'use strict'; const _ = require('lodash'); const aes = require('./aes-pwd'); const authcode = require('../../../utils/authcode'); const logger = global.yoho.logger; const sign = global.yoho.sign; const api = global.yoho.API; const uuid = require('uuid'); const url = require('url'); const md5 = require('yoho-md5'); const moment = require('moment'); const querystring = require('querystring'); const thirdAccount = require('../data/third-account.json'); class Auth { static signin(area, profile, password, shoppingKey) { let param = { method: 'app.passport.signin', area: area, profile: profile, password: password }; if (shoppingKey) { param.shopping_key = shoppingKey; } return api.post('', param); } static signinAes(area, profile, password, shoppingKey, ip, isSkip) { let param = { method: 'sesame.flowering.higher', area: area, profile: profile, password: aes.aesPwd(password), isSkip: isSkip ? isSkip : 'N' }; if (shoppingKey) { param.shopping_key = shoppingKey; } logger.info(`${profile}, login from ${ip}`); return api.post('', param, { headers: { 'user-agent': 'yoho/nodejs', 'X-YOHO-IP': ip, 'X-Forwarded-For': ip } }); } static signinByOpenID(nickname, openId, sourceType, shoppingKey) { let param = { nickname: nickname, openId: openId, source_type: sourceType, // esline-disable-line method: 'app.passport.signinByOpenID', shoppingKey: shoppingKey }; if (shoppingKey) { param.shopping_key = shoppingKey; } return api.get('', param); } static profile(uid) { let param = { uid: uid, method: 'app.passport.profile' }; return api.get('', param); } static thirdSign(params, clientSecret) { let secretParams = {}, secretStr = ''; for (const k of Object.keys(params).sort()) { if (k === 'yh_sign') { continue; } secretParams[k] = params[k]; } secretStr = _.join(_.map(secretParams, (v, k) => { return `${k}=${v}`; }), '&'); return md5(secretStr + clientSecret); } static thirdLogin(req, res, uid) { if (req.cookies.third_type && req.cookies.third_backurl && req.cookies.third_refer) { let backurl = url.parse(req.cookies.third_backurl), account = thirdAccount[req.cookies.third_type]; let params = Object.assign({ yh_uid: uid, yh_type: req.cookies.third_type, yh_time: moment().format('YYYY-MM-DD HH:mm:ss') }, querystring.parse(backurl.query)); let signStr = this.thirdSign(params, account.clientSecret); params.yh_sign = signStr; let queryStr = _.join(_.map(params, (v, k) => { return `${k}=${encodeURIComponent(v)}`; }), '&'); return { refer: `${backurl.protocol}//${backurl.host}${backurl.pathname}?${queryStr}` }; } res.clearCookie('third_type', { domain: 'yohobuy.com' }); res.clearCookie('third_backurl', { domain: 'yohobuy.com' }); res.clearCookie('third_refer', { domain: 'yohobuy.com' }); } static syncUserSession(uid, req, res, sessionKey) { let userId = { toString: () => { return uid; } }; if (sessionKey) { // 弃用 // global.yoho.cache.set(`java_session_key:${uid}`, sessionKey).catch(() => { // global.yoho.logger.error('write session key fail'); // }); req.session.SESSION_KEY = sessionKey; res.cookie('_SESSION_KEY', authcode(sessionKey, '_SESSION_KEY', 2592000000, 'encode'), { domain: 'yohobuy.com', expires: new Date(Date.now() + 2592000000) // 有效期一年 }); userId.sessionKey = sessionKey; } res.cookie('_LOGIN_IS_REPORT', false, { domain: 'm.yohobuy.com', path: '/' }); return Auth.profile(userId).then((userInfo) => { let salt = uuid.v4().substr(0, 8); let saltedUid = uid + salt; let saltedToken = sign.makeToken(saltedUid); let publicToken = saltedToken + salt; let data = userInfo.data; let encryptionUid = aes.encryptionUid(uid); if (data) { data.profile_name = (data.profile_name || '').replace(/::/g, ''); let uidCookie = `${data.profile_name}::${encryptionUid}::${data.vip_info && data.vip_info.title}::${saltedToken}`; res.cookie('_UID', uidCookie, { domain: 'yohobuy.com', expires: new Date(Date.now() + 2592000000) // 有效期一年 }); req.session.AVATAR = data.head_ico; _.set(req.session, 'USER.AVATAR', data.head_ico); _.set(req.session, 'USER.NAME', data.profile_name); } req.session.TOKEN = publicToken; req.session.LOGIN_UID = uid; _.set(req.session, 'USER.ENCRYPTION_UID', encryptionUid); res.cookie('_TOKEN', publicToken, { httpOnly: true, domain: 'yohobuy.com', expires: new Date(Date.now() + 2592000000) // 有效期一年 }); // 第三方登录逻辑 return this.thirdLogin(req, res, uid); }); } } module.exports = Auth;