mirror/yapi
2
0
Fork 0
mirror of https://github.com/YMFE/yapi.git synced 2025-01-30 13:20:24 +08:00
Code Issues Packages Projects Releases Wiki Activity

add third qunar sso login

Browse Source
This commit is contained in:
suxiaoxin 2017-07-12 17:01:27 +08:00
parent e16d5a4dc9
commit 80b1095852
9 changed files with 629 additions and 159 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
package.json
View File

@ -38,6 +38,7 @@
"redux": "^3.7.1",
"redux-promise": "^0.5.3",
"redux-thunk": "^2.2.0",
"request": "^2.81.0",
"sha1": "^1.1.1",
"ykit-config-antd": "^0.1.3",
"ykit-config-react": "^0.4.4"

2
runtime/config.dev.json
View File

@ -1,6 +1,6 @@
{
"port": "3000",
"webhost": "127.0.0.1",
"webhost": "local.qunar.com",
"adminAccount": "admin@admin.com",
"db": {
"servername": "127.0.0.1",

13
server/controllers/base.js
View File

@ -6,7 +6,7 @@ const jwt = require('jsonwebtoken');
class baseController{
constructor(ctx){
this.ctx = ctx;
//网站上线后role对象key是不能修改的value可以修改
this.roles = {
admin: 'Admin',
@ -16,7 +16,14 @@ class baseController{
async init(ctx){
this.$user = null;
if(ctx.path === '/user/login' || ctx.path === '/user/reg' || ctx.path === '/user/status' || ctx.path === '/user/logout'){
let ignoreRouter = [
'/user/login_by_token',
'/user/login',
'/user/reg',
'/user/status',
'/user/logout'
]
if(ignoreRouter.indexOf(ctx.path) > -1){
this.$auth = true;
}else{
await this.checkLogin(ctx)
@ -50,7 +57,7 @@ class baseController{
}
async getLoginStatus(ctx){
if(await this.checkLogin(ctx) === true){
if(await this.checkLogin(ctx) === true){
return ctx.body = yapi.commons.resReturn(yapi.commons.fieldSelect(this.$user,['_id','username','email', 'up_time', 'add_time']));
}
return ctx.body = yapi.commons.resReturn(null, 300 , 'Please login.');

