修正了安全问题,不暴露openid

This commit is contained in:
guange 2016-06-22 12:11:34 +08:00
parent b6892cfc2d
commit 13273d02de
12 changed files with 88 additions and 87 deletions

View File

@ -23,6 +23,7 @@ module Mobile
version 'v1', using: :path
format :json
content_type :json, "application/json;charset=UTF-8"
use ActionDispatch::Session::CookieStore
use Mobile::Middleware::ErrorHandler
helpers do
@ -34,6 +35,10 @@ module Mobile
raise('Unauthorized. 用户认证失败.') unless current_user
end
def session
env['rack.session']
end
def current_user
openid = params[:openid]
if openid

View File

@ -23,10 +23,10 @@ module Mobile
params do
requires :login, type: String, desc: 'username'
requires :password, type: String, desc: 'password'
requires :openid, type: String, desc: 'wechat openid'
end
post 'wxbind' do
openid = params[:openid]
openid = session[:wechat_openid]
logger.debug "openid ============== #{openid}"
raise "无法获取到openid,请在微信中打开本页面" unless openid
uw = UserWechat.where(openid: openid).first
raise "此微信号已绑定用户(#{uw.user.login}), 不能重复绑定" if uw

View File

@ -191,14 +191,22 @@ class WechatsController < ActionController::Base
### controller method
module Controllers
def get_open_id
def get_bind
begin
code = params[:code] || session[:wechat_code]
openid = get_openid_from_code(code)
raise "无法获取到微信openid" unless openid
render :json => {status:0, openid: openid}
uw = UserWechat.where(openid: openid).first
raise "还未绑定trustie帐户" unless uw
logger.debug "get_bind ============= #{uw}"
user = uw.user
::ApiKey.delete_all(user_id: user.id)
key = ::ApiKey.create!(user_id: user.id)
render :json =>{status: 0, token: key.access_token}
rescue Exception=>e
render :json => {status: -1, message: e.message}
end
@ -240,21 +248,20 @@ class WechatsController < ActionController::Base
end
def user_activities
# session[:wechat_code] = params[:code] if params[:code]
# code = params[:code] || session[:wechat_code]
# openid = get_openid_from_code(code)
# @wechat_user = user_binded?(openid)
# unless @wechat_user
# redirect_to login_wechat_path
# return
# end
session[:wechat_code] = params[:code] if params[:code]
@code = params[:code] || session[:wechat_code]
@path = '/'+(params[:state] || '')
open_id = get_openid_from_code(params[:code]) rescue
unless open_id
render 'wechats/open_wechat', layout: nil and return
end
session[:wechat_openid] = open_id
render 'wechats/user_activities', layout: nil
end
private
def get_openid_from_code(code)
return 'oCnvgvz8R7QheXE-R9Kkr39j8Ndg' if code =='only-for-test'
openid = session[:wechat_openid]
unless openid

View File

@ -0,0 +1,18 @@
<!DOCTYPE html>
<html>
<head>
<meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=0">
</head>
<body>
<script type="text/javascript">
var ua = navigator.userAgent.toLowerCase();
var isWeixin = ua.indexOf('micromessenger') != -1;
var isAndroid = ua.indexOf('android') != -1;
var isIos = (ua.indexOf('iphone') != -1) || (ua.indexOf('ipad') != -1);
if (!isWeixin) {
document.head.innerHTML = '<title>抱歉,出错了</title><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=0"><link rel="stylesheet" type="text/css" href="https://res.wx.qq.com/connect/zh_CN/htmledition/style/wap_err1a9853.css">';
document.body.innerHTML = '<div class="page_msg"><div class="inner"><span class="msg_icon_wrp"><i class="icon80_smile"></i></span><div class="msg_content"><h4>请在微信客户端打开链接</h4></div></div></div>';
}
</script>
</body>
</html>

View File

@ -13,9 +13,9 @@
<link type="text/css" rel="stylesheet" href="/stylesheets/weui/weixin.css" />
<script type="text/javascript">
window.g_code = '<%= @code %>';
window.g_debug = false; //调试标志,如果在本地请置为true
window.apiUrl = '/api/v1/';
window.g_redirect_path = '<%= @path %>';
</script>
</head>
@ -26,6 +26,24 @@
<script src="https://dn-demotest.qbox.me/angular.all.min.js"></script>
<!--<script src="/javascripts/wechat/build/angular.all.min.js"></script>-->
<script src="/javascripts/wechat/build/app.min.js"></script>
<!--<script src="/javascripts/wechat/app.js"></script>-->
<!--<script src="/javascripts/wechat/others/factory.js"></script>-->
<!--<script src="/javascripts/wechat/others/filter.js"></script>-->
<!--<script src="/javascripts/wechat/directives/alert.js"></script>-->
<!--<script src="/javascripts/wechat/directives/form_validate.js"></script>-->
<!--<script src="/javascripts/wechat/directives/input_auto.js"></script>-->
<!--<script src="/javascripts/wechat/directives/loading_spinner.js"></script>-->
<!--<script src="/javascripts/wechat/controllers/reg.js"></script>-->
<!--<script src="/javascripts/wechat/controllers/login.js"></script>-->
<!--<script src="/javascripts/wechat/controllers/activity.js"></script>-->
<!--<script src="/javascripts/wechat/controllers/add_class.js"></script>-->
<!--<script src="/javascripts/wechat/controllers/blog.js"></script>-->
<!--<script src="/javascripts/wechat/controllers/course_notice.js"></script>-->
<!--<script src="/javascripts/wechat/controllers/discussion.js"></script>-->
<!--<script src="/javascripts/wechat/controllers/homework.js"></script>-->
<!--<script src="/javascripts/wechat/controllers/issue.js"></script>-->
<!--<script src="/javascripts/wechat/controllers/journals.js"></script>-->
<!--<script src="/javascripts/wechat/others/routes.js"></script>-->
</body>
</html>

