Home Explore Help
Sign In
maixinrong
/
Calculation
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 388bf466ee
Branches Tags
Calculation
/
app
/
middleware
/
session_auth.js

session_auth.js 6.8 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143 
  1. 'use strict';
    2. 

  2. 

  3. // 加密类
    4. 

  4. const crypto = require('crypto');
    5. 

  5. const messageType = require('../const/message_type');
    6. 

  6. 

  7. module.exports = options => {
    8. 

  8.     /**
    9. 

  9.      * session判断中间件
    10. 

  10.      *
    11. 

  11.      * @param {function} next - 中间件继续执行的方法
    12. 

  12.      * @return {void}
    13. 

  13.      */
    14. 

  14.     return function* sessionAuth(next) {
    15. 

  15.         try {
    16. 

  16.             // 判断session
    17. 

  17.             const sessionUser = this.session.sessionUser;
    18. 

  18.             if (sessionUser === undefined) {
    19. 

  19.                 throw '不存在session';
    20. 

  20.             }
    21. 

  21.             // 校验session
    22. 

  22.             if (sessionUser.account === undefined || sessionUser.loginTime === undefined) {
    23. 

  23.                 throw '用户数据不完整';
    24. 

  24.             }
    25. 

  25.             // 校验session
    26. 

  26.             const sessionToken = crypto.createHmac('sha1', sessionUser.loginTime + '')
    27. 

  27.                 .update(sessionUser.account).digest('hex').toString('base64');
    28. 

  28.             if (sessionToken !== sessionUser.sessionToken) {
    29. 

  29.                 throw 'session数据错误';
    30. 

  30.             }
    31. 

  31. 

  32.             // 获取用户新建标段权利
    33. 

  33.             const accountInfo = yield this.service.projectAccount.getDataById(this.session.sessionUser.accountId);
    34. 

  34.             this.session.sessionUser.permission = accountInfo !== undefined && accountInfo.permission !== '' ? JSON.parse(accountInfo.permission) : null;
    35. 

  35.             const projectData = yield this.service.project.getDataById(this.session.sessionProject.id);
    36. 

  36.             this.session.sessionProject.page_show = yield this.service.projectAccount.getPageShow(projectData.page_show);
    37. 

  37.             this.session.sessionProject.custom = projectData.custom;
    38. 

  38.             this.session.sessionProject.dataCollect = projectData.data_collect;
    39. 

  39.             this.session.sessionProject.customType = projectData.customType;
    40. 

  40.             this.session.sessionProject.funSet = projectData.fun_set ? JSON.parse(projectData.fun_set) : null;
    41. 

  41.             // todo 迁移至subProject内部
    42. 

  42.             // 判断是否有权限查看决策大屏
    43. 

  43.             // let showDataCollect = 0;
    44. 

  44.             // if (projectData.data_collect && this.session.sessionProject.page_show.openDataCollect) {
    45. 

  45.             //     if (sessionUser.is_admin) {
    46. 

  46.             //         showDataCollect = 1;
    47. 

  47.             //     } else {
    48. 

  48.             //         const auditInfo = yield this.service.datacollectAudit.getDataByCondition({ pid: projectData.id, uid: accountInfo.id });
    49. 

  49.             //         if (auditInfo) {
    50. 

  50.             //             showDataCollect = 1;
    51. 

  51.             //         } else {
    52. 

  52.             //             let companyInfo = null;
    53. 

  53.             //             if (accountInfo.company_id) {
    54. 

  54.             //                 companyInfo = yield this.service.datacollectAudit.getDataByCondition({
    55. 

  55.             //                     pid: projectData.id,
    56. 

  56.             //                     company_id: accountInfo.company_id,
    57. 

  57.             //                 });
    58. 

  58.             //             } else {
    59. 

  59.             //                 const cuInfo = yield this.service.constructionUnit.getDataByCondition({
    60. 

  60.             //                     pid: projectData.id,
    61. 

  61.             //                     name: accountInfo.company,
    62. 

  62.             //                 });
    63. 

  63.             //                 if (cuInfo) {
    64. 

  64.             //                     companyInfo = yield this.service.datacollectAudit.getDataByCondition({
    65. 

  65.             //                         pid: projectData.id,
    66. 

  66.             //                         company_id: cuInfo.id,
    67. 

