'use strict'; const assert = require('assert'); const _ = require('lodash'); const uuid = require('uuid'); const urljoin = require('url-join'); const Controller = require('egg').Controller; /** * 微信认证,获得openid和用户信息,生成微信Jwt */ class WeixinController extends Controller { /** * 认证流程 * 1. 缓存原始请求地址,生成state和认证回调地址 * 2. 通过wxapi认证,获得认证code * 3. 通过code获得openid,通过openid,查询绑定用户,创建jwt * 4. jwt写入redis,返回认证code * 5. 通过code获取jwt */ // GET 请求认证 // response_type: // code - url带上code参数重定向到原始地址 // store - 默认,认证结果写入sessionStore,然后重定向回请求页面(要求请求页面和认证服务在同一域名下) // token - url带上token参数重定向到原始地址 async auth() { const { redirect_uri, code, test, type, response_type = 'store', groupid, doctorid } = this.ctx.query; if (test) { return await this.authTest(); } if (code) { return await this.authBack(this.ctx.query); } this.ctx.logger.debug(`[auth] reditect_uri - ${redirect_uri}`); // assert(redirect_uri, '回调地址不能为空'); // TODO: 保存原始请求地址 // const { config } = this.app; // console.log('ctx.host: ', this.ctx.host); // console.log('config.hostHeaders: ', config.hostHeaders); // TODO: 保存原始请求地址 const state = uuid(); const key = `visit:auth:state:${state}`; const val = JSON.stringify({ redirect_uri, type, groupid, doctorid }); await this.app.redis.set(key, val, 'EX', 600); // TODO: 生成回调地址 const { wxapi, authUrl = this.ctx.path } = this.app.config; const backUrl = encodeURI(`${this.app.config.baseUrl}${this.config.authUrl}?state=${state}`); const to_uri = `${wxapi.baseUrl}/api/auth?appid=${wxapi.appid}&response_type=code&redirect_uri=${backUrl}&connect_redirect=1#wechat`; console.log('url-->' + to_uri); this.ctx.redirect(to_uri); } // GET 认证回调 async authBack({ code, state }) { // const { code, state, type, redirecturi } = this.ctx.query; console.log(this.ctx.query); this.ctx.logger.debug(`[auth-back] code - ${code}, state - ${state}`); assert(code, 'code不能为空'); assert(state, 'state不能为空'); console.log('code-->' + code); const { weixin } = this.ctx.service; let openid; try { ({ openid } = await weixin.fetch(code)); } catch (err) { await this.ctx.render('error.njk', { title: err.message, message: err.details }); return; } console.log('openid--->' + openid); if (openid) { const key = `visit:auth:state:${state}`; const val = await this.app.redis.get(key); const { redirect_uri } = JSON.parse(val); console.log('redirect_uri-->' + redirect_uri); // 通过openid取得用户信息 const user = await this.ctx.service.user.findByOpenid(openid); if (user) { const to_uri = urljoin(redirect_uri, `?openid=${openid}&uid=${user.id}&type=${user.type}`); // TODO: 重定性页面 console.log('to_uri222-->' + to_uri); this.ctx.redirect(to_uri); } else { console.log('rrr--->' + redirect_uri); const to_uri = urljoin(redirect_uri, `?openid=${openid}`); // TODO: 重定性页面 this.ctx.redirect(to_uri); } } } // GET 用户授权内部测试接口 async authTest() { const { redirect_uri, type, groupid, doctorid } = this.ctx.query; const openid = '1234567'; this.ctx.logger.debug(`[auth-test] reditect_uri - ${redirect_uri}, openid - ${openid}`); assert(redirect_uri, '回调地址不能为空'); assert(openid, 'openid不能为空'); if (type === 'group') { const to_uri = urljoin(redirect_uri, `?openid=${openid}&groupid=${groupid}`); // TODO: 重定性页面 console.log('to_uri222-->' + to_uri); this.ctx.redirect(to_uri); } else if (type === 'login') { console.log('to_uri333-->' + redirect_uri); const to_uri = urljoin(redirect_uri, `?openid=${openid}`); console.log('to_uri333-->' + to_uri); // TODO: 重定性页面 this.ctx.redirect(to_uri); } else if (type === 'doctor') { const to_uri = urljoin(redirect_uri, `?openid=${openid}&doctorid=${doctorid}`); // TODO: 重定性页面 this.ctx.redirect(to_uri); } else { console.log('rrr--->' + redirect_uri); const to_uri = urljoin(redirect_uri, `?openid=${openid}`); // TODO: 重定性页面 this.ctx.redirect(to_uri); } } } module.exports = WeixinController;