170
server/controllers/user.js
View File

@ -2,6 +2,7 @@ import userModel from '../models/user.js'
import yapi from '../yapi.js'
import baseController from './base.js'
import mongoose from 'mongoose'
import request from 'request'
const jwt = require('jsonwebtoken');
@ -38,15 +39,7 @@ class userController extends baseController{
if(!result){
return ctx.body = yapi.commons.resReturn(null,404,'该用户不存在');
}else if(yapi.commons.generatePassword(password, result.passsalt) === result.password){
let token = jwt.sign({uid: result._id},result.passsalt,{expiresIn: '7 days'});
ctx.cookies.set('_yapi_token', token, {
expires: yapi.commons.expireDate(7),
httpOnly: true
})
ctx.cookies.set('_yapi_uid', result._id, {
expires: yapi.commons.expireDate(7),
httpOnly: true
})
this.setLoginCookie(result._id, result.passsalt)
return ctx.body = yapi.commons.resReturn({
uid: result._id,
@ -77,6 +70,124 @@ class userController extends baseController{
}
/**
* 第三方登录需要提供一个request方法和 token字段暂时只支持qunar第三方
* @return {email: String, username: String}
*/
thirdQunarLogin(){
return {
request: (token) => {
return new Promise((resolve, reject) =>{
request('http://qsso.corp.qunar.com/api/verifytoken.php?token=' + token ,function (error, response, body) {
if (!error && response.statusCode == 200) {
let result = JSON.parse(body);
if(result && result.ret === true){
console.log(result)
let ret = {
email: result.userId + '@qunar.com',
username: result.data.userInfo.name
}
resolve(ret)
}else{
reject(result)
}
}
reject(error)
})
})
},
tokenField: 'token',
}
}
async loginByToken(ctx){
let config = this.thirdQunarLogin();
let token = ctx.request.body[config.tokenField] || ctx.request.query[config.tokenField];
try{
let ret = await config.request(token);
let login = await this.handleThirdLogin(ret.email, ret.username);
if(login === true){
yapi.commons.log('login success');
ctx.redirect('/')
}
}catch(e){
yapi.commons.log(e.message, 'error')
ctx.redirect('/')
}
}
async handleThirdLogin(email, username){
let user, data, passsalt;
var userInst = yapi.getInst(userModel);
try{
user = await userInst.findByEmail(email);
if(!user || !user._id){
passsalt = yapi.commons.randStr();
data = {
username: username,
password: yapi.commons.generatePassword(passsalt, passsalt),
email: email,
passsalt: passsalt,
role: 'member',
add_time: yapi.commons.time(),
up_time: yapi.commons.time()
}
user = await userInst.save(data);
}
this.setLoginCookie(user._id, user.passsalt)
return true;
}catch(e){
console.error(e.message)
return false;
}
}
async changePassword(ctx){
let params = ctx.request.body;
var userInst = yapi.getInst(userModel);
if(this.getRole() !== 'admin' && params.uid != this.getUid()){
return ctx.body = yapi.commons.resReturn(null, 402, '没有权限');
}
let passsalt = yapi.commons.randStr();
let data = {
up_time: yapi.commons.time(),
password: yapi.commons.generatePassword(passsalt, passsalt),
passsalt: passsalt
}
try{
let result = await userInst.update(id, data);
ctx.body = yapi.commons.resReturn(result);
}catch(e){
ctx.body = yapi.commons.resReturn(null, 401, e.message);
}
}
async forgetPassword(ctx){
}
async resetPassword(ctx){
}
setLoginCookie(uid, passsalt){
let token = jwt.sign({uid: uid},passsalt,{expiresIn: '7 days'});
this.ctx.cookies.set('_yapi_token', token, {
expires: yapi.commons.expireDate(7),
httpOnly: true
})
this.ctx.cookies.set('_yapi_uid', uid, {
expires: yapi.commons.expireDate(7),
httpOnly: true
})
}
/**
* 用户注册接口
* @interface /user/reg
@ -116,13 +227,14 @@ class userController extends baseController{
}
try{
let user = await userInst.save(data);
this.setLoginCookie(user._id, user.passsalt)
ctx.body = yapi.commons.resReturn({
uid: user._id,
email: user.email,
add_time: user.add_time,
up_time: user.up_time,
role: 'member',
role: 'member'
});
yapi.commons.sendMail({
to: params.email,
@ -146,8 +258,8 @@ class userController extends baseController{
async list(ctx){
if(this.getRole() !== 'admin'){
return ctx.body = yapi.commons.resReturn(null, 402, 'Without permission.');
}
return ctx.body = yapi.commons.resReturn(null, 402, '没有权限');
}
var userInst = yapi.getInst(userModel);
try{
let user = await userInst.list();
@ -158,7 +270,7 @@ class userController extends baseController{
}
/**
* 根据用户个人信息
* 获取用户个人信息
* @interface /user/find
* @method GET
* @param id 用户uid
@ -169,12 +281,9 @@ class userController extends baseController{
*/
async findById(ctx){ //根据id获取用户信息
try{
try{
var userInst = yapi.getInst(userModel);
let id = ctx.request.body.id;
if(this.getUid() != id){
return ctx.body = yapi.commons.resReturn(null, 402, 'Without permission.');
}
let result = await userInst.findById(id);
return ctx.body = yapi.commons.resReturn(result);
}catch(e){
@ -206,15 +315,36 @@ class userController extends baseController{
}
}
/**
* 更新用户个人信息
* @interface /user/update
* @method POST
* @param username String
* @param email String
* @category user
* @foldnumber 10
* @returns {Object}
* @example
*/
async update(ctx){ //更新用户信息
try{
var userInst = yapi.getInst(userModel);
let id = this.getUid();
let data ={};
let data ={
up_time: yapi.commons.time()
};
ctx.request.body.username && (data.username = ctx.request.body.username)
ctx.request.body.email && (data.email = ctx.request.body.email)
let result = await userInst.update(id,data);
if(data.email){
var checkRepeat = await userInst.checkRepeat(data.email);//然后检查是否已经存在该用户
if(checkRepeat>0){
return ctx.body = yapi.commons.resReturn(null,401,'该email已经注册');
}
}
let result = await userInst.update(id, data);
ctx.body = yapi.commons.resReturn(result);
}catch(e){
ctx.body = yapi.commons.resReturn(null,402,e.message);

