Home Explore Help
Sign In
SmartCost
/
YangHuCost
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: cd5ff6f912
Branches Tags
YangHuCost
/
modules
/
users
/
controllers
/
login_controller.js

login_controller.js 16 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395 
  1. /**
    2. 

  2.  * 登录相关控制器
    3. 

  3.  *
    4. 

  4.  * @author CaiAoLin
    5. 

  5.  * @date 2017/6/8
    6. 

  6.  * @version
    7. 

  7.  */
    8. 

  8. import UserModel from "../models/user_model";
    9. 

  9. import SettingModel from "../models/setting_model";
    10. 

  10. import CompilationModel from "../models/compilation_model";
    11. 

  11. import LogModel from "../models/log_model";
    12. 

  12. import LogType from "../../common/const/log_type_const";
    13. 

  13. const SMS = require('../models/sms');
    14. 

  14. const moment = require('moment');
    15. 

  15. // 验证码
    16. 

  16. const Captcha = require("../models/captcha");
    17. 

  17. 

  18. class LoginController {
    19. 

  19. 

  20.     /**
    21. 

  21.      * 登录页面
    22. 

  22.      *
    23. 

  23.      * @param {object} request
    24. 

  24.      * @param {object} response
    25. 

  25.      * @return {void}
    26. 

  26.      */
    27. 

  27.     async index(request, response) {
    28. 

  28.         // 判断是否有带token和ssoID参数
    29. 

  29.         if (request.query.ssoID !== undefined && request.query.token !== undefined) {
    30. 

  30.             let ssoID = request.query.ssoID;
    31. 

  31.             let token = request.query.token;
    32. 

  32.             let preferenceSetting = {};
    33. 

  33.             let compilationList = [];
    34. 

  34.             try {
    35. 

  35.                 let userModel = new UserModel();
    36. 

  36.                 // 调用接口验证登录信息
    37. 

  37.                 let responseData = await userModel.getInfoFromSSO2(ssoID, token);
    38. 

  38.                 // 先判断返回值是否为未激活状态
    39. 

  39.                 if ( responseData === '-3') {
    40. 

  40.                     throw '因邮箱未完成认证,账号未激活;去<a href="https://sso.smartcost.com.cn" target="_blank">激活</a>。';
    41. 

  41.                 }
    42. 

  42.                 if ( responseData === '-2') {
    43. 

  43.                     throw 'token已过期,请重新登录Z+获取';
    44. 

  44.                 }
    45. 

  45.                 responseData = JSON.parse(responseData);
    46. 

  46.                 if (typeof responseData !== 'object') {
    47. 

  47.                     throw 'ssoId错误或token过期';
    48. 

  48.                 }
    49. 

  49. 

  50.                 if (responseData.length <= 0) {
    51. 

  51.                     throw '接口返回数据错误';
    52. 

  52.                 }
    53. 

  53.                 let userData = responseData[0];
    54. 

  54. 

  55.                 // 判断用户是否开启了只使用短信登录
    56. 

  56.                 const userInfo = await userModel.findDataByAccount(userData.mobile);
    57. 

  57.                 if (userInfo !== undefined && userInfo !== null && userInfo.isSmsLogin === 1) {
    58. 

  58.                     let renderData = {
    59. 

  59.                         mobile: userData.mobile,
    60. 

  60.                     };
    61. 

  61.                     response.render('users/html/login-sms', renderData);
    62. 

  62.                     return;
    63. 

  63.                 }
    64. 

  64. 

  65.                 let sessionUser = {
    66. 

  66.                     ssoId: userData.id,
    67. 

  67.                     username: userData.username,
    68. 

  68.                     email: userData.useremail,
    69. 

  69.                     mobile: userData.mobile,
    70. 

  70.                     isUserActive: userData.isUserActive,
    71. 

  71.                 };
    72. 

  72. 

  73.                 request.session.sessionUser = sessionUser;
    74. 

  74.                 // 记录用户数据到数据库
    75. 

  75.                 let result = await userModel.markUser(sessionUser, request);
    76. 

  76. 

  77.                 // 获取偏好设置
    78. 

  78.                 let settingModel = new SettingModel();
    79. 

  79.                 preferenceSetting = await settingModel.getPreferenceSetting(request.session.sessionUser.id);
    80. 

  80.                 if (!result) {
    81. 