  67.             //                     });
    68. 

  68.             //                     yield this.service.projectAccount.update({ company_id: cuInfo.id }, { id: accountInfo.id });
    69. 

  69.             //                 }
    70. 

  70.             //             }
    71. 

  71.             //             if (companyInfo) {
    72. 

  72.             //                 showDataCollect = 1;
    73. 

  73.             //             } else {
    74. 

  74.             //                 const grounpInfo = yield this.service.datacollectAudit.getGroupInfo(projectData.id, accountInfo.account_group);
    75. 

  75.             //                 if (grounpInfo) {
    76. 

  76.             //                     showDataCollect = 1;
    77. 

  77.             //                 }
    78. 

  78.             //             }
    79. 

  79.             //         }
    80. 

  80.             //     }
    81. 

  81.             // }
    82. 

  82.             // this.session.sessionProject.showDataCollect = showDataCollect;
    83. 

  83.             // // 判断是否有权限查看支付审批
    84. 

  84.             // let showPayment = 0;
    85. 

  85.             // if (sessionUser.is_admin) {
    86. 

  86.             //     showPayment = this.session.sessionProject.page_show.openPayment ? 1 : 0;
    87. 

  87.             // } else {
    88. 

  88.             //     if (this.session.sessionProject.page_show.openPayment) {
    89. 

  89.             //         const auditInfo = yield this.service.subProjPermission.showPayment(sessionUser.accountId);
    90. 

  90.             //         if (auditInfo) {
    91. 

  91.             //             showPayment = 1;
    92. 

  92.             //         }
    93. 

  93.             //     }
    94. 

  94.             // }
    95. 

  95.             // this.session.sessionProject.showPayment = showPayment;
    96. 

  96. 

  97.             // 同步消息
    98. 

  98.             yield this.service.notify.syncNotifyData();
    99. 

  99.             // 同步系统维护信息
    100. 

  100.             yield this.service.maintain.syncMaintainData();
    101. 

  101.             if (this.session === null) {
    102. 

  102.                 throw '系统维护中~';
    103. 

  103.             }
    104. 

  104. 

  105.             // 对sub_menu项目默认打开页进行配置
    106. 

  106.             const path = yield this.service.settingShow.getDefaultPath(this.session.sessionProject.id);
    107. 

  107.             path && (this.curListUrl = path);
    108. 

  108. 

  109.             // 针对非wap重定向,去掉wap
    110. 

  110.             if (this.method === 'GET' && this.url.match(/\/wap\//) && !this.helper.isMobile(this.request.header['user-agent'])) {
    111. 

  111.                 const returnUrl = this.url.replace(/\/wap/g, '');
    112. 

  112.                 this.redirect(returnUrl);
    113. 

  113.             }
    114. 

  114.         } catch (error) {
    115. 

  115.             console.log(error);
    116. 

  116.             this.log(error);
    117. 

  117.             if (this.helper.isAjax(this.request)) {
    118. 

  118.                 return this.body = {
    119. 

  119.                     err: 2,
    120. 

  120.                     msg: '登录信息异常,请重新登录',
    121. 

  121.                     data: '',
    122. 

  122.                 };
    123. 

  123.             } else if (this.session === null) {
    124. 

  124.                 if (this.helper.isWap(this.request)) {
    125. 

  125.                     this.session.wapTenderID = this.params.id ? this.params.id : null;
    126. 

  126.                     return this.redirect('/wap/login?referer=' + this.url);
    127. 

  127.                 }
    128. 

  128.                 return this.redirect('/login?referer=' + this.url);
    129. 

  129.             }
    130. 

  130.             if (this.helper.isWap(this.request)) {
    131. 

  131.                 this.session.wapTenderID = this.params.id ? this.params.id : null;
    132. 

  132.                 return this.redirect('/wap/login?referer=' + this.url);
    133. 

  133.             }
    134. 

  134.             this.session.message = {
    135. 

  135.                 type: messageType.ERROR,
    136. 

  136.                 icon: 'exclamation-circle',
    137. 

  137.                 message: '登录信息异常,请重新登录',
    138. 

  138.             };
    139. 

  139.             return this.redirect('/login?referer=' + this.url);
    140. 

  140.         }
    141. 

  141.         yield next;
    142. 

  142.     };
    143. 

  143. };
    144.