Главная Обзор Помощь
Вход
maixinrong
/
Calculation
1
0
Ответвить 0
Файлы Задачи 0 Запросы на слияние 0 Вики
Дерево: 94b96eaa1d
Ветки Метки
Calculation
/
app
/
middleware
/
session_auth.js

session_auth.js 7.0 KB
История Исходник

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149 
  1. 'use strict';
    2. 

  2. 

  3. // 加密类
    4. 

  4. const crypto = require('crypto');
    5. 

  5. const messageType = require('../const/message_type');
    6. 

  6. 

  7. module.exports = options => {
    8. 

  8.     /**
    9. 

  9.      * session判断中间件
    10. 

  10.      *
    11. 

  11.      * @param {function} next - 中间件继续执行的方法
    12. 

  12.      * @return {void}
    13. 

  13.      */
    14. 

  14.     return function* sessionAuth(next) {
    15. 

  15.         try {
    16. 

  16.             // 判断session
    17. 

  17.             const sessionUser = this.session.sessionUser;
    18. 

  18.             if (sessionUser === undefined) {
    19. 

  19.                 throw '不存在session';
    20. 

  20.             }
    21. 

  21.             // 校验session
    22. 

  22.             if (sessionUser.account === undefined || sessionUser.loginTime === undefined) {
    23. 

  23.                 throw '用户数据不完整';
    24. 

  24.             }
    25. 

  25.             // 校验session
    26. 

  26.             const sessionToken = crypto.createHmac('sha1', sessionUser.loginTime + '')
    27. 

  27.                 .update(sessionUser.account).digest('hex').toString('base64');
    28. 

  28.             if (sessionToken !== sessionUser.sessionToken) {
    29. 

  29.                 throw 'session数据错误';
    30. 

  30.             }
    31. 

  31. 

  32.             // 获取用户新建标段权利
    33. 

  33.             const accountInfo = yield this.service.projectAccount.getDataById(this.session.sessionUser.accountId);
    34. 

  34.             this.session.sessionUser.permission = accountInfo !== undefined && accountInfo.permission !== '' ? JSON.parse(accountInfo.permission) : null;
    35. 

  35.             const projectData = yield this.service.project.getDataById(this.session.sessionProject.id);
    36. 

  36.             this.session.sessionProject.page_show = yield this.service.projectAccount.getPageShow(projectData.page_show);
    37. 

  37.             this.session.sessionProject.custom = projectData.custom;
    38. 

  38.             this.session.sessionProject.dataCollect = projectData.data_collect;
    39. 

  39.             this.session.sessionProject.customType = projectData.customType;
    40. 

  40.             this.session.sessionProject.funSet = projectData.fun_set ? JSON.parse(projectData.fun_set) : null;
    41. 

  41.             // 判断是否有权限查看决策大屏
    42. 

  42.             let showDataCollect = 0;
    43. 

  43.             if (projectData.data_collect) {
    44. 

  44.                 if (sessionUser.is_admin) {
    45. 

  45.                     showDataCollect = 1;
    46. 

  46.                 } else {
    47. 

  47.                     const auditInfo = yield this.service.datacollectAudit.getDataByCondition({ pid: projectData.id, uid: accountInfo.id });
    48. 

  48.                     if (auditInfo) {
    49. 

  49.                         showDataCollect = 1;
    50. 

  50.                     } else {
    51. 

  51.                         let companyInfo = null;
    52. 

  52.                         if (accountInfo.company_id) {
    53. 

  53.                             companyInfo = yield this.service.datacollectAudit.getDataByCondition({
    54. 

  54.                                 pid: projectData.id,
    55. 

  55.                                 company_id: accountInfo.company_id,
    56. 

  56.                             });
    57. 

  57.                         } else {
    58. 

  58.                             const cuInfo = yield this.service.constructionUnit.getDataByCondition({
    59. 

  59.                                 pid: projectData.id,
    60. 

  60.                                 name: accountInfo.company,
    61. 

  61.                             });
    62. 

  62.                             if (cuInfo) {
    63. 

  63.                                 companyInfo = yield this.service.datacollectAudit.getDataByCondition({
    64. 

  64.                                     pid: projectData.id,
    65. 

  65.                                     company_id: cuInfo.id,
    66. 

  66.                                 });
    67. 

  67.                                 yield this.service.projectAccount.update({ company_id: cuInfo.id }, { id: accountInfo.id });
    68. 

  68.                             }
    69. 

  69.                         }
    70. 

  70.                         if (companyInfo) {
    71. 

