Home Explore Help
Sign In
maixinrong
/
Calculation
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 394b34ece2
Branches Tags
Calculation
/
app
/
middleware
/
session_auth.js

session_auth.js 4.2 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798 
  1. 'use strict';
    2. 

  2. 

  3. // 加密类
    4. 

  4. const crypto = require('crypto');
    5. 

  5. const messageType = require('../const/message_type');
    6. 

  6. 

  7. module.exports = options => {
    8. 

  8.     /**
    9. 

  9.      * session判断中间件
    10. 

  10.      *
    11. 

  11.      * @param {function} next - 中间件继续执行的方法
    12. 

  12.      * @return {void}
    13. 

  13.      */
    14. 

  14.     return function* sessionAuth(next) {
    15. 

  15.         try {
    16. 

  16.             // 判断session
    17. 

  17.             const sessionUser = this.session.sessionUser;
    18. 

  18.             if (sessionUser === undefined) {
    19. 

  19.                 throw '不存在session';
    20. 

  20.             }
    21. 

  21.             // 校验session
    22. 

  22.             if (sessionUser.account === undefined || sessionUser.loginTime === undefined) {
    23. 

  23.                 throw '用户数据不完整';
    24. 

  24.             }
    25. 

  25.             // 校验session
    26. 

  26.             const sessionToken = crypto.createHmac('sha1', sessionUser.loginTime + '')
    27. 

  27.                 .update(sessionUser.account).digest('hex').toString('base64');
    28. 

  28.             if (sessionToken !== sessionUser.sessionToken) {
    29. 

  29.                 throw 'session数据错误';
    30. 

  30.             }
    31. 

  31. 

  32.             // 获取用户新建标段权利
    33. 

  33.             const accountInfo = yield this.service.projectAccount.getDataById(this.session.sessionUser.accountId);
    34. 

  34.             this.session.sessionUser.permission = accountInfo !== undefined && accountInfo.permission !== '' ? JSON.parse(accountInfo.permission) : null;
    35. 

  35.             const projectData = yield this.service.project.getDataById(this.session.sessionProject.id);
    36. 

  36.             this.session.sessionProject.page_show = yield this.service.projectAccount.getPageShow(projectData.page_show);
    37. 

  37.             this.session.sessionProject.custom = projectData.custom;
    38. 

  38.             this.session.sessionProject.dataCollect = projectData.data_collect;
    39. 

  39.             this.session.sessionProject.customType = projectData.customType;
    40. 

  40.             // 判断是否有权限查看决策大屏
    41. 

  41.             let showDataCollect = 0;
    42. 

  42.             if (projectData.data_collect) {
    43. 

  43.                 if (sessionUser.is_admin) {
    44. 

  44.                     showDataCollect = 1;
    45. 

  45.                 } else {
    46. 

  46.                     const grounpInfo = yield this.service.datacollectAudit.getGroupInfo(projectData.id, accountInfo.account_group);
    47. 

  47.                     if (grounpInfo) {
    48. 

  48.                         showDataCollect = 1;
    49. 

  49.                     } else {
    50. 

  50.                         const auditInfo = yield this.service.datacollectAudit.getDataByCondition({ pid: projectData.id, uid: accountInfo.id });
    51. 

  51.                         if (auditInfo) {
    52. 

  52.                             showDataCollect = 1;
    53. 

  53.                         }
    54. 

  54.                     }
    55. 

  55.                 }
    56. 

  56.             }
    57. 

  57.             this.session.sessionProject.showDataCollect = showDataCollect;
    58. 

  58. 

  59.             // 同步消息
    60. 

  60.             yield this.service.notify.syncNotifyData();
    61. 

  61.             // 同步系统维护信息
    62. 

  62.             yield this.service.maintain.syncMaintainData();
    63. 

  63.             if (this.session === null) {
    64. 

  64.                 throw '系统维护中~';
    65. 

  65.             }
    66. 

  66. 

  67.             // 对sub_menu项目默认打开页进行配置
    68. 

  68.             const path = yield this.service.settingShow.getDefaultPath(this.session.sessionProject.id);
    69. 

  69.             path && (this.curListUrl = path);
    70. 

  70. 

  71.         } catch (error) {
    72. 

  72.             if (this.helper.isAjax(this.request)) {
    73. 

  73.                 return this.body = {
    74. 

  74.                     err: 2,
    75. 

  75.                     msg: '登录信息异常,请重新登录',
    76. 

  76.                     data: '',
    77. 

  77.                 };
    78. 

  78.             } else if (this.session === null) {
    79. 

  79.                 if (this.helper.isWap(this.request)) {
    80. 

  80.                     this.session.wapTenderID = this.params.id ? this.params.id : null;
    81. 

  81.                     return this.redirect('/wap/login?referer=' + this.url);
    82. 

  82.                 }
    83. 

  83.                 return this.redirect('/login?referer=' + this.url);
    84. 

  84.             }
    85. 

  85.             if (this.helper.isWap(this.request)) {
    86. 

  86.                 this.session.wapTenderID = this.params.id ? this.params.id : null;
    87. 

  87.                 return this.redirect('/wap/login?referer=' + this.url);
    88. 

  88.             }
    89. 

  89.             this.session.message = {
    90. 

  90.                 type: messageType.ERROR,
    91. 

  91.                 icon: 'exclamation-circle',
    92. 

  92.                 message: '登录信息异常,请重新登录',
    93. 

  93.             };
    94. 

  94.             return this.redirect('/login?referer=' + this.url);
    95. 

  95.         }
    96. 

  96.         yield next;
    97. 

  97.     };
    98. 

  98. };
    99.