token并验证有效期或者实现oauth
if (req.query.yh_type &&
req.query.yh_sign &&
req.query.yh_time &&
req.query.yh_backurl) {
let reqTime = moment(req.query.yh_time);
let timeDiff = moment().diff(reqTime);
if (!reqTime.isValid() ||
timeDiff >= 1000 * 60 * 5 || // 如果服务器之间大于5分钟验证失败
timeDiff < 0) {
return res.json({
code: 401,
message: 'yh_time已过期或者格式错误'
});
}
let account = thirdAccount[req.query.yh_type];
if (!account) {
return res.json({
code: 401,
message: 'yh_type验证失败'
});
}
let backurl = url.parse(req.query.yh_backurl);
let regDomain = new RegExp(`${account.domain.replace(/\./g, '\\.')}$`);
if (!regDomain.test(backurl.host || '')) {
return res.json({
code: 401,
message: 'yh_backurl回调域名验证失败'
});
}
let signStr = auth.thirdSign(req.query, account.clientSecret);
if (signStr.toLowerCase() !== req.query.yh_sign.toLowerCase()) {
return res.json({
code: 401,
message: 'yh_sign签名验证错误'
});
}
res.cookie('third_refer', refer, {
domain: 'yohobuy.com'
});
res.cookie('third_type', req.query.yh_type, {
domain: 'yohobuy.com'
});
res.cookie('third_backurl', req.query.yh_backurl, {
domain: 'yohobuy.com'
});
req.query.from = req.query.yh_type;
}
next();
},
beforeLogin: (req, res, next) => {
if (req.session.passwordWeak) {
return res.redirect('/passport/password/resetpage');
... ... @@ -297,10 +368,11 @@ const local = {
return res.json(passwordWeakReturn);
}
AuthHelper.syncUserSession(user.uid, req, res, user.session_key).then(() => {
AuthHelper.syncUserSession(user.uid, req, res, user.session_key).then((authData) => {
if (user.weakPassword) {
return res.json(passwordWeakReturn);
} else {
user.href = _.get(authData, 'refer', user.href);
res.json({
code: 200,
data: user
... ...
... ... @@ -127,7 +127,7 @@ class Reg {
return res.json(regMobileAesResult);
}
yield AuthHelper.syncUserSession(regMobileAesResult.data.uid,
let authData = yield AuthHelper.syncUserSession(regMobileAesResult.data.uid,
req, res, regMobileAesResult.data.session_key);
// 返回跳转到来源页面
... ... @@ -156,7 +156,7 @@ class Reg {
message: '注册成功',
data: {
session: refer,
href: '//m.yohobuy.com/activity/invite-reg',
href: _.get(authData, 'refer') || '//m.yohobuy.com/activity/invite-reg',
msgDelivery: _.get(regMobileAesResult, 'data.msgDelivery', '')
}
});
... ...
... ... @@ -406,7 +406,7 @@ let setPassword = (req, res, next) => {
resultCopy = result;
return AuthHelper.syncUserSession(result.data.uid, req, res, result.data.session_key);
}).then(() => {
}).then((authData) => {
if (!resultCopy) {
return;
}
... ... @@ -438,7 +438,7 @@ let setPassword = (req, res, next) => {
message: '注册成功',
data: {
session: refer,
href: '//m.yohobuy.com/activity/invite-reg',
href: _.get(authData, 'refer') || '//m.yohobuy.com/activity/invite-reg',
msgDelivery: _.get(resultCopy, 'data.msgDelivery', '')
}
});
... ...
... ... @@ -351,11 +351,11 @@ exports.check = (req, res, next) => {
});
return AuthHelper.syncUserSession(info.data.uid, req, res, info.data.session_key);
})
.then(() => {
.then((authData) => {
res.json({
code: 200,
message: LOGIN_SUCCSS,
redirect: utils.refererLimit(req.cookies.refer)
redirect: _.get(authData, 'refer') || utils.refererLimit(req.cookies.refer)
});
delete req.session.smsLogin;
... ... @@ -418,14 +418,14 @@ exports.password = (req, res, next) => {
resultCopy = result;
return AuthHelper.syncUserSession(result.data.uid, req, res, result.data.session_key);
}).then(() => {
}).then((authData) => {
if (!resultCopy) {
return;
}
res.json({
code: 200,
message: LOGIN_SUCCSS,
redirect: utils.refererLimit(req.cookies.refer)
redirect: _.get(authData, 'refer') || utils.refererLimit(req.cookies.refer)
});
delete req.session.smsLogin;
}).catch(next);
... ...