  81.                     throw '标记用户信息失败!';
    82. 

  82.                 }
    83. 

  83.                 let compilationModel = new CompilationModel();
    84. 

  84.                 if (preferenceSetting.login_ask === 1 || preferenceSetting.select_version === ''){
    85. 

  85.                     preferenceSetting.login_ask = 1;
    86. 

  86.                     compilationList = await  compilationModel.getList();
    87. 

  87.                 } else {
    88. 

  88.                     compilationList = [];
    89. 

  89.                 }
    90. 

  90.                 // 获取编办信息
    91. 

  91.                 let sessionCompilation = request.session.sessionCompilation;
    92. 

  92. 

  93.                 if (preferenceSetting.login_ask === 0 && !sessionCompilation &&
    94. 

  94.                     preferenceSetting.select_version !== '') {
    95. 

  95.                     let compilationData = await compilationModel.getCompilationById(preferenceSetting.select_version);
    96. 

  96.                     // 判断当前用户的是使用免费版还是专业版
    97. 

  97.                     let compilationVersion = await userModel.getVersionFromUpgrade(sessionUser.ssoId, preferenceSetting.select_version);
    98. 

  98.                     request.session.compilationVersion = compilationVersion;
    99. 

  99.                     request.session.sessionCompilation = compilationData;
    100. 

  100.                     if(request.session.sessionUser.latest_used !== preferenceSetting.select_version) await userModel.updateLatestUsed(request.session.sessionUser.id,preferenceSetting.select_version);
    101. 

  101.                 }
    102. 

  102.                 request.session.online_start_time = +new Date();
    103. 

  103.                 console.log(`${request.session.sessionUser.real_name}--id:${request.session.sessionUser.id}--登录了系统`);
    104. 

  104.                 if (preferenceSetting.login_ask === 1 || preferenceSetting.select_version === '') {
    105. 

  105.                     let renderData = {
    106. 

  106.                         versionData: compilationList,
    107. 

  107.                     };
    108. 

  108.                     response.render('users/html/login-ver', renderData);
    109. 

  109.                 } else {
    110. 

  110.                     return response.redirect("/pm");
    111. 

  111.                 }
    112. 

  112.             } catch (error) {
    113. 

  113.                 console.log(error)
    114. 

  114.                 return response.redirect("/login");
    115. 

  115.             }
    116. 

  116.         } else {
    117. 

  117.             let sessionUser = request.session.sessionUser;
    118. 

  118.             if (sessionUser !== undefined && sessionUser.ssoId >= 0) {
    119. 

  119.                 return response.redirect("/pm");
    120. 

  120.             } else {
    121. 

  121.                 response.render('users/html/login', {});
    122. 

  122.             }
    123. 

  123.         }
    124. 

  124.     }
    125. 

  125. 

  126.     /**
    127. 

  127.      * 登录操作
    128. 

  128.      *
    129. 

  129.      * @param {object} request
    130. 

  130.      * @param {object} response
    131. 

  131.      * @return {string}
    132. 

  132.      */
    133. 

  133.     async login(request, response) {
    134. 

  134.         let preferenceSetting = {};
    135. 

  135.         let compilationList = [];
    136. 

  136.         try {
    137. 

  137.             let userModel = new UserModel();
    138. 

  138.             let responseData = '';
    139. 

  139.             if (request.body.account === undefined) {
    140. 

  140.                 let mobile = request.body.mobile;
    141. 

  141.                 let codeMsg = request.session.code;
    142. 

  142.                 if (codeMsg !== undefined && request.body.code !== '') {
    143. 

  143.                     console.log(codeMsg);
    144. 

  144.                     const validMobile = codeMsg.split('_')[0];
    145. 

  145.                     const code = codeMsg.split('_')[1];
    146. 

  146.                     const time = codeMsg.split('_')[2];
    147. 

  147.                     if (validMobile !== mobile) {
    148. 

  148.                         throw '短信验证码错误';
    149. 

  149.                     }
    150. 

  150.                     if (Date.parse(new Date())/1000 > time+60*5 || request.body.code !== code) {
    151. 

  151.                         throw '短信验证码错误或已过期';
    152. 

  152.                     } else {
    153. 

  153.                         delete request.session.code;
    154. 

  154.                     }
    155. 

  155.                 } else {
    156. 