  71.                             showDataCollect = 1;
    72. 

  72.                         } else {
    73. 

  73.                             const grounpInfo = yield this.service.datacollectAudit.getGroupInfo(projectData.id, accountInfo.account_group);
    74. 

  74.                             if (grounpInfo) {
    75. 

  75.                                 showDataCollect = 1;
    76. 

  76.                             }
    77. 

  77.                         }
    78. 

  78.                     }
    79. 

  79.                 }
    80. 

  80.             }
    81. 

  81.             this.session.sessionProject.showDataCollect = showDataCollect;
    82. 

  82.             // 判断是否有权限查看支付审批
    83. 

  83.             let showPayment = 0;
    84. 

  84.             if (sessionUser.is_admin) {
    85. 

  85.                 this.session.sessionProject.showSubProj = true;
    86. 

  86.                 this.session.sessionProject.showBudget = true;
    87. 

  87.                 showPayment = 1;
    88. 

  88.             } else {
    89. 

  89.                 this.session.sessionProject.showSubProj = false;
    90. 

  90.                 this.session.sessionProject.showBudget = yield this.service.subProjPermission.showBudget(sessionUser.accountId);
    91. 

  91.                 // const grounpInfo = yield this.service.paymentPermissionAudit.getGroupInfo(projectData.id, accountInfo.account_group);
    92. 

  92.                 // if (grounpInfo) {
    93. 

  93.                 //     showPayment = 1;
    94. 

  94.                 // } else {
    95. 

  95.                 const auditInfo = yield this.service.paymentPermissionAudit.getDataByCondition({ pid: projectData.id, uid: accountInfo.id });
    96. 

  96.                 if (auditInfo) {
    97. 

  97.                     showPayment = 1;
    98. 

  98.                 }
    99. 

  99.                 // }
    100. 

  100.             }
    101. 

  101.             this.session.sessionProject.showPayment = showPayment;
    102. 

  102. 

  103.             // 同步消息
    104. 

  104.             yield this.service.notify.syncNotifyData();
    105. 

  105.             // 同步系统维护信息
    106. 

  106.             yield this.service.maintain.syncMaintainData();
    107. 

  107.             if (this.session === null) {
    108. 

  108.                 throw '系统维护中~';
    109. 

  109.             }
    110. 

  110. 

  111.             // 对sub_menu项目默认打开页进行配置
    112. 

  112.             const path = yield this.service.settingShow.getDefaultPath(this.session.sessionProject.id);
    113. 

  113.             path && (this.curListUrl = path);
    114. 

  114. 

  115.             // 针对非wap重定向,去掉wap
    116. 

  116.             if (this.method === 'GET' && this.url.match(/\/wap\//) && !this.helper.isMobile(this.request.header['user-agent'])) {
    117. 

  117.                 const returnUrl = this.url.replace(/\/wap/g, '');
    118. 

  118.                 this.redirect(returnUrl);
    119. 

  119.             }
    120. 

  120.         } catch (error) {
    121. 

  121.             console.log(error);
    122. 

  122.             this.log(error);
    123. 

  123.             if (this.helper.isAjax(this.request)) {
    124. 

  124.                 return this.body = {
    125. 

  125.                     err: 2,
    126. 

  126.                     msg: '登录信息异常,请重新登录',
    127. 

  127.                     data: '',
    128. 

  128.                 };
    129. 

  129.             } else if (this.session === null) {
    130. 

  130.                 if (this.helper.isWap(this.request)) {
    131. 

  131.                     this.session.wapTenderID = this.params.id ? this.params.id : null;
    132. 

  132.                     return this.redirect('/wap/login?referer=' + this.url);
    133. 

  133.                 }
    134. 

  134.                 return this.redirect('/login?referer=' + this.url);
    135. 

  135.             }
    136. 

  136.             if (this.helper.isWap(this.request)) {
    137. 

  137.                 this.session.wapTenderID = this.params.id ? this.params.id : null;
    138. 

  138.                 return this.redirect('/wap/login?referer=' + this.url);
    139. 

  139.             }
    140. 

  140.             this.session.message = {
    141. 

  141.                 type: messageType.ERROR,
    142. 

  142.                 icon: 'exclamation-circle',
    143. 

  143.                 message: '登录信息异常,请重新登录',
    144. 

  144.             };
    145. 

  145.             return this.redirect('/login?referer=' + this.url);
    146. 

  146.         }
    147. 

  147.         yield next;
    148. 

  148.     };
    149. 

  149. };
    150.