1
server/router.js
View File

@ -43,6 +43,7 @@ createAction('user', 'update', 'post', 'update')
createAction('user', 'del', 'post', 'del')
createAction('user', 'status', 'get', 'getLoginStatus')
createAction('user', 'logout', 'get', 'logout')
createAction('user', 'login_by_token', 'post', 'loginByToken')
//project

16
server_dist/controllers/base.js
View File

@ -36,7 +36,7 @@ var baseController = function () {
function baseController(ctx) {
(0, _classCallCheck3.default)(this, baseController);
this.ctx = ctx;
//网站上线后role对象key是不能修改的value可以修改
this.roles = {
admin: 'Admin',
@ -48,26 +48,28 @@ var baseController = function () {
key: 'init',
value: function () {
var _ref = (0, _asyncToGenerator3.default)(_regenerator2.default.mark(function _callee(ctx) {
var ignoreRouter;
return _regenerator2.default.wrap(function _callee$(_context) {
while (1) {
switch (_context.prev = _context.next) {
case 0:
this.$user = null;
ignoreRouter = ['/user/login_by_token', '/user/login', '/user/reg', '/user/status', '/user/logout'];
if (!(ctx.path === '/user/login' || ctx.path === '/user/reg' || ctx.path === '/user/status' || ctx.path === '/user/logout')) {
_context.next = 5;
if (!(ignoreRouter.indexOf(ctx.path) > -1)) {
_context.next = 6;
break;
}
this.$auth = true;
_context.next = 7;
_context.next = 8;
break;
case 5:
_context.next = 7;
case 6:
_context.next = 8;
return this.checkLogin(ctx);
case 7:
case 8:
case 'end':
return _context.stop();
}

