d

e3b3fd91 · 蒋勇 · 26490768 · e3b3fd91 · e3b3fd91
Commit e3b3fd91 authored Aug 28, 2020 by 蒋勇
Show whitespace changes
Inline Side-by-side

Showing with 63 additions and 45 deletions

center-manage/app/base/service/impl/auth/userSve.js
+30 -28

center-manage/app/base/system.js
+33 -17

No files found.
--- a/center-manage/app/base/service/impl/auth/userSve.js
+++ b/center-manage/app/base/service/impl/auth/userSve.js
@@ -9,11 +9,11 @@ class UserService extends ServiceBase {
    this.roleDao = system.getObject("db.auth.roleDao");
    this.authS = system.getObject("service.auth.authSve");
  }
-  async pmgetUserByCode(code) {
+  async pmgetUserByCode (code) {
    let ux = await this.cacheManager["CodeCache"].getCache(code);
    return ux;
  }
-  async loginApp(appkey, uname) {
+  async loginApp (appkey, uname) {
    let rtn = {}
    let app = await this.cacheManager["AppCache"].cache(appkey);
    let userLogined = await this.cacheManager["UserCache"].cache(uname);
@@ -38,7 +38,7 @@ class UserService extends ServiceBase {
  //和租户绑定同一家公司
  //按照用户名和密码进行注册
  //控制器端检查用户名和密码非空
-  async registerByTantent(p, q) {
+  async registerByTantent (p, q) {
    // 需要默认添加访客角色,为了控制单点从平台登录时看到的菜单和功能
    if (p.roles && p.roles.length > 0) {
      if (p.roles.indexOf(settings.pmroleid["pr"]) < 0) {
@@ -51,7 +51,7 @@ class UserService extends ServiceBase {
  }
  //应用的自由用户注册,无需验证，需要前端头设置公司KEY
-  async pmregisterByFreeUser(p, q) {
+  async pmregisterByFreeUser (p, q) {
    p.rolecodes = [settings.pmroleid["pr"]];
    let rtn = await this.pmregister(p, q)
    return rtn;
@@ -60,7 +60,7 @@ class UserService extends ServiceBase {
  //平台租户注册接口方法
  //控制器端检查用户名和密码非空
-  async pmregister(p, q) {
+  async pmregister (p, q) {
    var self = this;
    let tmppwd = p.password;
    if (!tmppwd) {
@@ -134,12 +134,12 @@ class UserService extends ServiceBase {
      }
    });
  }
-  async unlockUser(username) {
+  async unlockUser (username) {
    await this.resetPassword(username, settings.defaultpwd);
    return this.dao.updateByWhere({ isEnabled: true }, { userName: username })
  }
-  async logout(pobj) {
+  async logout (pobj) {
    await this.cacheManager["UserCache"].invalidate(pobj.username);
    return {}
  }
@@ -147,7 +147,7 @@ class UserService extends ServiceBase {
  //登录接口封装kong-url
  //登录路由放行
  //p里面含有appkey,company_id,userName,password
-  async pmlogin(p, q, req) {
+  async pmlogin (p, q, req) {
    var self = this;
    //先要按照用户名，在统一账户中查找存在性
    //如果不存在
@@ -158,7 +158,9 @@ class UserService extends ServiceBase {
    }
    var rtn = {}
    let u = await this.findOne({ userName: p.userName });
-    let inpassword = this.getEncryptStr(p.password);
+    //解密客户端密码
+    let passwd = system.desEncript(p.password)
+    let inpassword = this.getEncryptStr(passwd);
    if (u.password != inpassword) {
      return null;
    }
@@ -198,7 +200,7 @@ class UserService extends ServiceBase {
      }
    })
  }
-  async getUserInfo(uname) {
+  async getUserInfo (uname) {
    // let userfind = await this.dao.model.findOne({
    //   where: { userName: uname, app_id: settings.pmappid },
    //   attributes: ['userName', 'nickName',"headUrl",'isSuper','isAdmin'],
@@ -219,7 +221,7 @@ class UserService extends ServiceBase {
  //自由用户的电话登录和注册
  //需要存在公司KEY
-  async pmloginByVCodeForFreeUser(p, q) {
+  async pmloginByVCodeForFreeUser (p, q) {
    p.rolecodes = [settings.pmroleid["pr"]];
    let rtn = await this.pmloginByVCode(p, q, req)
    return system.getResult(rtn);
@@ -228,7 +230,7 @@ class UserService extends ServiceBase {
