login_controller.js 23 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552
  1. /**
  2. * 登录相关控制器
  3. *
  4. * @author CaiAoLin
  5. * @date 2017/6/8
  6. * @version
  7. */
  8. const UserModel = require("../models/user_model");
  9. const SettingModel = require("../models/setting_model");
  10. const CompilationModel = require("../models/compilation_model");
  11. const LogModel = require("../models/log_model");
  12. const LogType = require("../../common/const/log_type_const");
  13. const SMS = require('../models/sms');
  14. const moment = require('moment');
  15. // 验证码
  16. const Captcha = require("../models/captcha");
  17. let mongoose = require("mongoose");
  18. let systemSettingModel = mongoose.model("system_setting");
  19. const uuidV1 = require('uuid/v1');
  20. class LoginController {
  21. async firstPage(request,response){
  22. response.render('users/html/index', {});
  23. }
  24. /**
  25. * 登录页面
  26. *
  27. * @param {object} request
  28. * @param {object} response
  29. * @return {void}
  30. */
  31. async index(request, response) {
  32. // 判断是否有带token和ssoID参数
  33. if (request.query.ssoID !== undefined && request.query.token !== undefined) {
  34. let ssoID = request.query.ssoID;
  35. let token = request.query.token;
  36. let preferenceSetting = {};
  37. let compilationList = [];
  38. try {
  39. let userModel = new UserModel();
  40. // 调用接口验证登录信息
  41. let responseData = await userModel.getInfoFromSSO2(ssoID, token);
  42. // 先判断返回值是否为未激活状态
  43. if ( responseData === '-3') {
  44. throw '因邮箱未完成认证,账号未激活;去<a href="https://sso.smartcost.com.cn" target="_blank">激活</a>。';
  45. }
  46. if ( responseData === '-2') {
  47. throw 'token已过期,请重新登录Z+获取';
  48. }
  49. responseData = JSON.parse(responseData);
  50. if (typeof responseData !== 'object') {
  51. throw 'ssoId错误或token过期';
  52. }
  53. if (responseData.length <= 0) {
  54. throw '接口返回数据错误';
  55. }
  56. let userData = responseData[0];
  57. // 判断用户是否开启了只使用短信登录
  58. const userInfo = await userModel.findDataByAccount(userData.mobile);
  59. if (userInfo !== undefined && userInfo !== null && userInfo.isSmsLogin === 1) {
  60. let renderData = {
  61. mobile: userData.mobile,
  62. };
  63. response.render('users/html/login-sms', renderData);
  64. return;
  65. }
  66. let sessionUser = {
  67. ssoId: userData.id,
  68. username: userData.username,
  69. email: userData.useremail,
  70. mobile: userData.mobile,
  71. qq: userData.qq,
  72. isUserActive: userData.isUserActive,
  73. token: uuidV1(),
  74. };
  75. request.session.sessionUser = sessionUser;
  76. // 记录用户数据到数据库
  77. let result = await userModel.markUser(sessionUser, request);
  78. // 获取偏好设置
  79. let settingModel = new SettingModel();
  80. preferenceSetting = await settingModel.getPreferenceSetting(request.session.sessionUser.id);
  81. if (!result) {
  82. throw '标记用户信息失败!';
  83. }
  84. let compilationModel = new CompilationModel();
  85. if (preferenceSetting.login_ask === 1 || preferenceSetting.select_version === ''){
  86. preferenceSetting.login_ask = 1;
  87. compilationList = await compilationModel.getList();
  88. } else {
  89. compilationList = [];
  90. }
  91. // 获取编办信息
  92. let sessionCompilation = request.session.sessionCompilation;
  93. if (preferenceSetting.login_ask === 0 && !sessionCompilation &&
  94. preferenceSetting.select_version !== '') {
  95. let compilationData = await compilationModel.getCompilationById(preferenceSetting.select_version);
  96. // 判断当前用户的是使用免费版还是专业版
  97. let compilationVersion = await userModel.getVersionFromUpgrade(sessionUser.ssoId, preferenceSetting.select_version);
  98. request.session.compilationVersion = compilationVersion.version;
  99. request.session.sessionUser.compilationLock = compilationVersion.lock;
  100. request.session.sessionCompilation = compilationData;