542
server_dist/controllers/user.js
View File

@ -1,5 +1,9 @@
'use strict';
var _promise = require('babel-runtime/core-js/promise');
var _promise2 = _interopRequireDefault(_promise);
var _regenerator = require('babel-runtime/regenerator');
var _regenerator2 = _interopRequireDefault(_regenerator);
@ -44,6 +48,10 @@ var _mongoose = require('mongoose');
var _mongoose2 = _interopRequireDefault(_mongoose);
var _request2 = require('request');
var _request3 = _interopRequireDefault(_request2);
function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
var jwt = require('jsonwebtoken');
@ -72,7 +80,7 @@ var userController = function (_baseController) {
key: 'login',
value: function () {
var _ref = (0, _asyncToGenerator3.default)(_regenerator2.default.mark(function _callee(ctx) {
var userInst, email, password, result, token;
var userInst, email, password, result;
return _regenerator2.default.wrap(function _callee$(_context) {
while (1) {
switch (_context.prev = _context.next) {
@ -114,20 +122,11 @@ var userController = function (_baseController) {
case 14:
if (!(_yapi2.default.commons.generatePassword(password, result.passsalt) === result.password)) {
_context.next = 21;
_context.next = 19;
break;
}
token = jwt.sign({ uid: result._id }, result.passsalt, { expiresIn: '7 days' });
ctx.cookies.set('_yapi_token', token, {
expires: _yapi2.default.commons.expireDate(7),
httpOnly: true
});
ctx.cookies.set('_yapi_uid', result._id, {
expires: _yapi2.default.commons.expireDate(7),
httpOnly: true
});
this.setLoginCookie(result._id, result.passsalt);
return _context.abrupt('return', ctx.body = _yapi2.default.commons.resReturn({
uid: result._id,
@ -137,10 +136,10 @@ var userController = function (_baseController) {
}, 0, 'logout success...'));
case 21:
case 19:
return _context.abrupt('return', ctx.body = _yapi2.default.commons.resReturn(null, 405, '密码错误'));
case 22:
case 20:
case 'end':
return _context.stop();
}
@ -192,6 +191,267 @@ var userController = function (_baseController) {
return logout;
}()
/**
* 第三方登录需要提供一个request方法和 token字段暂时只支持qunar第三方
* @return {email: String, username: String}
*/
}, {
key: 'thirdQunarLogin',
value: function thirdQunarLogin() {
return {
request: function request(token) {
return new _promise2.default(function (resolve, reject) {
(0, _request3.default)('http://qsso.corp.qunar.com/api/verifytoken.php?token=' + token, function (error, response, body) {
if (!error && response.statusCode == 200) {
var result = JSON.parse(body);
if (result && result.ret === true) {
console.log(result);
var ret = {
email: result.userId + '@qunar.com',
username: result.data.userInfo.name
};
resolve(ret);
} else {
reject(result);
}
}
reject(error);
});
});
},
tokenField: 'token'
};
}
}, {
key: 'loginByToken',
value: function () {
var _ref3 = (0, _asyncToGenerator3.default)(_regenerator2.default.mark(function _callee3(ctx) {
var config, token, ret, login;
return _regenerator2.default.wrap(function _callee3$(_context3) {
while (1) {
switch (_context3.prev = _context3.next) {
case 0:
config = this.thirdQunarLogin();
token = ctx.request.body[config.tokenField] || ctx.request.query[config.tokenField];
_context3.prev = 2;
_context3.next = 5;
return config.request(token);
case 5:
ret = _context3.sent;
_context3.next = 8;
return this.handleThirdLogin(ret.email, ret.username);
case 8:
login = _context3.sent;
if (login === true) {
_yapi2.default.commons.log('login success');
ctx.redirect('/');
}
_context3.next = 16;
break;
case 12:
_context3.prev = 12;
_context3.t0 = _context3['catch'](2);
_yapi2.default.commons.log(_context3.t0.message, 'error');
ctx.redirect('/');
case 16:
case 'end':
return _context3.stop();
}
}
}, _callee3, this, [[2, 12]]);
}));
function loginByToken(_x3) {
return _ref3.apply(this, arguments);
}
return loginByToken;
}()
}, {
key: 'handleThirdLogin',
value: function () {
var _ref4 = (0, _asyncToGenerator3.default)(_regenerator2.default.mark(function _callee4(email, username) {
var user, data, passsalt, userInst;
return _regenerator2.default.wrap(function _callee4$(_context4) {
while (1) {
switch (_context4.prev = _context4.next) {
case 0:
user = void 0, data = void 0, passsalt = void 0;
userInst = _yapi2.default.getInst(_user2.default);
_context4.prev = 2;
_context4.next = 5;
return userInst.findByEmail(email);
case 5:
user = _context4.sent;
if (!(!user || !user._id)) {
_context4.next = 12;
break;
}
passsalt = _yapi2.default.commons.randStr();
data = {
username: username,
password: _yapi2.default.commons.generatePassword(passsalt, passsalt),
email: email,
passsalt: passsalt,
role: 'member',
add_time: _yapi2.default.commons.time(),
up_time: _yapi2.default.commons.time()
};
_context4.next = 11;
return userInst.save(data);
case 11:
user = _context4.sent;
case 12:
this.setLoginCookie(user._id, user.passsalt);
return _context4.abrupt('return', true);
case 16:
_context4.prev = 16;
_context4.t0 = _context4['catch'](2);
console.error(_context4.t0.message);
return _context4.abrupt('return', false);
case 20:
case 'end':
return _context4.stop();
}
}
}, _callee4, this, [[2, 16]]);
}));
function handleThirdLogin(_x4, _x5) {
return _ref4.apply(this, arguments);
}
return handleThirdLogin;
}()
}, {
key: 'changePassword',
value: function () {
var _ref5 = (0, _asyncToGenerator3.default)(_regenerator2.default.mark(function _callee5(ctx) {
var params, userInst, passsalt, data, result;
return _regenerator2.default.wrap(function _callee5$(_context5) {
while (1) {
switch (_context5.prev = _context5.next) {
case 0:
params = ctx.request.body;
userInst = _yapi2.default.getInst(_user2.default);
if (!(this.getRole() !== 'admin' && params.uid != this.getUid())) {
_context5.next = 4;
break;
}
return _context5.abrupt('return', ctx.body = _yapi2.default.commons.resReturn(null, 402, '没有权限'));
case 4:
passsalt = _yapi2.default.commons.randStr();
data = {
up_time: _yapi2.default.commons.time(),
password: _yapi2.default.commons.generatePassword(passsalt, passsalt),
passsalt: passsalt
};
_context5.prev = 6;
_context5.next = 9;
return userInst.update(id, data);
case 9:
result = _context5.sent;
ctx.body = _yapi2.default.commons.resReturn(result);
_context5.next = 16;
break;
case 13:
_context5.prev = 13;
_context5.t0 = _context5['catch'](6);
ctx.body = _yapi2.default.commons.resReturn(null, 401, _context5.t0.message);
case 16:
case 'end':
return _context5.stop();
}
}
}, _callee5, this, [[6, 13]]);
}));
function changePassword(_x6) {
return _ref5.apply(this, arguments);
}
return changePassword;
}()
}, {
key: 'forgetPassword',
value: function () {
var _ref6 = (0, _asyncToGenerator3.default)(_regenerator2.default.mark(function _callee6(ctx) {
return _regenerator2.default.wrap(function _callee6$(_context6) {
while (1) {
switch (_context6.prev = _context6.next) {
case 0:
case 'end':
return _context6.stop();
}
}
}, _callee6, this);
}));
function forgetPassword(_x7) {
return _ref6.apply(this, arguments);
}
return forgetPassword;
}()
}, {
key: 'resetPassword',
value: function () {
var _ref7 = (0, _asyncToGenerator3.default)(_regenerator2.default.mark(function _callee7(ctx) {
return _regenerator2.default.wrap(function _callee7$(_context7) {
while (1) {
switch (_context7.prev = _context7.next) {
case 0:
case 'end':
return _context7.stop();
}
}
}, _callee7, this);
}));
function resetPassword(_x8) {
return _ref7.apply(this, arguments);
}
return resetPassword;
}()
}, {
key: 'setLoginCookie',
value: function setLoginCookie(uid, passsalt) {
var token = jwt.sign({ uid: uid }, passsalt, { expiresIn: '7 days' });
this.ctx.cookies.set('_yapi_token', token, {
expires: _yapi2.default.commons.expireDate(7),
httpOnly: true
});
this.ctx.cookies.set('_yapi_uid', uid, {
expires: _yapi2.default.commons.expireDate(7),
httpOnly: true
});
}
/**
* 用户注册接口
* @interface /user/reg
@ -208,44 +468,44 @@ var userController = function (_baseController) {
}, {
key: 'reg',
value: function () {
var _ref3 = (0, _asyncToGenerator3.default)(_regenerator2.default.mark(function _callee3(ctx) {
var _ref8 = (0, _asyncToGenerator3.default)(_regenerator2.default.mark(function _callee8(ctx) {
var userInst, params, checkRepeat, passsalt, data, user;
return _regenerator2.default.wrap(function _callee3$(_context3) {
return _regenerator2.default.wrap(function _callee8$(_context8) {
while (1) {
switch (_context3.prev = _context3.next) {
switch (_context8.prev = _context8.next) {
case 0:
//注册
userInst = _yapi2.default.getInst(_user2.default);
params = ctx.request.body; //获取请求的参数,检查是否存在用户名和密码
if (params.email) {
_context3.next = 4;
_context8.next = 4;
break;
}
return _context3.abrupt('return', ctx.body = _yapi2.default.commons.resReturn(null, 400, '邮箱不能为空'));
return _context8.abrupt('return', ctx.body = _yapi2.default.commons.resReturn(null, 400, '邮箱不能为空'));
case 4:
if (params.password) {
_context3.next = 6;
_context8.next = 6;
break;
}
return _context3.abrupt('return', ctx.body = _yapi2.default.commons.resReturn(null, 400, '密码不能为空'));
return _context8.abrupt('return', ctx.body = _yapi2.default.commons.resReturn(null, 400, '密码不能为空'));
case 6:
_context3.next = 8;
_context8.next = 8;
return userInst.checkRepeat(params.email);
case 8:
checkRepeat = _context3.sent;
checkRepeat = _context8.sent;
if (!(checkRepeat > 0)) {
_context3.next = 11;
_context8.next = 11;
break;
}
return _context3.abrupt('return', ctx.body = _yapi2.default.commons.resReturn(null, 401, '该email已经注册'));
return _context8.abrupt('return', ctx.body = _yapi2.default.commons.resReturn(null, 401, '该email已经注册'));
case 11:
passsalt = _yapi2.default.commons.randStr();