View File

@ -1249,7 +1249,7 @@ RedmineApp::Application.routes.draw do
get :login
get :user_activities
post :bind
post :get_open_id
post :get_bind
end
end

View File

@ -8,6 +8,12 @@ app.constant('config', {
app.run(['$rootScope', 'auth', '$location', '$routeParams', function($rootScope, auth, $location, $routeParams){
if(g_redirect_path && g_redirect_path.length>0){
$location.path(g_redirect_path);
g_redirect_path = null;
}
$rootScope.$on('$routeChangeError', function(event, next, current){
if(next && next.templateUrl){
@ -18,11 +24,6 @@ app.run(['$rootScope', 'auth', '$location', '$routeParams', function($rootScope,
});
$rootScope.$on('$routeChangeStart', function(event, next, current){
console.log($routeParams);
if(next && next.templateUrl){
if(!next.templateUrl.endsWith("login.html") && !next.templateUrl.endsWith("reg.html")){
}
}
});
}
]);

View File

@ -1,7 +1,7 @@
var app=angular.module("wechat",["ngRoute"]);app.constant("config",{rootPath:"/assets/wechat/",rootUrl:"/",apiUrl:"/api/v1/"}),app.run(["$rootScope","auth","$location","$routeParams",function(t,e,o,a){t.$on("$routeChangeError",function(t,e,a){e&&e.templateUrl&&(e.templateUrl.endsWith("login.html")||e.templateUrl.endsWith("reg.html")||o.path("/login"))}),t.$on("$routeChangeStart",function(t,e,o){console.log(a),e&&e.templateUrl&&!e.templateUrl.endsWith("login.html")&&!e.templateUrl.endsWith("reg.html")})}]);
app.factory("alertService",function(){function t(){this.title=null,this.message=null,this.visible=null,this.cb=null}return t.prototype.showMessage=function(t,e,n){this.message=e,this.title=t,this.visible=!0,this.cb=n},t.prototype.dismiss=function(){this.message=null,this.title=null,this.visible=!1,this.cb&&this.cb()},{create:function(){return new t}}}),app.factory("auth",["$http","$routeParams","$q","session","config",function(t,e,n,o,a){var i="";"undefined"!=typeof g_openid&&(i=g_openid),i||(i=o.get("openid"));var r=function(){var e=n.defer(),i=s();return i&&i.length>10?e.resolve(i):c().then(function(e){return t.post(a.apiUrl+"users/isbind",{openid:e})}).then(function(t){0!=t.data.status?e.reject(t.data.message):(o.save("token",t.data.token),e.resolve(t.data.token))})["catch"](function(t){e.reject(t)}),e.promise},c=function(){var a=n.defer();if(console.log(i),"undefined"!=typeof i&&i&&i.length>0)a.resolve(i);else{var r=window.g_code||e.code||o.get("code");t({url:"/wechat/get_open_id",data:{code:r},method:"POST"}).then(function(t){0!=t.data.status?a.reject(t.data.message):(i=t.data.openid,a.resolve(i))},function(t){a.reject(t)})}return a.promise},s=function(){return o.get("token")};return{isBind:r,token:s,openid:c}}]),app.factory("session",function(){return{save:function(t,e){sessionStorage.setItem(t,e)},get:function(t){return sessionStorage.getItem(t)}}}),app.factory("rms",function(){var t={},e=function(e,n){t[e]=n},n=function(e){return t[e]};return{save:e,get:n}}),app.factory("common",["$http","auth","$routeParams",function(t,e,n){var o=function(n,o,a,i){if(a.comment&&!(a.comment.length<=0)){var r=a.comment.replace(/\n/g,"<br/>"),c={type:o,content:r,token:e.token()};a.disabled=!0,t({method:"POST",url:apiUrl+"new_comment/"+n,data:c}).then(function(t){a.disabled=!1,"function"==typeof i&&i()},function(t){})}},a=function(n,o){return t({method:"GET",url:apiUrl+o+"/"+n+"?token="+e.token()})},i=function(n){n.praise_count+=1,n.has_praise=!0,t({method:"POST",url:apiUrl+"praise/"+n.act_id,data:{token:e.token(),type:n.act_type}}).then(function(t){console.log(t.data)},function(t){})},r=function(n){n.praise_count-=1,n.has_praise=!1,t({method:"POST",url:apiUrl+"praise/"+n.act_id,data:{token:e.token(),type:n.act_type}}).then(function(t){console.log(t.data)},function(t){})},c=function(t){t.scope.formData={comment:""};var e=function(e){a(e,t.type).then(function(e){t.loadCallback(e.data)},function(t){})};e(t.id),t.scope.addReply=function(n){console.log(n.comment),o(t.id,t.replyType,n,function(){t.scope.formData={comment:""},e(t.id),"function"==typeof t.replyCallback&&t.replyCallback()})},t.scope.addPraise=i,t.scope.decreasePraise=r};return{init:c,addCommonReply:o,loadCommonData:a,addCommonPraise:i,decreaseCommonPraise:r}}]);