{
"mars": {
"clientSecret": "f30368d65fcad4a265074948a2a2e6e6",
"domain": "yohomars.com"
},
"activity": {
"clientSecret": "3bd815162342d9733f06ab6811082c64",
"domain": "yoho.cn"
}
}
\ No newline at end of file
... ...
... ... @@ -6,6 +6,11 @@ const logger = global.yoho.logger;
const sign = global.yoho.sign;
const api = global.yoho.API;
const uuid = require('uuid');
const url = require('url');
const md5 = require('yoho-md5');
const moment = require('moment');
const querystring = require('querystring');
const thirdAccount = require('../data/third-account.json');
class Auth {
... ... @@ -73,6 +78,54 @@ class Auth {
return api.get('', param);
}
static thirdSign(params, clientSecret) {
let secretParams = {},
secretStr = '';
for (const k of Object.keys(params).sort()) {
if (k === 'yh_sign') {
continue;
}
secretParams[k] = params[k];
}
secretStr = _.join(_.map(secretParams, (v, k) => {
return `${k}=${v}`;
}), '&');
return md5(secretStr + clientSecret);
}
static thirdLogin(req, res, uid) {
if (req.cookies.third_type && req.cookies.third_backurl && req.cookies.third_refer) {
let backurl = url.parse(req.cookies.third_backurl),
account = thirdAccount[req.cookies.third_type];
let params = Object.assign({
yh_uid: uid,
yh_type: req.cookies.third_type,
yh_time: moment().format('YYYY-MM-DD HH:mm:ss')
}, querystring.parse(backurl.query));
let signStr = this.thirdSign(params, account.clientSecret);
params.yh_sign = signStr;
let queryStr = _.join(_.map(params, (v, k) => {
return `${k}=${encodeURIComponent(v)}`;
}), '&');
return {
refer: `${backurl.protocol}//${backurl.host}${backurl.pathname}?${queryStr}`
};
}
res.clearCookie('third_type', {
domain: 'yohobuy.com'
});
res.clearCookie('third_backurl', {
domain: 'yohobuy.com'
});
res.clearCookie('third_refer', {
domain: 'yohobuy.com'
});
}
static syncUserSession(uid, req, res, sessionKey) {
let userId = {
toString: () => {
... ... @@ -132,6 +185,9 @@ class Auth {
domain: 'yohobuy.com',
expires: new Date(Date.now() + 2592000000) // 有效期一年
});
// 第三方登录逻辑
return this.thirdLogin(req, res, uid);
});
}
}
... ...
... ... @@ -203,6 +203,7 @@ router.get('/signin.html',
validateCode.load,
login.common.beforeLogin,
login.common.clearCookie,
login.common.thirdLogin,
smsNew.smsLoginPage); // 短信验证码登录
router.get('/reg.html',
validateCode.load,
... ...
... ... @@ -79,6 +79,7 @@ module.exports = () => {
}
}
res.locals.isLogin = Boolean(req.user.uid); // 用户是否登录
next();
};
};
... ...
... ... @@ -66,22 +66,26 @@
var s = document.getElementsByTagName("script")[0];
s.parentNode.insertBefore(hm, s);
})();
(function() {
{{!-- (function() {
var hm = document.createElement("script");
hm.src = "https://hm.baidu.com/hm.js?e5b83a487a4458aa5abca43f5779b764";
var s = document.getElementsByTagName("script")[0];
s.parentNode.insertBefore(hm, s);
})();
})(); --}}
{{#if @root.isLogin}}
{{#if @root.isApp}}
_hmt.push(['_setCustomVar', 1, 'login', 'APP', 2]);
{{^}}
_hmt.push(['_setCustomVar', 1, 'login', 'H5', 2]);
{{/if}}
{{/if}}
}, 1000);
}());
{{!--/* tar add 170426 品众代码去除 */--}}
{{!--/* tar add 170601 品众代码恢复 */--}}
window._fxcmd = window._fxcmd || [];
_fxcmd.sid = 'bb3b16fa1106a6ab8619da0095755f32';
_fxcmd.trackAll = false;
// 参数配置(可选)...
// 追踪配置(可选)...
setTimeout(function() {
var _pzfx = document['createElement']('script');
... ...
This diff could not be displayed because it is too large.
{
"name": "m-yohobuy-node",
"version": "6.0.13",
"version": "6.0.14",
"private": true,
"description": "A New Yohobuy Project With Express",
"repository": {
... ...
... ... @@ -425,3 +425,23 @@
}
}
}
.is-mars-app {
.chose-panel {
.block {
&.chosed {
background-color: #89b374;
color: #fff;
border-color: #89b374;
}
}
.btn-wrap {
.btn-sure,
.btn-sure-addtocart {
background-color: #89b374 !important;
color: #fff;
}
}
}
}
... ...