| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246 |
- 'use strict';
- const assert = require('assert');
- const _ = require('lodash');
- const uuid = require('uuid');
- const urljoin = require('url-join');
- const Controller = require('egg').Controller;
- /**
- * 微信认证,获得openid和用户信息,生成微信Jwt
- */
- class WeixinController extends Controller {
- /**
- * 认证流程
- * 1. 缓存原始请求地址,生成state和认证回调地址
- * 2. 通过wxapi认证,获得认证code
- * 3. 通过code获得openid,通过openid,查询绑定用户,创建jwt
- * 4. jwt写入redis,返回认证code
- * 5. 通过code获取jwt
- */
- // GET 请求认证
- // response_type:
- // code - url带上code参数重定向到原始地址
- // store - 默认,认证结果写入sessionStore,然后重定向回请求页面(要求请求页面和认证服务在同一域名下)
- // token - url带上token参数重定向到原始地址
- async auth() {
- const {
- redirect_uri,
- code,
- test,
- type,
- response_type = 'store',
- uid,
- qrcode,
- } = this.ctx.query;
- if (test) {
- return await this.authTest();
- }
- if (code) {
- return await this.authBack(this.ctx.query);
- }
- this.ctx.logger.debug(`[auth] reditect_uri - ${redirect_uri}`);
- // assert(redirect_uri, '回调地址不能为空');
- // TODO: 保存原始请求地址
- // const { config } = this.app;
- // console.log('ctx.host: ', this.ctx.host);
- // console.log('config.hostHeaders: ', config.hostHeaders);
- // TODO: 保存原始请求地址
- const state = uuid();
- const key = `visit:auth:state:${state}`;
- const val = JSON.stringify({ redirect_uri, type, uid, qrcode });
- await this.app.redis.set(key, val, 'EX', 600);
- // TODO: 生成回调地址
- // const { wxapi, authUrl = this.ctx.path } = this.app.config;
- // const backUrl = encodeURI(
- // `${this.app.config.baseUrl}${this.config.authUrl}?state=${state}`
- // );
- // const to_uri = `${wxapi.baseUrl}/api/auth?appid=${wxapi.appid}&response_type=code&redirect_uri=${backUrl}&connect_redirect=1#wechat`;
- // console.log('url-->' + to_uri);
- // this.ctx.redirect(to_uri);
- const { wxapi, authUrl = this.ctx.path } = this.app.config;
- const backUrl = encodeURI(`${this.app.config.baseUrl}${this.config.authUrl}?state=${state}`);
- // const to_uri = `${wxapi.baseUrl}/api/auth?appid=${wxapi.appid}&response_type=code&redirect_uri=${backUrl}&connect_redirect=1#wechat`;
- // const backUrl = encodeURI(`${this.app.config.baseUrl}${this.config.authUrl}/`);
- const to_uri = `https://open.weixin.qq.com/connect/oauth2/authorize?appid=${wxapi.appid}&response_type=code&scope=snsapi_base&redirect_uri=${backUrl}&state=${state}&connect_redirect=1#wechat_redirect`;
- console.log('url-->' + to_uri);
- this.ctx.redirect(to_uri);
- }
- // GET 认证回调
- async authBack({ code, state }) {
- // const { code, state, type, redirecturi } = this.ctx.query;
- console.log(this.ctx.query);
- this.ctx.logger.debug(`[auth-back] code - ${code}, state - ${state}`);
- assert(code, 'code不能为空');
- assert(state, 'state不能为空');
- console.log('code-->' + code);
- const { weixin } = this.ctx.service;
- let openid;
- try {
- ({ openid } = await weixin.fetch(code));
- } catch (err) {
- await this.ctx.render('error.njk', {
- title: err.message,
- message: err.details,
- });
- return;
- }
- console.log('openid--->' + openid);
- if (openid) {
- const key = `visit:auth:state:${state}`;
- const val = await this.app.redis.get(key);
- const { redirect_uri, type, uid, qrcode } = JSON.parse(val);
- console.log('redirect_uri-->' + redirect_uri);
- const user = await this.ctx.service.user.findByOpenid(openid);
- console.log('用户信息1--->' + user);
- if (type === '0') {
- // 通过openid取得用户信息
- if (user) {
- console.log('用户信息2--->' + user.role);
- // user_ = await this.checkVip(user_);
- let remark = '';
- if (user.role === '8') {
- const url = 'http://127.0.0.1:9008/api/live/dock/getdock/' + user.id;
- const vipuser = await this.ctx.curl(url, {
- method: 'post',