  101. if(request.session.sessionUser.latest_used !== preferenceSetting.select_version) await userModel.updateLatestUsed(request.session.sessionUser.id,preferenceSetting.select_version);
  102. }
  103. let systemSetting = await systemSettingModel.findOne({}).lean();
  104. request.session.systemSetting = systemSetting;
  105. request.session.online_start_time = +new Date();
  106. console.log(`${request.session.sessionUser.real_name}--id:${request.session.sessionUser.id}--登录了系统`);
  107. if (preferenceSetting.login_ask === 1 || preferenceSetting.select_version === '') {
  108. let renderData = {
  109. versionData: compilationList,
  110. };
  111. response.render('users/html/login-ver', renderData);
  112. } else {
  113. return response.redirect("/pm");
  114. }
  115. } catch (error) {
  116. console.log(error)
  117. return response.redirect("/login");
  118. }
  119. } else {
  120. let sessionUser = request.session.sessionUser;
  121. if (sessionUser !== undefined && sessionUser.ssoId >= 0) {
  122. return response.redirect("/pm");
  123. } else {
  124. response.render('users/html/login', {});
  125. }
  126. }
  127. }
  128. /**
  129. * 登录操作
  130. *
  131. * @param {object} request
  132. * @param {object} response
  133. * @return {string}
  134. */
  135. async login(request, response) {
  136. console.log("开始登录操作------------------");
  137. let preferenceSetting = {};
  138. let compilationList = [];
  139. try {
  140. let userModel = new UserModel();
  141. let responseData = '';
  142. if (request.body.account === undefined) {
  143. let mobile = request.body.mobile;
  144. let codeMsg = request.session.code;
  145. if (codeMsg !== undefined && request.body.code !== '') {
  146. console.log(codeMsg);
  147. const validMobile = codeMsg.split('_')[0];
  148. const code = codeMsg.split('_')[1];
  149. const time = codeMsg.split('_')[2];
  150. if (validMobile !== mobile) {
  151. throw '短信验证码错误';
  152. }
  153. if (Date.parse(new Date())/1000 > time+60*5 || request.body.code !== code) {
  154. throw '短信验证码错误或已过期';
  155. } else {
  156. delete request.session.code;
  157. }
  158. } else {
  159. throw '短信验证码错误或已过期。';
  160. }
  161. responseData = await userModel.getInfoFromSSOMobile(mobile);
  162. console.log("getInfoFromSSOMobile complete------------------");
  163. } else {
  164. let account = request.body.account;
  165. let password = request.body.pw;
  166. // 调用接口验证登录信息
  167. responseData = await userModel.getInfoFromSSO(account, password);
  168. console.log("getInfoFromSSO complete------------------");
  169. }
  170. // 先判断返回值是否为未激活状态
  171. if ( responseData === '-3') {
  172. throw '因邮箱未完成认证,账号未激活;去<a href="https://sso.smartcost.com.cn" target="_blank">激活</a>。';
  173. }
  174. responseData = JSON.parse(responseData);
  175. if (typeof responseData !== 'object') {
  176. throw '邮箱/手机 或 密码错误';
  177. }
  178. if (responseData.length <= 0) {
  179. throw '接口返回数据错误';
  180. }
  181. // 正确登录后 存入session
  182. let userData = responseData[0];
  183. if (userData.mobile === '') {
  184. return response.json({error: 2,ssoId: userData.id});
  185. }
  186. //还要判断account是否是专业版用户
  187. // let isPro = false;
  188. // const userInfo = await userModel.findDataByAccount(account);
  189. //
  190. // if (userInfo && userInfo.upgrade_list !== undefined) {
  191. // for (const ul of userInfo.upgrade_list) {
  192. // if (ul.isUpgrade === true) {
  193. // isPro = true;
  194. // break;
  195. // }
  196. // }
  197. // }
  198. // // 专业版短信验证码验证
  199. // if (isPro) {
  200. // const codeMsg = request.session.code;
  201. // if (codeMsg !== undefined && request.body.code !== '') {
  202. // const code = codeMsg.split('_')[0];
  203. // const time = codeMsg.split('_')[1];
  204. // console.log(code);
  205. // console.log(request.body.code);