  156.                     throw '短信验证码错误或已过期。';
    157. 

  157.                 }
    158. 

  158.                 responseData = await userModel.getInfoFromSSOMobile(mobile);
    159. 

  159.             } else {
    160. 

  160.                 let account = request.body.account;
    161. 

  161.                 let password = request.body.pw;
    162. 

  162. 

  163.                 // 调用接口验证登录信息
    164. 

  164.                 responseData = await userModel.getInfoFromSSO(account, password);
    165. 

  165.             }
    166. 

  166. 

  167.             // 先判断返回值是否为未激活状态
    168. 

  168.             if ( responseData === '-3') {
    169. 

  169.                 throw '因邮箱未完成认证,账号未激活;去<a href="https://sso.smartcost.com.cn" target="_blank">激活</a>。';
    170. 

  170.             }
    171. 

  171.             responseData = JSON.parse(responseData);
    172. 

  172.             if (typeof responseData !== 'object') {
    173. 

  173.                 throw '邮箱/手机 或 密码错误';
    174. 

  174.             }
    175. 

  175. 

  176.             if (responseData.length <= 0) {
    177. 

  177.                 throw '接口返回数据错误';
    178. 

  178.             }
    179. 

  179. 

  180.             // 正确登录后 存入session
    181. 

  181.             let userData = responseData[0];
    182. 

  182. 

  183.             if (userData.mobile === '') {
    184. 

  184.                 return response.json({error: 2,ssoId: userData.id});
    185. 

  185.             }
    186. 

  186. 

  187.             //还要判断account是否是专业版用户
    188. 

  188.             // let isPro = true;
    189. 

  189.             // const userInfo = await userModel.findDataByAccount(account);
    190. 

  190.             //
    191. 

  191.             // if (userInfo && userInfo.upgrade_list !== undefined) {
    192. 

  192.             //     for (const ul of userInfo.upgrade_list) {
    193. 

  193.             //         if (ul.isUpgrade === true) {
    194. 

  194.             //             isPro = true;
    195. 

  195.             //             break;
    196. 

  196.             //         }
    197. 

  197.             //     }
    198. 

  198.             // }
    199. 

  199.             // 专业版短信验证码验证
    200. 

  200.             // if (isPro) {
    201. 

  201.             //     const codeMsg = request.session.code;
    202. 

  202.             //     if (codeMsg !== undefined && request.body.code !== '') {
    203. 

  203.             //         const code = codeMsg.split('_')[0];
    204. 

  204.             //         const time = codeMsg.split('_')[1];
    205. 

  205.             //         console.log(code);
    206. 

  206.             //         console.log(request.body.code);
    207. 

  207.             //         if (Date.parse(new Date())/1000 > time+60*5 || request.body.code !== code) {
    208. 

  208.             //             return response.json({error: 3, msg: '验证码错误。'});
    209. 

  209.             //         } else {
    210. 

  210.             //             delete request.session.code;
    211. 

  211.             //         }
    212. 

  212.             //     } else {
    213. 

  213.             //         return response.json({error: 3, msg: '验证码错误。'});
    214. 

  214.             //     }
    215. 

  215.             // }
    216. 

  216. 

  217.             // 判断极验验证码是否通过
    218. 

  218.             // 先不使用,出现验证慢的情况
    219. 

  219.             // const captcha = new Captcha();
    220. 

  220.             // const captchResult = await captcha.validate(request);
    221. 

  221.             // if (!captchResult) {
    222. 

  222.             //     throw '极验验证码错误';
    223. 

  223.             // }
    224. 

  224. 

  225.             // 判断用户是否开启了只使用短信登录
    226. 

  226.             const userInfo = await userModel.findDataByAccount(userData.mobile);
    227. 

  227.             if (request.body.mobile === undefined && request.body.code === undefined && userInfo !== undefined && userInfo !== null && userInfo.isSmsLogin === 1) {
    228. 

  228.                 return response.json({error: 3, msg: '只能手机短信登录。', data: userData.mobile});
    229. 

  229.             }
    230. 

  230. 

  231.             let sessionUser = {
    232. 

  232.                 ssoId: userData.id,
    233. 

  233.                 username: userData.username,
    234. 

  234.                 email: userData.useremail,
    235. 

  235.                 mobile: userData.mobile,
    236. 

  236.                 isUserActive: userData.isUserActive,
    237. 

