service-platform
/
service-auth


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214
							'use strict';

const assert = require('assert');
const _ = require('lodash');
const uuid = require('uuid');
const urljoin = require('url-join');
const Controller = require('egg').Controller;

/**
 * 微信认证，获得openid和用户信息，生成微信Jwt
 */
class WeixinController extends Controller {
  /**
   * 认证流程
   * 1. 缓存原始请求地址，生成state和认证回调地址
   * 2. 通过wxapi认证，获得认证code
   * 3. 通过code获得openid，通过openid，查询绑定用户，创建jwt
   * 4. jwt写入redis，返回认证code
   * 5. 通过code获取jwt
   */
  // GET 请求认证
  // response_type:
  //       code - url带上code参数重定向到原始地址
  //       store - 默认，认证结果写入sessionStore，然后重定向回请求页面（要求请求页面和认证服务在同一域名下）
  //       token - url带上token参数重定向到原始地址
  async auth() {
    const {
      redirect_uri,
      code,
      test,
      type,
      response_type = 'store',
      uid,
      qrcode,
    } = this.ctx.query;
    if (test) {
      return await this.authTest();
    }
    if (code) {
      return await this.authBack(this.ctx.query);
    }

    this.ctx.logger.debug(`[auth] reditect_uri - ${redirect_uri}`);
    // assert(redirect_uri, '回调地址不能为空');

    // TODO: 保存原始请求地址
    // const { config } = this.app;
    // console.log('ctx.host: ', this.ctx.host);
    // console.log('config.hostHeaders: ', config.hostHeaders);
    // TODO: 保存原始请求地址
    const state = uuid();
    const key = `visit:auth:state:${state}`;
    const val = JSON.stringify({ redirect_uri, type, uid, qrcode });
    await this.app.redis.set(key, val, 'EX', 600);

    // TODO: 生成回调地址
    // const { wxapi, authUrl = this.ctx.path } = this.app.config;
    // const backUrl = encodeURI(
    //   `${this.app.config.baseUrl}${this.config.authUrl}?state=${state}`
    // );
    // const to_uri = `${wxapi.baseUrl}/api/auth?appid=${wxapi.appid}&response_type=code&redirect_uri=${backUrl}&connect_redirect=1#wechat`;
    // console.log('url-->' + to_uri);
    // this.ctx.redirect(to_uri);
    const { wxapi, authUrl = this.ctx.path } = this.app.config;
    const backUrl = encodeURI(`${this.app.config.baseUrl}${this.config.authUrl}?state=${state}`);
    // const to_uri = `${wxapi.baseUrl}/api/auth?appid=${wxapi.appid}&response_type=code&redirect_uri=${backUrl}&connect_redirect=1#wechat`;
    // const backUrl = encodeURI(`${this.app.config.baseUrl}${this.config.authUrl}/`);
    const to_uri = `https://open.weixin.qq.com/connect/oauth2/authorize?appid=${wxapi.appid}&response_type=code&scope=snsapi_base&redirect_uri=${backUrl}&state=${state}&connect_redirect=1#wechat_redirect`;
    console.log('url-->' + to_uri);
    this.ctx.redirect(to_uri);
  }

  // GET 认证回调
  async authBack({ code, state }) {
    // const { code, state, type, redirecturi } = this.ctx.query;
    console.log(this.ctx.query);
    this.ctx.logger.debug(`[auth-back] code - ${code}, state - ${state}`);
    assert(code, 'code不能为空');
    assert(state, 'state不能为空');
    console.log('code-->' + code);