  206. // if (Date.parse(new Date())/1000 > time+60*5 || request.body.code !== code) {
  207. // return response.json({error: 3, msg: '验证码错误。'});
  208. // } else {
  209. // delete request.session.code;
  210. // }
  211. // } else {
  212. // return response.json({error: 3, msg: '验证码错误。'});
  213. // }
  214. // }
  215. // 判断极验验证码是否通过
  216. // const captcha = new Captcha();
  217. // const captchResult = await captcha.validate(request);
  218. // console.log(captchResult);
  219. // if (!captchResult) {
  220. // throw '极验验证码错误';
  221. // }
  222. // 判断用户是否开启了只使用短信登录
  223. const userInfo = await userModel.findDataByAccount(userData.mobile);
  224. console.log("判断用户是否开启了只使用短信登录 完成------------------");
  225. if (request.body.mobile === undefined && request.body.code === undefined && userInfo !== undefined && userInfo !== null && userInfo.isSmsLogin === 1) {
  226. return response.json({error: 3, msg: '只能手机短信登录。', data: userData.mobile});
  227. }
  228. // for (const ul of userInfo.upgrade_list) {
  229. // if (ul.isUpgrade === true) {
  230. // isPro = true;
  231. // break;
  232. // }
  233. // }
  234. // }
  235. let sessionUser = {
  236. ssoId: userData.id,
  237. company: userInfo.company,
  238. username: userData.username,
  239. email: userData.useremail,
  240. mobile: userData.mobile,
  241. qq: userData.qq,
  242. isUserActive: userData.isUserActive,
  243. newLogin:true,
  244. token: uuidV1(),
  245. };
  246. request.session.sessionUser = sessionUser;
  247. // 记录用户数据到数据库
  248. let result = await userModel.markUser(sessionUser, request);
  249. console.log("markUser 完成------------------");
  250. // 获取偏好设置
  251. let settingModel = new SettingModel();
  252. preferenceSetting = await settingModel.getPreferenceSetting(request.session.sessionUser.id);
  253. console.log("获取偏好设置 完成------------------");
  254. if (!result) {
  255. throw '标记用户信息失败!';
  256. }
  257. let compilationModel = new CompilationModel();
  258. if(preferenceSetting.login_ask === 1 || preferenceSetting.select_version === ''){
  259. preferenceSetting.login_ask = 1;
  260. compilationList = await compilationModel.getList();
  261. console.log("compilationList 完成------------------");
  262. }
  263. else{
  264. compilationList = [];
  265. }
  266. // 获取编办信息
  267. let sessionCompilation = request.session.sessionCompilation;
  268. if (preferenceSetting.login_ask === 0 && !sessionCompilation &&
  269. preferenceSetting.select_version !== '') {
  270. let compilationData = await compilationModel.getCompilationById(preferenceSetting.select_version);
  271. // 判断当前用户的是使用免费版还是专业版
  272. let compilationVersion = await userModel.getVersionFromUpgrade(sessionUser.ssoId, preferenceSetting.select_version);
  273. console.log("当前用户的是使用免费版还是专业版 完成------------------");
  274. request.session.compilationVersion = compilationVersion.version;
  275. request.session.sessionUser.compilationLock = compilationVersion.lock;
  276. request.session.sessionCompilation = compilationData;
  277. if(request.session.sessionUser.latest_used !== preferenceSetting.select_version) await userModel.updateLatestUsed(request.session.sessionUser.id,preferenceSetting.select_version);
  278. }
  279. // 登录异常短信提醒功能
  280. const userinfo2 = await userModel.findDataByAccount(userData.mobile);
  281. if (userinfo2.isLoginValid === 1) {
  282. // 获取本次访问ip
  283. let ip = request.headers["x-real-ip"]? request.headers["x-real-ip"]:"";
  284. let logModel = new LogModel();
  285. let logCount = await logModel.count();
  286. logCount = logCount > 30 ? 30 : logCount;
  287. let page = 1;
  288. const loginList = await logModel.getLog(request.session.sessionUser.id, LogType.LOGIN_LOG, page, logCount);
  289. let messageFlag = true;
  290. for (const [index,log] of loginList.entries()) {
  291. if (log.message.ip === ip && index !== 0) {
  292. messageFlag = false;