  //平台租户注册与登录
  //用户验证码登录
  //
-  async pmloginByVCode(p, q, req) {
+  async pmloginByVCode (p, q, req) {
    var rtn = {}
    //检查传递过来的手机验证码是否与缓存的一致
    let mobile = p.mobile;
@@ -273,19 +275,19 @@ class UserService extends ServiceBase {
    //不一致那么就
  }
  //发送手机验证码并缓存
-  async sendVCode(p, q, req) {
+  async sendVCode (p, q, req) {
    let mobile = p.mobile;
    let vcodeobj = await this.cacheManager["VCodeCache"].cache(mobile, null, 60);
    return vcodeobj.vcode;
  }
-  async reSendVCode(p, q, req) {
+  async reSendVCode (p, q, req) {
    let mobile = p.mobile;
    await this.cacheManager["VCodeCache"].invalidate(mobile);
    let vcodeobj = await this.cacheManager["VCodeCache"].cache(mobile, null, 60);
    return vcodeobj.vcode;
  }
  //修改中心密码
-  async cmodifypwd(uname, newpwd, cmpid) {
+  async cmodifypwd (uname, newpwd, cmpid) {
    try {
      let rtn = await system.postJsonTypeReq(UserService.consumerUrl(uname), { tags: ["cmp_" + cmpid, "pass_" + newpwd] }, "PATCH")
      console.log(rtn)
@@ -299,7 +301,7 @@ class UserService extends ServiceBase {
    }
  }
  //创建统一账号及jwt身份
-  async cregister(uname, cmpid, pass, uid) {
+  async cregister (uname, cmpid, pass, uid) {
    try {
      var rtn2 = null;
      let rtn = await system.postJsonTypeReq(UserService.newConsumerUrl(), { username: uname, custom_id: uid, tags: ["cmp_" + cmpid, "pass_" + pass] })
@@ -321,7 +323,7 @@ class UserService extends ServiceBase {
  }
  //plkey--对应消费者jwt身份的key,插件解码token后，获取iss-key,查询出身份，利用
  //身份中的secret验证签名
-  async jwtsign(plkey, secretstr, opts) {
+  async jwtsign (plkey, secretstr, opts) {
    let promise = new Promise(function (resv, rej) {
      jwt.sign({ exp: Math.floor(Date.now() / 1000) + (60 * 60), iss: plkey }, secretstr, opts, function (err, rtn) {
        if (err) {
@@ -334,13 +336,13 @@ class UserService extends ServiceBase {
    return promise;
  }
  //只要登录 生成新的访问jwttoken
-  async cmakejwt(key, secret, opts) {
+  async cmakejwt (key, secret, opts) {
    var token = await this.jwtsign(key, secret, opts);
    return token;
  }
  //删除统一账号
-  async cunregister(uname) {
+  async cunregister (uname) {
    try {
      let rtn = await system.delReq(UserService.consumerUrl(uname))
      if (rtn.statusCode == 204) {
@@ -354,15 +356,15 @@ class UserService extends ServiceBase {
  //登录统一账号
-  async clogin(uname) {
+  async clogin (uname) {
    //检查是否存在重名
  }
  //按用户名查询统一用户
-  async findCUser(uname) {
+  async findCUser (uname) {
  }
-  async resetPassword(uname, pwd) {
+  async resetPassword (uname, pwd) {
    let inpassword = this.getEncryptStr(pwd, true);
    var self = this;
    return this.db.transaction(async function (t) {
@@ -380,7 +382,7 @@ class UserService extends ServiceBase {
    });
  }
  //修改
-  async update(qobj, tm = null) {
+  async update (qobj, tm = null) {
    var self = this;
    return this.db.transaction(async function (t) {
      delete qobj['company_id']
@@ -402,7 +404,7 @@ class UserService extends ServiceBase {
   * @param {*} productCatName 产品类型名称
   * @param {*} regionName 区域
   */
-  async getBizUserForBizChance(clientMobile, spName, productCatName, regionName) {
+  async getBizUserForBizChance (clientMobile, spName, productCatName, regionName) {
    var self = this
    clientMobile = clientMobile + "_" + spName + "_" + regionName + "_" + productCatName
    console.log(`商机 缓存 key -----  ${clientMobile} `);
@@ -427,7 +429,7 @@ class UserService extends ServiceBase {
      let companyFind = await self.companyDao.model.findOne({