    const { weixin } = this.ctx.service;
    let openid;
    try {
      ({ openid } = await weixin.fetch(code));
    } catch (err) {
      await this.ctx.render('error.njk', {
        title: err.message,
        message: err.details,
      });
      return;
    }
    console.log('openid--->' + openid);
    if (openid) {
      const key = `visit:auth:state:${state}`;
      const val = await this.app.redis.get(key);
      const { redirect_uri, type, uid, qrcode } = JSON.parse(val);
      console.log('redirect_uri-->' + redirect_uri);
      const user = await this.ctx.service.user.findByOpenid(openid);
      if (type === '0') {
        // 通过openid取得用户信息
        if (user) {
          const user_ = JSON.parse(JSON.stringify(user));
          user_ = checkVip(user_);
          const token = await this.ctx.service.login.createJwt(user_);
          const to_uri = urljoin(redirect_uri, `?token=${token}`);
          // TODO: 重定性页面
          console.log('to_uri000-->' + to_uri);
          this.ctx.redirect(to_uri);
        } else {
          console.log('rrr0000--->' + redirect_uri);
          const touri = `${this.app.config.baseUrl}/platmobile/error`;
          const to_uri = urljoin(touri, `?openid=${openid}`);
          // TODO: 重定性页面
          this.ctx.redirect(to_uri);
        }
      } else if (type === '1') {
        const to_uri = urljoin(
          redirect_uri,
          `?openid=${openid}&uid=${uid}&type=${type}&qrcode=${qrcode}`
        );
        // TODO: 重定性页面
        console.log('1111---?' + to_uri);
        this.ctx.redirect(to_uri);
      } else if (type === '2') {
        const to_uri = urljoin(
          redirect_uri,
          `?openid=${openid}&uid=${uid}&type=${type}&qrcode=${qrcode}`
        );
        // TODO: 重定性页面
        console.log('1111---?' + to_uri);
        this.ctx.redirect(to_uri);
      }
    }
  }

  // GET 用户授权内部测试接口
  async authTest() {
    const { redirect_uri, type, uid, qrcode, openid } = this.ctx.query;
    this.ctx.logger.debug(
      `[auth-test] reditect_uri - ${redirect_uri}, openid - ${openid}`
    );
    assert(redirect_uri, '回调地址不能为空');
    assert(openid, 'openid不能为空');
    if (openid) {
      console.log('redirect_uri-->' + redirect_uri);
      const user = await this.ctx.service.user.findByOpenid(openid);
      if (type === '0') {
        // 通过openid取得用户信息
        if (user) {
          const user_ = JSON.parse(JSON.stringify(user));
          user_ = checkVip(user_);
          const token = await this.ctx.service.login.createJwt(user_);
          const to_uri = urljoin(redirect_uri, `?token=${token}`);
          // TODO: 重定性页面
          console.log('to_uri000-->' + to_uri);
          this.ctx.redirect(to_uri);
        } else {
          console.log('rrr0000--->' + redirect_uri);
          const touri = `${this.app.config.baseUrl}/platmobile/error`;
          const to_uri = urljoin(touri, `?openid=${openid}`);
          // TODO: 重定性页面
          this.ctx.redirect(to_uri);
        }
      } else if (type === '1') {
        const to_uri = urljoin(
          redirect_uri,
          `?openid=${openid}&uid=${uid}&type=${type}&qrcode=${qrcode}`
        );
        // TODO: 重定性页面
        console.log('1111---?' + to_uri);
        this.ctx.redirect(to_uri);
      } else if (type === '2') {
        const to_uri = urljoin(
          redirect_uri,
          `?openid=${openid}&uid=${uid}&type=${type}&qrcode=${qrcode}`
        );
        // TODO: 重定性页面
        console.log('1111---?' + to_uri);
        this.ctx.redirect(to_uri);
      }
    }
  }
  async checkVip(user) {
    const { role, id } = user;
    if (role !== '8') return user;
    const url = 'http://127.0.0.1:9008/api/live/dock/getdock/' + id;
    const vipuser = await this.ctx.curl(url, {
      method: 'post',
      headers: {
        'content-type': 'application/json',
      },
      dataType: 'json',
    });
    if (vipuser.status === 200) {
      if (vipuser.data.errcode === 0) {
        const vd = vipuser.data.res;
        if (vd.length > 0) {
          const f = _.head(vd);
          const fid = _.get(f, 'id');
          user = { ...user, remark: fid };
        }
      }
    }
    return user;
  }
  // 用户绑定
  async bind() {
    const res = await this.service.weixin.bindUser(this.ctx.request.body);
    return this.ctx.ok(res);
  }
}

module.exports = WeixinController;