  293. break;
  294. }
  295. }
  296. messageFlag = true;
  297. if (messageFlag) {
  298. // 发送短信
  299. const Sms = new SMS();
  300. const logInfo = loginList[0];
  301. await Sms.sendLoginMsg(userData.mobile, request.session.sessionUser.real_name, moment(logInfo.create_time).format('YYYY-MM-DD'), moment(logInfo.create_time).format('HH:mm:ss'), logInfo.message.ip_info, logInfo.message.ip);
  302. console.log("sendLoginMsg 完成------------------");
  303. // const msg = '【纵横云计价】您的账号(账号昵称:'+ request.session.sessionUser.real_name +')于' + moment(logInfo.create_time).format('YYYY-MM-DD HH:mm:ss') + '在' + logInfo.message.ip_info + '(' + logInfo.message.ip + ')' + '登录成功。纵横云计价提醒您,如果怀疑此次登录行为有异常,请及时修改账号密码。';
  304. // console.log(msg);
  305. }
  306. }
  307. } catch (error) {
  308. console.log(error);
  309. return response.json({error: 1, msg: error});
  310. }
  311. let systemSetting = await systemSettingModel.findOne({}).lean();
  312. request.session.systemSetting = systemSetting;
  313. request.session.online_start_time = +new Date();
  314. console.log(`${request.session.sessionUser.real_name}--id:${request.session.sessionUser.id}--登录了系统`);
  315. response.json({
  316. error: 0,
  317. msg: '',
  318. login_ask: preferenceSetting.login_ask,
  319. compilation_list: JSON.stringify(compilationList),
  320. last_page: request.session.lastPage
  321. });
  322. }
  323. /**
  324. * 验证码注册
  325. *
  326. * @param {object} request
  327. * @param {object} response
  328. * @return {string}
  329. */
  330. async captcha(request, response) {
  331. const captcha = new Captcha();
  332. const res = await captcha.register(request);
  333. response.json(res);
  334. }
  335. /**
  336. * 判断用户是否是专业版用户
  337. * @param request
  338. * @param response
  339. * @returns {Promise<void>}
  340. */
  341. // async accountIsPro(request, response) {
  342. // let res = {
  343. // error: 0,
  344. // msg: '',
  345. // result: false,
  346. // };
  347. // try{
  348. // const account = request.body.account;
  349. // const password = request.body.pw;
  350. //
  351. // // 根据邮箱或手机号获取账号信息
  352. // let userModel = new UserModel();
  353. // // 调用接口验证登录信息
  354. // let responseData = await userModel.getInfoFromSSO(account, password);
  355. // // 先判断返回值是否为未激活状态
  356. // if ( responseData === '-3') {
  357. // throw '因邮箱未完成认证,账号未激活;去<a href="https://sso.smartcost.com.cn" target="_blank">激活</a>。';
  358. // }
  359. // responseData = JSON.parse(responseData);
  360. // if (typeof responseData !== 'object') {
  361. // throw '邮箱/手机 或 密码错误';
  362. // }
  363. //
  364. // if (responseData.length <= 0) {
  365. // throw '接口返回数据错误';
  366. // }
  367. //
  368. // // 正确登录后 存入session
  369. // let userData = responseData[0];
  370. //
  371. // if (userData.mobile === '') {
  372. // return response.json({error: 2,ssoId: userData.id});
  373. // }
  374. //
  375. // const userInfo = await userModel.findDataByAccount(account);
  376. // if (userInfo && userInfo.upgrade_list !== undefined) {
  377. // for (const ul of userInfo.upgrade_list) {
  378. // if (ul.isUpgrade === true) {
  379. // res.result = true;
  380. // res.data = userInfo.mobile;
  381. // break;
  382. // }
  383. // }
  384. // } else {
  385. // res.msg = '当前未存在此用户';
  386. // }
  387. // } catch (err) {
  388. // res.error = 1;
  389. // res.msg = err;
  390. // }
  391. //
  392. // response.json(res);
  393. // }
  394. async regPage(request, response) {
  395. let userModel = new UserModel();
  396. const err = request.session.regError;
  397. request.session.regError = undefined;
  398. let renderData = {
  399. err: err ? err : '',
  400. provinceList: userModel.province,
  401. };
  402. response.render('users/html/user-reg', renderData);
  403. }
  404. async reg(request, response) {
  405. try {