@ -258,13 +518,14 @@ var userController = function (_baseController) {
add_time: _yapi2.default.commons.time(),
up_time: _yapi2.default.commons.time()
};
_context3.prev = 13;
_context3.next = 16;
_context8.prev = 13;
_context8.next = 16;
return userInst.save(data);
case 16:
user = _context3.sent;
user = _context8.sent;
this.setLoginCookie(user._id, user.passsalt);
ctx.body = _yapi2.default.commons.resReturn({
uid: user._id,
@ -277,25 +538,25 @@ var userController = function (_baseController) {
to: params.email,
contents: '\u6B22\u8FCE\u6CE8\u518C\uFF0C\u60A8\u7684\u8D26\u53F7 ' + params.email + ' \u5DF2\u7ECF\u6CE8\u518C\u6210\u529F'
});
_context3.next = 24;
_context8.next = 25;
break;
case 21:
_context3.prev = 21;
_context3.t0 = _context3['catch'](13);
case 22:
_context8.prev = 22;
_context8.t0 = _context8['catch'](13);
ctx.body = _yapi2.default.commons.resReturn(null, 401, _context3.t0.message);
ctx.body = _yapi2.default.commons.resReturn(null, 401, _context8.t0.message);
case 24:
case 25:
case 'end':
return _context3.stop();
return _context8.stop();
}
}
}, _callee3, this, [[13, 21]]);
}, _callee8, this, [[13, 22]]);
}));
function reg(_x3) {
return _ref3.apply(this, arguments);
function reg(_x9) {
return _ref8.apply(this, arguments);
}
return reg;
@ -314,52 +575,52 @@ var userController = function (_baseController) {
}, {
key: 'list',
value: function () {
var _ref4 = (0, _asyncToGenerator3.default)(_regenerator2.default.mark(function _callee4(ctx) {
var _ref9 = (0, _asyncToGenerator3.default)(_regenerator2.default.mark(function _callee9(ctx) {
var userInst, user;
return _regenerator2.default.wrap(function _callee4$(_context4) {
return _regenerator2.default.wrap(function _callee9$(_context9) {
while (1) {
switch (_context4.prev = _context4.next) {
switch (_context9.prev = _context9.next) {
case 0:
if (!(this.getRole() !== 'admin')) {
_context4.next = 2;
_context9.next = 2;
break;
}
return _context4.abrupt('return', ctx.body = _yapi2.default.commons.resReturn(null, 402, 'Without permission.'));
return _context9.abrupt('return', ctx.body = _yapi2.default.commons.resReturn(null, 402, '没有权限'));
case 2:
userInst = _yapi2.default.getInst(_user2.default);
_context4.prev = 3;
_context4.next = 6;
_context9.prev = 3;
_context9.next = 6;
return userInst.list();
case 6:
user = _context4.sent;
return _context4.abrupt('return', ctx.body = _yapi2.default.commons.resReturn(user));
user = _context9.sent;
return _context9.abrupt('return', ctx.body = _yapi2.default.commons.resReturn(user));
case 10:
_context4.prev = 10;
_context4.t0 = _context4['catch'](3);
return _context4.abrupt('return', ctx.body = _yapi2.default.commons.resReturn(null, 402, _context4.t0.message));
_context9.prev = 10;
_context9.t0 = _context9['catch'](3);
return _context9.abrupt('return', ctx.body = _yapi2.default.commons.resReturn(null, 402, _context9.t0.message));
case 13:
case 'end':
return _context4.stop();
return _context9.stop();
}
}
}, _callee4, this, [[3, 10]]);
}, _callee9, this, [[3, 10]]);
}));
function list(_x4) {
return _ref4.apply(this, arguments);
function list(_x10) {
return _ref9.apply(this, arguments);
}
return list;
}()
/**
* 获取用户列表
* @interface /user/list
* 获取用户个人信息
* @interface /user/find
* @method GET
* @param id 用户uid
* @category user
@ -371,53 +632,45 @@ var userController = function (_baseController) {
}, {
key: 'findById',
value: function () {
var _ref5 = (0, _asyncToGenerator3.default)(_regenerator2.default.mark(function _callee5(ctx) {
var userInst, id, result;
return _regenerator2.default.wrap(function _callee5$(_context5) {
var _ref10 = (0, _asyncToGenerator3.default)(_regenerator2.default.mark(function _callee10(ctx) {
var userInst, _id, result;
return _regenerator2.default.wrap(function _callee10$(_context10) {
while (1) {
switch (_context5.prev = _context5.next) {
switch (_context10.prev = _context10.next) {
case 0:
_context5.prev = 0;
_context10.prev = 0;
userInst = _yapi2.default.getInst(_user2.default);
id = ctx.request.body.id;
if (!(this.getUid() != id)) {
_context5.next = 5;
break;
}
return _context5.abrupt('return', ctx.body = _yapi2.default.commons.resReturn(null, 402, 'Without permission.'));
_id = ctx.request.body.id;
_context10.next = 5;
return userInst.findById(_id);
case 5:
_context5.next = 7;
return userInst.findById(id);
result = _context10.sent;
return _context10.abrupt('return', ctx.body = _yapi2.default.commons.resReturn(result));
case 7:
result = _context5.sent;
return _context5.abrupt('return', ctx.body = _yapi2.default.commons.resReturn(result));
case 9:
_context10.prev = 9;
_context10.t0 = _context10['catch'](0);
return _context10.abrupt('return', ctx.body = _yapi2.default.commons.resReturn(null, 402, _context10.t0.message));
case 11:
_context5.prev = 11;
