Inicio Explorar Ayuda
Iniciar sesión
maixinrong
/
Calculation
1
0
Fork 0
Archivos Incidencias 0 Pull Requests 0 Wiki
Árbol: ec60a1e80f
Ramas Etiquetas
Calculation
/
app
/
middleware
/
session_auth.js

session_auth.js 5.7 KB
Histórico Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126 
  1. 'use strict';
    2. 

  2. 

  3. // 加密类
    4. 

  4. const crypto = require('crypto');
    5. 

  5. const messageType = require('../const/message_type');
    6. 

  6. 

  7. module.exports = options => {
    8. 

  8.     /**
    9. 

  9.      * session判断中间件
    10. 

  10.      *
    11. 

  11.      * @param {function} next - 中间件继续执行的方法
    12. 

  12.      * @return {void}
    13. 

  13.      */
    14. 

  14.     return function* sessionAuth(next) {
    15. 

  15.         try {
    16. 

  16.             // 判断session
    17. 

  17.             const sessionUser = this.session.sessionUser;
    18. 

  18.             if (sessionUser === undefined) {
    19. 

  19.                 throw '不存在session';
    20. 

  20.             }
    21. 

  21.             // 校验session
    22. 

  22.             if (sessionUser.account === undefined || sessionUser.loginTime === undefined) {
    23. 

  23.                 throw '用户数据不完整';
    24. 

  24.             }
    25. 

  25.             // 校验session
    26. 

  26.             const sessionToken = crypto.createHmac('sha1', sessionUser.loginTime + '')
    27. 

  27.                 .update(sessionUser.account).digest('hex').toString('base64');
    28. 

  28.             if (sessionToken !== sessionUser.sessionToken) {
    29. 

  29.                 throw 'session数据错误';
    30. 

  30.             }
    31. 

  31. 

  32.             // 获取用户新建标段权利
    33. 

  33.             const accountInfo = yield this.service.projectAccount.getDataById(this.session.sessionUser.accountId);
    34. 

  34.             this.session.sessionUser.permission = accountInfo !== undefined && accountInfo.permission !== '' ? JSON.parse(accountInfo.permission) : null;
    35. 

  35.             const projectData = yield this.service.project.getDataById(this.session.sessionProject.id);
    36. 

  36.             this.session.sessionProject.page_show = yield this.service.projectAccount.getPageShow(projectData.page_show);
    37. 

  37.             this.session.sessionProject.custom = projectData.custom;
    38. 

  38.             this.session.sessionProject.dataCollect = projectData.data_collect;
    39. 

  39.             this.session.sessionProject.customType = projectData.customType;
    40. 

  40.             this.session.sessionProject.funSet = projectData.fun_set ? JSON.parse(projectData.fun_set) : null;
    41. 

  41.             // 判断是否有权限查看决策大屏
    42. 

  42.             let showDataCollect = 0;
    43. 

  43.             if (projectData.data_collect) {
    44. 

  44.                 if (sessionUser.is_admin) {
    45. 

  45.                     showDataCollect = 1;
    46. 

  46.                 } else {
    47. 

  47.                     const grounpInfo = yield this.service.datacollectAudit.getGroupInfo(projectData.id, accountInfo.account_group);
    48. 

  48.                     if (grounpInfo) {
    49. 

  49.                         showDataCollect = 1;
    50. 

  50.                     } else {
    51. 

  51.                         const auditInfo = yield this.service.datacollectAudit.getDataByCondition({ pid: projectData.id, uid: accountInfo.id });
    52. 

  52.                         if (auditInfo) {
    53. 

  53.                             showDataCollect = 1;
    54. 

  54.                         }
    55. 

  55.                     }
    56. 

  56.                 }
    57. 

  57.             }
    58. 

  58.             this.session.sessionProject.showDataCollect = showDataCollect;
    59. 

  59.             // 判断是否有权限查看支付审批
    60. 