  406. if (request.body.type === undefined || request.body.mobile === undefined || request.body.company === undefined || request.body.real_name === undefined || request.body.qq === undefined || request.body.province === undefined) {
  407. throw '参数有误';
  408. }
  409. let userModel = new UserModel();
  410. let responseData = '';
  411. if (parseInt(request.body.type) === 2) { // 已注册sso但未注册大司空
  412. responseData = await userModel.regForSSO(request.body.mobile, request.body.qq);
  413. } else if (parseInt(request.body.type) === 1 && request.body.password !== undefined) { // 都未注册
  414. const name = request.body.real_name + '_' + request.body.mobile;
  415. responseData = await userModel.regForSSO(request.body.mobile, request.body.qq, request.body.password, name);
  416. } else {
  417. throw '参数有误';
  418. }
  419. responseData = JSON.parse(responseData);
  420. if (typeof responseData !== 'object') {
  421. throw 'SSO报错';
  422. }
  423. if (responseData.length <= 0) {
  424. throw '接口返回数据错误';
  425. }
  426. // 正确登录后 存入session
  427. let userData = responseData[0];
  428. // makeuser
  429. let addUserData = {
  430. ssoId: userData.id,
  431. company: request.body.company,
  432. username: userData.username,
  433. email: userData.useremail,
  434. mobile: userData.mobile,
  435. qq: userData.qq,
  436. isUserActive: userData.isUserActive,
  437. token: uuidV1(),
  438. real_name: request.body.real_name,
  439. province: request.body.province,
  440. };
  441. const result = await userModel.addUser(addUserData);
  442. return response.redirect("/wap/checkuser?mobile=" + request.body.mobile);
  443. } catch (err) {
  444. console.log(err);
  445. request.session.regError = err;
  446. return response.redirect("/wap/reg");
  447. }
  448. }
  449. async checkUser(request, response) {
  450. const renderData = {
  451. check: false,
  452. };
  453. if (request.query.mobile !== undefined) {
  454. let userModel = new UserModel();
  455. const userInfo = await userModel.findDataByAccount(request.query.mobile);
  456. renderData.check = true;
  457. renderData.mobile = request.query.mobile;
  458. renderData.userinfo = userInfo;
  459. }
  460. response.render('users/html/user-check', renderData);
  461. }
  462. async checkUserAjax(request, response) {
  463. let existUser = 0;
  464. try {
  465. if (request.body.mobile !== undefined && request.body.code !== undefined) {
  466. let mobile = request.body.mobile;
  467. let codeMsg = request.session.code;
  468. if (codeMsg !== undefined && request.body.code !== '') {
  469. console.log(codeMsg);
  470. const validMobile = codeMsg.split('_')[0];
  471. const code = codeMsg.split('_')[1];
  472. const time = codeMsg.split('_')[2];
  473. if (validMobile !== mobile) {
  474. throw '短信验证码错误';
  475. }
  476. if (Date.parse(new Date())/1000 > time+60*5 || request.body.code !== code) {
  477. throw '短信验证码错误或已过期';
  478. } else {
  479. delete request.session.code;
  480. }
  481. } else {
  482. throw '短信验证码错误或已过期。';
  483. }
  484. let userModel = new UserModel();
  485. const userInfo = await userModel.findDataByAccount(mobile);
  486. existUser = userInfo ? 1 : 0;
  487. // 若未注册大司空,再判断是否已注册sso
  488. if (existUser === 0) {
  489. let responseData = await userModel.getInfoFromSSOAccount(mobile);
  490. if ( responseData === '-2') {
  491. throw '参数有误';
  492. }
  493. if ( responseData === '-22') {
  494. existUser = 0;
  495. }
  496. responseData = JSON.parse(responseData);
  497. if (typeof responseData === 'object') {
  498. existUser = 2;
  499. }
  500. }
  501. } else {
  502. throw '参数有误';
  503. }
  504. } catch (error) {
  505. console.log(error);
  506. return response.json({error: 1, msg: error});
  507. }
  508. response.json({
  509. error: 0,
  510. existUser,
  511. });
  512. }
  513. }
  514. module.exports = LoginController;