  237.             };
    238. 

  238. 

  239.             request.session.sessionUser = sessionUser;
    240. 

  240.             // 记录用户数据到数据库
    241. 

  241.             let result = await userModel.markUser(sessionUser, request);
    242. 

  242. 

  243.             // 获取偏好设置
    244. 

  244.             let settingModel = new SettingModel();
    245. 

  245.             preferenceSetting = await settingModel.getPreferenceSetting(request.session.sessionUser.id);
    246. 

  246.             if (!result) {
    247. 

  247.                 throw '标记用户信息失败!';
    248. 

  248.             }
    249. 

  249.             let compilationModel = new CompilationModel();
    250. 

  250.             if(preferenceSetting.login_ask === 1 || preferenceSetting.select_version === ''){
    251. 

  251.                 preferenceSetting.login_ask = 1;
    252. 

  252.                 compilationList = await  compilationModel.getList();
    253. 

  253.             }
    254. 

  254.             else{
    255. 

  255.                 compilationList = [];
    256. 

  256.             }
    257. 

  257.             // 获取编办信息
    258. 

  258.             let sessionCompilation = request.session.sessionCompilation;
    259. 

  259. 

  260.             if (preferenceSetting.login_ask === 0 && !sessionCompilation &&
    261. 

  261.                 preferenceSetting.select_version !== '') {
    262. 

  262.                 let compilationData = await compilationModel.getCompilationById(preferenceSetting.select_version);
    263. 

  263.                 // 判断当前用户的是使用免费版还是专业版
    264. 

  264.                 let compilationVersion = await userModel.getVersionFromUpgrade(sessionUser.ssoId, preferenceSetting.select_version);
    265. 

  265.                 request.session.compilationVersion = compilationVersion;
    266. 

  266.                 request.session.sessionCompilation = compilationData;
    267. 

  267.                 if(request.session.sessionUser.latest_used !== preferenceSetting.select_version) await userModel.updateLatestUsed(request.session.sessionUser.id,preferenceSetting.select_version);
    268. 

  268.             }
    269. 

  269. 

  270.             // 登录异常短信提醒功能
    271. 

  271.             const userinfo2 = await userModel.findDataByAccount(userData.mobile);
    272. 

  272.             if (userinfo2.isLoginValid === 1) {
    273. 

  273.                 // 获取本次访问ip
    274. 

  274.                 let ip = request.connection.remoteAddress;
    275. 

  275.                 ip = ip.split(':');
    276. 

  276.                 ip = ip[3] === undefined ? '' : ip[3];
    277. 

  277.                 let logModel = new LogModel();
    278. 

  278.                 let logCount = await logModel.count();
    279. 

  279.                 logCount = logCount > 30 ? 30 : logCount;
    280. 

  280.                 let page = 1;
    281. 

  281.                 const loginList = await logModel.getLog(request.session.sessionUser.id, LogType.LOGIN_LOG, page, logCount);
    282. 

  282.                 let messageFlag = true;
    283. 

  283.                 for (const [index,log] of loginList.entries()) {
    284. 

  284.                     if (log.message.ip === ip && index !== 0) {
    285. 

  285.                         messageFlag = false;
    286. 

  286.                         break;
    287. 

  287.                     }
    288. 

  288.                 }
    289. 

  289.                 messageFlag = true;
    290. 

  290.                 if (messageFlag) {
    291. 

  291.                     // 发送短信
    292. 

  292.                     const Sms = new SMS();
    293. 

  293.                     const logInfo = loginList[0];
    294. 

  294.                     await Sms.sendLoginMsg(userData.mobile, request.session.sessionUser.real_name, moment(logInfo.create_time).format('YYYY-MM-DD'), moment(logInfo.create_time).format('HH:mm:ss'), logInfo.message.ip_info, logInfo.message.ip);
    295. 

  295.                 }
    296. 

  296.             }
    297. 

  297. 

  298.         } catch (error) {
    299. 

  299.             console.log(error);
    300. 

  300.             return response.json({error: 1, msg: error});
    301. 

  301.         }
    302. 

  302.         request.session.online_start_time = +new Date();
    303. 

  303.         console.log(`${request.session.sessionUser.real_name}--id:${request.session.sessionUser.id}--登录了系统`);
    304. 

  304.         response.json({
    305. 

  305.             error: 0,
    306. 