  60.             let showPayment = 0;
    61. 

  61.             if (sessionUser.is_admin) {
    62. 

  62.                 this.session.sessionProject.showSubProj = true;
    63. 

  63.                 this.session.sessionProject.showBudget = true;
    64. 

  64.                 showPayment = 1;
    65. 

  65.             } else {
    66. 

  66.                 this.session.sessionProject.showSubProj = false;
    67. 

  67.                 this.session.sessionProject.showBudget = yield this.service.subProjPermission.showBudget(sessionUser.accountId);
    68. 

  68.                 // const grounpInfo = yield this.service.paymentPermissionAudit.getGroupInfo(projectData.id, accountInfo.account_group);
    69. 

  69.                 // if (grounpInfo) {
    70. 

  70.                 //     showPayment = 1;
    71. 

  71.                 // } else {
    72. 

  72.                 const auditInfo = yield this.service.paymentPermissionAudit.getDataByCondition({ pid: projectData.id, uid: accountInfo.id });
    73. 

  73.                 if (auditInfo) {
    74. 

  74.                     showPayment = 1;
    75. 

  75.                 }
    76. 

  76.                 // }
    77. 

  77.             }
    78. 

  78.             this.session.sessionProject.showPayment = showPayment;
    79. 

  79. 

  80.             // 同步消息
    81. 

  81.             yield this.service.notify.syncNotifyData();
    82. 

  82.             // 同步系统维护信息
    83. 

  83.             yield this.service.maintain.syncMaintainData();
    84. 

  84.             if (this.session === null) {
    85. 

  85.                 throw '系统维护中~';
    86. 

  86.             }
    87. 

  87. 

  88.             // 对sub_menu项目默认打开页进行配置
    89. 

  89.             const path = yield this.service.settingShow.getDefaultPath(this.session.sessionProject.id);
    90. 

  90.             path && (this.curListUrl = path);
    91. 

  91. 

  92.             // 针对非wap重定向,去掉wap
    93. 

  93.             if (this.method === 'GET' && this.url.match(/\/wap\//) && !this.helper.isMobile(this.request.header['user-agent'])) {
    94. 

  94.                 const returnUrl = this.url.replace(/\/wap/g, '');
    95. 

  95.                 this.redirect(returnUrl);
    96. 

  96.             }
    97. 

  97.         } catch (error) {
    98. 

  98.             console.log(error);
    99. 

  99.             this.log(error);
    100. 

  100.             if (this.helper.isAjax(this.request)) {
    101. 

  101.                 return this.body = {
    102. 

  102.                     err: 2,
    103. 

  103.                     msg: '登录信息异常,请重新登录',
    104. 

  104.                     data: '',
    105. 

  105.                 };
    106. 

  106.             } else if (this.session === null) {
    107. 

  107.                 if (this.helper.isWap(this.request)) {
    108. 

  108.                     this.session.wapTenderID = this.params.id ? this.params.id : null;
    109. 

  109.                     return this.redirect('/wap/login?referer=' + this.url);
    110. 

  110.                 }
    111. 

  111.                 return this.redirect('/login?referer=' + this.url);
    112. 

  112.             }
    113. 

  113.             if (this.helper.isWap(this.request)) {
    114. 

  114.                 this.session.wapTenderID = this.params.id ? this.params.id : null;
    115. 

  115.                 return this.redirect('/wap/login?referer=' + this.url);
    116. 

  116.             }
    117. 

  117.             this.session.message = {
    118. 

  118.                 type: messageType.ERROR,
    119. 

  119.                 icon: 'exclamation-circle',
    120. 

  120.                 message: '登录信息异常,请重新登录',
    121. 

  121.             };
    122. 

  122.             return this.redirect('/login?referer=' + this.url);
    123. 

  123.         }
    124. 

  124.         yield next;
    125. 

  125.     };
    126. 

  126. };
    127.