        where: { name: spName }, include: [
          {
-            model: self.db.models.user, as: "us", attributes: ['id', 'userName', 'mobile', 'isAllocated', 'opath', 'skilltags', 'regiontags', 'isAllArea', 'isSalesman', 'isDelivery','tx_uin'], raw: true
+            model: self.db.models.user, as: "us", attributes: ['id', 'userName', 'mobile', 'isAllocated', 'opath', 'skilltags', 'regiontags', 'isAllArea', 'isSalesman', 'isDelivery', 'tx_uin'], raw: true
          }
        ], excludes: ['orgJson'], transaction: t
      });
@@ -486,7 +488,7 @@ class UserService extends ServiceBase {
      }
    })
  }
-  async findCostBySkuCode(skucode) {
+  async findCostBySkuCode (skucode) {
    let productpricetmp = await this.db.models.productprice.findOne({
      where: { skucode: skucode, isEnabled: true },
      include: [
@@ -512,7 +514,7 @@ class UserService extends ServiceBase {
   * @param {*} skucode 最小销售货品编码，来自渠道上架的码
   * @param {*} regionName 区域
   */
-  async getBizUserForDelivery(xclientMobile, spName, productCatName, skucode, regionName) {
+  async getBizUserForDelivery (xclientMobile, spName, productCatName, skucode, regionName) {
    let clientMobile = 'fordeliver' + xclientMobile + "_" + spName + "_" + regionName + "_" + productCatName
    console.log(`交付单缓存 key -----  ${clientMobile} `);
    var self = this
@@ -537,7 +539,7 @@ class UserService extends ServiceBase {
      let companyFind = await self.companyDao.model.findOne({
        where: { name: spName }, include: [
          {
-            model: self.db.models.user, as: "us", attributes: ['id', 'userName', 'mobile', 'isAllocated', 'opath', 'skilltags', 'regiontags', 'isAllArea', 'isSalesman', 'isDelivery','tx_uin'], raw: true
+            model: self.db.models.user, as: "us", attributes: ['id', 'userName', 'mobile', 'isAllocated', 'opath', 'skilltags', 'regiontags', 'isAllArea', 'isSalesman', 'isDelivery', 'tx_uin'], raw: true
          }
        ], excludes: ['orgJson'], transaction: t
      });

--- a/center-manage/app/base/system.js
+++ b/center-manage/app/base/system.js
@@ -4,7 +4,7 @@ var settings = require("../config/settings");
 const request = require('request');
 const cryptoJS = require('crypto-js');
 class System {
-	static declare(ns) {
+	static declare (ns) {
 		var ar = ns.split('.');
 		var root = System;
 		for (var i = 0, len = ar.length; i < len; ++i) {
@@ -17,7 +17,7 @@ class System {
 			}
 		}
 	}
-	static async delReq(url, qdata) {
+	static async delReq (url, qdata) {
 		let rtn = {}
 		let promise = new Promise(function (resv, rej) {
 			request.del({
@@ -40,7 +40,7 @@ class System {
 		})
 		return promise;
 	}
-	static async getReq(url, qdata) {
+	static async getReq (url, qdata) {
 		let rtn = {}
 		let promise = new Promise(function (resv, rej) {
 			request.get({
@@ -63,7 +63,7 @@ class System {
 		})
 		return promise;
 	}
-	static async postJsonTypeReq(url, data, md = "POST") {
+	static async postJsonTypeReq (url, data, md = "POST") {
 		let rtn = {}
 		let promise = new Promise(function (resv, rej) {
 			request({
@@ -92,7 +92,7 @@ class System {
 		})
 		return promise;
 	}
-	static async post3wFormTypeReq(url, data) {
+	static async post3wFormTypeReq (url, data) {
 		let rtn = {}
 		let promise = new Promise(function (resv, rej) {
 			request.post({
@@ -111,7 +111,7 @@ class System {
 		})
 		return promise;
 	}
-	static async postMpFormTypeReq(url, formdata) {
+	static async postMpFormTypeReq (url, formdata) {
