Calculation/app/middleware/session_auth.js

'use strict';

// 加密类
const crypto = require('crypto');
const messageType = require('../const/message_type');

module.exports = options => {
    /**
     * session判断中间件
     *
     * @param {function} next - 中间件继续执行的方法
     * @return {void}
     */
    return function* sessionAuth(next) {
        try {
            // 判断session
            const sessionUser = this.session.sessionUser;
            if (sessionUser === undefined) {
                throw '不存在session';
            }
            // 校验session
            if (sessionUser.account === undefined || sessionUser.loginTime === undefined) {
                throw '用户数据不完整';
            }
            // 校验session
            const sessionToken = crypto.createHmac('sha1', sessionUser.loginTime + '')
                .update(sessionUser.account).digest('hex').toString('base64');
            if (sessionToken !== sessionUser.sessionToken) {
                throw 'session数据错误';
            }

            // 获取用户新建标段权利
            const accountInfo = yield this.service.projectAccount.getDataById(this.session.sessionUser.accountId);
            this.session.sessionUser.permission = accountInfo !== undefined && accountInfo.permission !== '' ? JSON.parse(accountInfo.permission) : null;
            const projectData = yield this.service.project.getDataById(this.session.sessionProject.id);
            this.session.sessionProject.page_show = yield this.service.projectAccount.getPageShow(projectData.page_show);
            this.session.sessionProject.custom = projectData.custom;
            this.session.sessionProject.customType = projectData.customType;
            this.session.sessionProject.funSet = projectData.fun_set ? JSON.parse(projectData.fun_set) : null;

            // 同步消息
            yield this.service.notify.syncNotifyData();
            // 同步系统维护信息
            yield this.service.maintain.syncMaintainData();
            if (this.session === null) {
                throw '系统维护中~';
            }

            // 对sub_menu项目默认打开页进行配置
            const path = yield this.service.settingShow.getDefaultPath(this.session.sessionProject.id);
            path && (this.curListUrl = path);

            // 针对非wap重定向，去掉wap
            if (this.method === 'GET' && this.url.match(/\/wap\//) && !this.helper.isMobile(this.request.header['user-agent'])) {
                const returnUrl = this.url.replace(/\/wap/g, '');
                this.redirect(returnUrl);
            }
        } catch (error) {
            console.log(error);
            this.log(error);
            if (this.helper.isAjax(this.request)) {
                return this.body = {
                    err: 2,
                    msg: '登录信息异常，请重新登录',
                    data: '',
                };
            } else if (this.session === null) {
                if (this.helper.isWap(this.request)) {
                    this.session.wapTenderID = this.params.id ? this.params.id : null;
                    return this.redirect('/wap/login?referer=' + this.url);
                }
                return this.redirect('/login?referer=' + this.url);
            }
            if (this.helper.isWap(this.request)) {
                this.session.wapTenderID = this.params.id ? this.params.id : null;
                return this.redirect('/wap/login?referer=' + this.url);
            }
            this.session.message = {
                type: messageType.ERROR,
                icon: 'exclamation-circle',
                message: '登录信息异常，请重新登录',
            };
            return this.redirect('/login?referer=' + this.url);
        }
        yield next;
    };
};