session_auth.js 3.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687
  1. 'use strict';
  2. // 加密类
  3. const crypto = require('crypto');
  4. const messageType = require('../const/message_type');
  5. module.exports = options => {
  6. /**
  7. * session判断中间件
  8. *
  9. * @param {function} next - 中间件继续执行的方法
  10. * @return {void}
  11. */
  12. return function* sessionAuth(next) {
  13. try {
  14. // 判断session
  15. const sessionUser = this.session.sessionUser;
  16. if (sessionUser === undefined) {
  17. throw '不存在session';
  18. }
  19. // 校验session
  20. if (sessionUser.account === undefined || sessionUser.loginTime === undefined) {
  21. throw '用户数据不完整';
  22. }
  23. // 校验session
  24. const sessionToken = crypto.createHmac('sha1', sessionUser.loginTime + '')
  25. .update(sessionUser.account).digest('hex').toString('base64');
  26. if (sessionToken !== sessionUser.sessionToken) {
  27. throw 'session数据错误';
  28. }
  29. // 获取用户新建标段权利
  30. const accountInfo = yield this.service.projectAccount.getDataById(this.session.sessionUser.accountId);
  31. this.session.sessionUser.permission = accountInfo !== undefined && accountInfo.permission !== '' ? JSON.parse(accountInfo.permission) : null;
  32. const projectData = yield this.service.project.getDataById(this.session.sessionProject.id);
  33. this.session.sessionProject.page_show = yield this.service.projectAccount.getPageShow(projectData.page_show);
  34. this.session.sessionProject.custom = projectData.custom;
  35. this.session.sessionProject.customType = projectData.customType;
  36. this.session.sessionProject.funSet = projectData.fun_set ? JSON.parse(projectData.fun_set) : null;
  37. // 同步消息
  38. yield this.service.notify.syncNotifyData();
  39. // 同步系统维护信息
  40. yield this.service.maintain.syncMaintainData();
  41. if (this.session === null) {
  42. throw '系统维护中~';
  43. }
  44. // 对sub_menu项目默认打开页进行配置
  45. const path = yield this.service.settingShow.getDefaultPath(this.session.sessionProject.id);
  46. path && (this.curListUrl = path);
  47. // 针对非wap重定向,去掉wap
  48. if (this.method === 'GET' && this.url.match(/\/wap\//) && !this.helper.isMobile(this.request.header['user-agent'])) {
  49. const returnUrl = this.url.replace(/\/wap/g, '');
  50. this.redirect(returnUrl);
  51. }
  52. } catch (error) {
  53. console.log(error);
  54. this.log(error);
  55. if (this.helper.isAjax(this.request)) {
  56. return this.body = {
  57. err: 2,
  58. msg: '登录信息异常,请重新登录',
  59. data: '',
  60. };
  61. } else if (this.session === null) {
  62. if (this.helper.isWap(this.request)) {
  63. this.session.wapTenderID = this.params.id ? this.params.id : null;
  64. return this.redirect('/wap/login?referer=' + this.url);
  65. }
  66. return this.redirect('/login?referer=' + this.url);
  67. }
  68. if (this.helper.isWap(this.request)) {
  69. this.session.wapTenderID = this.params.id ? this.params.id : null;
  70. return this.redirect('/wap/login?referer=' + this.url);
  71. }
  72. this.session.message = {
  73. type: messageType.ERROR,
  74. icon: 'exclamation-circle',
  75. message: '登录信息异常,请重新登录',
  76. };
  77. return this.redirect('/login?referer=' + this.url);
  78. }
  79. yield next;
  80. };
  81. };