 		let promise = new Promise(function (resv, rej) {
 			request.post({
 				url: url,
@@ -133,7 +133,7 @@ class System {
 	 * @param {*} okmsg 操作成功的描述
 	 * @param {*} req 请求头信息
 	 */
-	static getResult(data, opmsg = "操作成功", req) {
+	static getResult (data, opmsg = "操作成功", req) {
 		return {
 			status: !data ? -1 : 0,
 			msg: opmsg,
@@ -146,7 +146,7 @@ class System {
 	 * @param {*} data 操作成功返回的数据
 	 * @param {*} okmsg 操作成功的描述
 	 */
-	static getResultSuccess(data, okmsg = "success") {
+	static getResultSuccess (data, okmsg = "success") {
 		return {
 			status: 0,
 			msg: okmsg,
@@ -159,7 +159,7 @@ class System {
 	 * @param {*} errmsg 操作失败的描述，默认为fail
 	 * @param {*} data 操作失败返回的数据
 	 */
-	static getResultFail(status = -1, errmsg = "fail", data = null) {
+	static getResultFail (status = -1, errmsg = "fail", data = null) {
 		return {
 			status: status,
 			msg: errmsg,
@@ -171,14 +171,14 @@ class System {
 	 * @param {*} errmsg 操作失败的描述，默认为fail
 	 * @param {*} data 操作失败返回的数据
 	 */
-	static getResultError(errmsg = "fail", data = null) {
+	static getResultError (errmsg = "fail", data = null) {
 		return {
 			status: -200,
 			msg: errmsg,
 			data: data,
 		};
 	}
-	static register(key, ClassObj, groupName, filename) {
+	static register (key, ClassObj, groupName, filename) {
 		if (System.objTable[key] != null) {
 			throw new Error("相同key的对象已经存在");
 		} else {
@@ -193,7 +193,7 @@ class System {
 		return System.objTable[key];
 	}
-	static getObject(objpath) {
+	static getObject (objpath) {
 		var pathArray = objpath.split(".");
 		var packageName = pathArray[0];
 		var groupName = pathArray[1];
@@ -234,7 +234,7 @@ class System {
 		}
 	}
-	static getSysConfig() {
+	static getSysConfig () {
 		var configPath = settings.basepath + "/app/base/db/metadata/index.js";
 		// if(settings.env=="dev"){
 		// 	console.log("delete "+configPath+"cache config");
@@ -244,7 +244,7 @@ class System {
 		var configValue = require(configPath);
 		return configValue.config;
 	}
-	static get_client_ip(req) {
+	static get_client_ip (req) {
 		var ip = req.headers['x-forwarded-for'] ||
 			req.ip ||
 			req.connection.remoteAddress ||
@@ -266,7 +266,7 @@ class System {
 	* @param {*} resultInfo 返回结果
 	* @param {*} errorInfo 错误信息
 	*/
-	static execLogs(opTitle, params, identifyCode, resultInfo, errorInfo) {
+	static execLogs (opTitle, params, identifyCode, resultInfo, errorInfo) {
 		var reqUrl = settings.logUrl();
 		let isLogData = true
 		if (params.method && (params.method.indexOf("find") >= 0 || params.method.indexOf("get") >= 0)) {
@@ -302,7 +302,7 @@ class System {
  * 加密信息
  * @param {*} opStr 
  */
-	static encryptStr(opStr) {
+	static encryptStr (opStr) {
 		if (!opStr) {
 			return "";
 		}
@@ -315,7 +315,7 @@ class System {
 	 * 解密信息
 	 * @param {*} opStr 
 	 */
-	static decryptStr(opStr) {
+	static decryptStr (opStr) {
 		if (!opStr) {
 			return "";
 		}
@@ -327,6 +327,22 @@ class System {
 		var plaintext = bytes.toString(cryptoJS.enc.Utf8);
 		return plaintext;
 	}
+    /**
+	 * 登录密码解码
+	 * @param {*} desstr 
+	 */
+	static desEncript (desstr) {
+		let deskey = '647a68c9-da01-40d3-9763-1ffa0f64cf3f'
+		var keyHex = CryptoJS.enc.Utf8.parse(deskey);
+		// direct decrypt ciphertext
+		var decrypted = CryptoJS.DES.decrypt({
+			ciphertext: CryptoJS.enc.Base64.parse(desstr)
+		}, keyHex, {
+				mode: CryptoJS.mode.ECB,
+				padding: CryptoJS.pad.Pkcs7
+			});
+		return decrypted.toString(CryptoJS.enc.Utf8);
+	}
 }
 Date.prototype.Format = function (fmt) { //author: meizz