_context5.t0 = _context5['catch'](0);
return _context5.abrupt('return', ctx.body = _yapi2.default.commons.resReturn(null, 402, _context5.t0.message));
case 14:
case 12:
case 'end':
return _context5.stop();
return _context10.stop();
}
}
}, _callee5, this, [[0, 11]]);
}, _callee10, this, [[0, 9]]);
}));
function findById(_x5) {
return _ref5.apply(this, arguments);
function findById(_x11) {
return _ref10.apply(this, arguments);
}
return findById;
}()
/**
* 获取用户列表,只有admin用户才有此权限
* 删除用户,只有admin用户才有此权限
* @interface /user/del
* @method POST
* @param id 用户uid
@ -430,96 +683,133 @@ var userController = function (_baseController) {
}, {
key: 'del',
value: function () {
var _ref6 = (0, _asyncToGenerator3.default)(_regenerator2.default.mark(function _callee6(ctx) {
var userInst, id, result;
return _regenerator2.default.wrap(function _callee6$(_context6) {
var _ref11 = (0, _asyncToGenerator3.default)(_regenerator2.default.mark(function _callee11(ctx) {
var userInst, _id2, result;
return _regenerator2.default.wrap(function _callee11$(_context11) {
while (1) {
switch (_context6.prev = _context6.next) {
switch (_context11.prev = _context11.next) {
case 0:
_context6.prev = 0;
_context11.prev = 0;
if (!(this.getRole() !== 'admin')) {
_context6.next = 3;
_context11.next = 3;
break;
}
return _context6.abrupt('return', ctx.body = _yapi2.default.commons.resReturn(null, 402, 'Without permission.'));
return _context11.abrupt('return', ctx.body = _yapi2.default.commons.resReturn(null, 402, 'Without permission.'));
case 3:
userInst = _yapi2.default.getInst(_user2.default);
id = ctx.request.body.id;
_context6.next = 7;
return userInst.del(id);
_id2 = ctx.request.body.id;
_context11.next = 7;
return userInst.del(_id2);
case 7:
result = _context6.sent;
result = _context11.sent;
ctx.body = _yapi2.default.commons.resReturn(result);
_context6.next = 14;
_context11.next = 14;
break;
case 11:
_context6.prev = 11;
_context6.t0 = _context6['catch'](0);
_context11.prev = 11;
_context11.t0 = _context11['catch'](0);
ctx.body = _yapi2.default.commons.resReturn(null, 402, _context6.t0.message);
ctx.body = _yapi2.default.commons.resReturn(null, 402, _context11.t0.message);
case 14:
case 'end':
return _context6.stop();
return _context11.stop();
}
}
}, _callee6, this, [[0, 11]]);
}, _callee11, this, [[0, 11]]);
}));
function del(_x6) {
return _ref6.apply(this, arguments);
function del(_x12) {
return _ref11.apply(this, arguments);
}
return del;
}()
/**
* 更新用户个人信息
* @interface /user/update
* @method POST
* @param username String
* @param email String
* @category user
* @foldnumber 10
* @returns {Object}
* @example
*/
}, {
key: 'update',
value: function () {
var _ref7 = (0, _asyncToGenerator3.default)(_regenerator2.default.mark(function _callee7(ctx) {
var userInst, id, data, result;
return _regenerator2.default.wrap(function _callee7$(_context7) {
var _ref12 = (0, _asyncToGenerator3.default)(_regenerator2.default.mark(function _callee12(ctx) {
var userInst, _id3, data, checkRepeat, result;
return _regenerator2.default.wrap(function _callee12$(_context12) {
while (1) {
switch (_context7.prev = _context7.next) {
switch (_context12.prev = _context12.next) {
case 0:
_context7.prev = 0;
_context12.prev = 0;
userInst = _yapi2.default.getInst(_user2.default);
id = this.getUid();
data = {};
_id3 = this.getUid();
data = {
up_time: _yapi2.default.commons.time()
};
ctx.request.body.username && (data.username = ctx.request.body.username);
ctx.request.body.email && (data.email = ctx.request.body.email);
_context7.next = 8;
return userInst.update(id, data);
case 8:
result = _context7.sent;
if (!data.email) {
_context12.next = 12;
break;
}
ctx.body = _yapi2.default.commons.resReturn(result);
_context7.next = 15;
break;
_context12.next = 9;
return userInst.checkRepeat(data.email);
case 9:
checkRepeat = _context12.sent;
if (!(checkRepeat > 0)) {
_context12.next = 12;
break;
}
return _context12.abrupt('return', ctx.body = _yapi2.default.commons.resReturn(null, 401, '该email已经注册'));
case 12:
_context7.prev = 12;
_context7.t0 = _context7['catch'](0);
_context12.next = 14;
return userInst.update(_id3, data);
ctx.body = _yapi2.default.commons.resReturn(null, 402, _context7.t0.message);
case 14:
result = _context12.sent;
case 15:
ctx.body = _yapi2.default.commons.resReturn(result);
_context12.next = 21;
break;
case 18:
_context12.prev = 18;
_context12.t0 = _context12['catch'](0);
ctx.body = _yapi2.default.commons.resReturn(null, 402, _context12.t0.message);
case 21:
case 'end':
return _context7.stop();
return _context12.stop();
}
}
}, _callee7, this, [[0, 12]]);
}, _callee12, this, [[0, 18]]);
}));
function update(_x7) {
return _ref7.apply(this, arguments);
function update(_x13) {
return _ref12.apply(this, arguments);
}
return update;