- headers: {
- 'content-type': 'application/json',
- },
- dataType: 'json',
- });
- if (vipuser.status === 200) {
- if (vipuser.data.errcode === 0) {
- const vd = vipuser.data.res;
- if (vd.length > 0) {
- const f = _.head(vd);
- const fid = _.get(f, 'id');
- remark = fid;
- }
- }
- }
- }
- console.log('用户信息remark--->' + remark);
- const user_ = { ...JSON.parse(JSON.stringify(user)), remark };
- console.log('用户信息重组' + user_);
- console.log(user_);
- const token = await this.ctx.service.login.createJwt(user_);
- console.log('token--->' + token);
- const to_uri = urljoin(redirect_uri, `?token=${token}`);
- // TODO: 重定性页面
- console.log('to_uri000-->' + to_uri);
- this.ctx.redirect(to_uri);
- } else {
- console.log('rrr0000--->' + redirect_uri);
- const touri = `${this.app.config.baseUrl}/platmobile/error`;
- const to_uri = urljoin(touri, `?openid=${openid}`);
- // TODO: 重定性页面
- this.ctx.redirect(to_uri);
- }
- } else if (type === '1') {
- const to_uri = urljoin(
- redirect_uri,
- `?openid=${openid}&uid=${uid}&type=${type}&qrcode=${qrcode}`
- );
- // TODO: 重定性页面
- console.log('1111---?' + to_uri);
- this.ctx.redirect(to_uri);
- } else if (type === '2') {
- const to_uri = urljoin(
- redirect_uri,
- `?openid=${openid}&uid=${uid}&type=${type}&qrcode=${qrcode}`
- );
- // TODO: 重定性页面
- console.log('1111---?' + to_uri);
- this.ctx.redirect(to_uri);
- }
- }
- }
- // GET 用户授权内部测试接口
- async authTest() {
- const { redirect_uri, type, uid, qrcode, openid } = this.ctx.query;
- this.ctx.logger.debug(
- `[auth-test] reditect_uri - ${redirect_uri}, openid - ${openid}`
- );
- assert(redirect_uri, '回调地址不能为空');
- assert(openid, 'openid不能为空');
- if (openid) {
- console.log('redirect_uri-->' + redirect_uri);
- const user = await this.ctx.service.user.findByOpenid(openid);
- console.log('用户信息1--->' + user);
- if (type === '0') {
- // 通过openid取得用户信息
- if (user) {
- const user_ = JSON.parse(JSON.stringify(user));
- console.log('用户信息2--->' + user_);
- user_ = await this.checkVip(user_);
- console.log('用户信息remark--->' + user_);
- const token = await this.ctx.service.login.createJwt(user_);
- const to_uri = urljoin(redirect_uri, `?token=${token}`);
- // TODO: 重定性页面
- console.log('to_uri000-->' + to_uri);
- this.ctx.redirect(to_uri);
- } else {
- console.log('rrr0000--->' + redirect_uri);
- const touri = `${this.app.config.baseUrl}/platmobile/error`;
- const to_uri = urljoin(touri, `?openid=${openid}`);
- // TODO: 重定性页面
- this.ctx.redirect(to_uri);
- }
- } else if (type === '1') {
- const to_uri = urljoin(
- redirect_uri,
- `?openid=${openid}&uid=${uid}&type=${type}&qrcode=${qrcode}`
- );
- // TODO: 重定性页面
- console.log('1111---?' + to_uri);
- this.ctx.redirect(to_uri);
- } else if (type === '2') {
- const to_uri = urljoin(
- redirect_uri,
- `?openid=${openid}&uid=${uid}&type=${type}&qrcode=${qrcode}`
- );
- // TODO: 重定性页面
- console.log('1111---?' + to_uri);
- this.ctx.redirect(to_uri);
- }
- }
- }
- async checkVip(user) {
- const { role, id } = user;
- if (role === '8') {
- const url = 'http://127.0.0.1:9008/api/live/dock/getdock/' + id;
- const vipuser = await this.ctx.curl(url, {
- method: 'post',
- headers: {
- 'content-type': 'application/json',
- },
- dataType: 'json',
- });
- console.log('取得vipuser--' + vipuser);
- if (vipuser.status === 200) {
- if (vipuser.data.errcode === 0) {
- const vd = vipuser.data.res;
- if (vd.length > 0) {
- const f = _.head(vd);
- const fid = _.get(f, 'id');
- user = { ...user, remark: fid };
- }
- }
- }
- }
- return user;
- }
- // 用户绑定
- async bind() {
- const res = await this.service.weixin.bindUser(this.ctx.request.body);
- return this.ctx.ok(res);
- }
- }
- module.exports = WeixinController;
|