  306.             msg: '',
    307. 

  307.             login_ask: preferenceSetting.login_ask,
    308. 

  308.             compilation_list: JSON.stringify(compilationList),
    309. 

  309.             last_page: request.session.lastPage
    310. 

  310.         });
    311. 

  311.     }
    312. 

  312. 

  313.     /**
    314. 

  314.      * 验证码注册
    315. 

  315.      *
    316. 

  316.      * @param {object} request
    317. 

  317.      * @param {object} response
    318. 

  318.      * @return {string}
    319. 

  319.      */
    320. 

  320.     async captcha(request, response) {
    321. 

  321.         const captcha = new Captcha();
    322. 

  322.         const res = await captcha.register(request);
    323. 

  323.         response.json(res);
    324. 

  324.     }
    325. 

  325. 

  326.     /**
    327. 

  327.      * 判断用户是否是专业版用户
    328. 

  328.      * @param request
    329. 

  329.      * @param response
    330. 

  330.      * @returns {Promise<void>}
    331. 

  331.      */
    332. 

  332.     // async accountIsPro(request, response) {
    333. 

  333.     //     let res = {
    334. 

  334.     //         error: 0,
    335. 

  335.     //         msg: '',
    336. 

  336.     //         result: false,
    337. 

  337.     //     };
    338. 

  338.     //     try{
    339. 

  339.     //         const account = request.body.account;
    340. 

  340.     //         const password = request.body.pw;
    341. 

  341.     //
    342. 

  342.     //         // 根据邮箱或手机号获取账号信息
    343. 

  343.     //         let userModel = new UserModel();
    344. 

  344.     //         // 调用接口验证登录信息
    345. 

  345.     //         let responseData = await userModel.getInfoFromSSO(account, password);
    346. 

  346.     //         console.log(responseData);
    347. 

  347.     //         // 先判断返回值是否为未激活状态
    348. 

  348.     //         if ( responseData === '-3') {
    349. 

  349.     //             throw '因邮箱未完成认证,账号未激活;去<a href="https://sso.smartcost.com.cn" target="_blank">激活</a>。';
    350. 

  350.     //         }
    351. 

  351.     //         responseData = JSON.parse(responseData);
    352. 

  352.     //         if (typeof responseData !== 'object') {
    353. 

  353.     //             throw '邮箱/手机 或 密码错误';
    354. 

  354.     //         }
    355. 

  355.     //
    356. 

  356.     //         if (responseData.length <= 0) {
    357. 

  357.     //             throw '接口返回数据错误';
    358. 

  358.     //         }
    359. 

  359.     //
    360. 

  360.     //         // 正确登录后 存入session
    361. 

  361.     //         let userData = responseData[0];
    362. 

  362.     //
    363. 

  363.     //         if (userData.mobile === '') {
    364. 

  364.     //             return response.json({error: 2,ssoId: userData.id});
    365. 

  365.     //         }
    366. 

  366.     //
    367. 

  367.     //         // const userInfo = await userModel.findDataByAccount(account);
    368. 

  368.     //         // if (userInfo && userInfo.upgrade_list !== undefined) {
    369. 

  369.     //         //     for (const ul of userInfo.upgrade_list) {
    370. 

  370.     //         //         if (ul.isUpgrade === true) {
    371. 

  371.     //         //             res.result = true;
    372. 

  372.     //         //             res.data = userInfo.mobile;
    373. 

  373.     //         //             break;
    374. 

  374.     //         //         }
    375. 

  375.     //         //     }
    376. 

  376.     //         // } else {
    377. 

  377.     //         //     res.msg = '当前未存在此用户';
    378. 

  378.     //         // }
    379. 

  379.     //         res.result = true;
    380. 

  380.     //         // if (userInfo) {
    381. 

  381.     //         //     res.data = userInfo.mobile;
    382. 

  382.     //         // } else {
    383. 

  383.     //             res.data = userData.mobile;
    384. 

  384.     //         // }
    385. 

  385.     //     } catch (err) {
    386. 

  386.     //         res.error = 1;
    387. 

  387.     //         res.msg = err;
    388. 

  388.     //     }
    389. 

  389.     //
    390. 

  390.     //     response.json(res);
    391. 

  391.     // }
    392. 

  392. 

  393. }
    394. 

  394. 

  395. export default LoginController;
    396.