3
server_dist/router.js
View File

@ -65,11 +65,12 @@ createAction('group', 'del', 'post', 'del');
createAction('user', 'login', 'post', 'login');
createAction('user', 'reg', 'post', 'reg');
createAction('user', 'list', 'get', 'list');
createAction('user', 'findById', 'post', 'findById');
createAction('user', 'find', 'post', 'findById');
createAction('user', 'update', 'post', 'update');
createAction('user', 'del', 'post', 'del');
createAction('user', 'status', 'get', 'getLoginStatus');
createAction('user', 'logout', 'get', 'logout');
createAction('user', 'login_by_token', 'post', 'loginByToken');
//project
createAction('project', 'add', 'post', 'add');

40
static/index.html
View File

@ -1 +1,39 @@
hello yapi!
<html>
<!-- 将原来的输入用户名和密码表单去掉
<form>
<input name="username">
<input name="password">
</form>
-->
<!-- 添加一个登录按钮 -->
<button id="qsso-login">qsso登录</button>
<!-- 引入qsso auth js库 -->
<script src="https://qsso.corp.qunar.com/lib/qsso-auth.js"></script>
<script>
// 调用QSSO.attach进行登录参数的设置设置绑定登录事件的HTML元素接收token的登录接口URI。
QSSO.attach('qsso-login','/user/login_by_token');
var xhr = new XMLHttpRequest();
xhr.open('GET', '/user/status')
xhr.onload = function(e){
if(this.status == 200){
alert(this.responseText)
}
}
xhr.send()
// attach函数会将HTMLid为qsso-login的元素onclick时自动去qsso登录当用户用户点击上面的button会跳到qsso登录页面,用户在qsso登录后将会把token值post到http://xxx.qunar.com/login.php上。
</script>
<!-- 结束 -->
<html>