var app=angular.module("wechat",["ngRoute"]);app.constant("config",{rootPath:"/assets/wechat/",rootUrl:"/",apiUrl:"/api/v1/"}),app.run(["$rootScope","auth","$location","$routeParams",function(t,a,e,r){g_redirect_path&&g_redirect_path.length>0&&(e.path(g_redirect_path),g_redirect_path=null),t.$on("$routeChangeError",function(t,a,r){a&&a.templateUrl&&(a.templateUrl.endsWith("login.html")||a.templateUrl.endsWith("reg.html")||e.path("/login"))}),t.$on("$routeChangeStart",function(t,a,e){})}]);
app.factory("alertService",function(){function t(){this.title=null,this.message=null,this.visible=null,this.cb=null}return t.prototype.showMessage=function(t,e,n){this.message=e,this.title=t,this.visible=!0,this.cb=n},t.prototype.dismiss=function(){this.message=null,this.title=null,this.visible=!1,this.cb&&this.cb()},{create:function(){return new t}}}),app.factory("auth",["$http","$routeParams","$q","session","config",function(t,e,n,o,a){var i=function(){var a=n.defer(),i=c();if(i&&i.length>10)a.resolve(i);else{window.g_code||e.code||o.get("code");t.post("/wechat/get_bind",{}).then(function(t){0!=t.data.status?a.reject(t.data.message):(o.save("token",t.data.token),a.resolve(t.data.token))})["catch"](function(t){a.reject(t)})}return a.promise},c=function(){return o.get("token")};return{get_bind:i,token:c}}]),app.factory("session",function(){return{save:function(t,e){sessionStorage.setItem(t,e)},get:function(t){return sessionStorage.getItem(t)}}}),app.factory("rms",function(){var t={},e=function(e,n){t[e]=n},n=function(e){return t[e]};return{save:e,get:n}}),app.factory("common",["$http","auth","$routeParams",function(t,e,n){var o=function(n,o,a,i){if(a.comment&&!(a.comment.length<=0)){var c=a.comment.replace(/\n/g,"<br/>"),s={type:o,content:c,token:e.token()};a.disabled=!0,t({method:"POST",url:apiUrl+"new_comment/"+n,data:s}).then(function(t){a.disabled=!1,"function"==typeof i&&i()},function(t){})}},a=function(n,o){return t({method:"GET",url:apiUrl+o+"/"+n+"?token="+e.token()})},i=function(n){n.praise_count+=1,n.has_praise=!0,t({method:"POST",url:apiUrl+"praise/"+n.act_id,data:{token:e.token(),type:n.act_type}}).then(function(t){console.log(t.data)},function(t){})},c=function(n){n.praise_count-=1,n.has_praise=!1,t({method:"POST",url:apiUrl+"praise/"+n.act_id,data:{token:e.token(),type:n.act_type}}).then(function(t){console.log(t.data)},function(t){})},s=function(t){t.scope.formData={comment:""};var e=function(e){a(e,t.type).then(function(e){t.loadCallback(e.data)},function(t){})};e(t.id),t.scope.addReply=function(n){console.log(n.comment),o(t.id,t.replyType,n,function(){t.scope.formData={comment:""},e(t.id),"function"==typeof t.replyCallback&&t.replyCallback()})},t.scope.addPraise=i,t.scope.decreasePraise=c};return{init:s,addCommonReply:o,loadCommonData:a,addCommonPraise:i,decreaseCommonPraise:c}}]);
app.filter("safeHtml",["$sce",function(t){return function(n){return t.trustAsHtml(n)}}]);
app.controller("ActivityController",["$anchorScroll","$location","$scope","$http","$timeout","auth","rms","common","alertService",function(t,a,e,o,i,c,n,s,r){e.replaceUrl=function(t){return t},e.alertService=r.create(),console.log("ActivityController load"),e.page=n.get("page")||0,e.activities=n.get("activities")||[],e.has_more=n.get("has_more"),e.loadActData=function(t){e.page=t,o({method:"POST",url:apiUrl+"activities",data:{token:c.token(),page:t}}).then(function(t){t.data.page>0?e.activities=e.activities.concat(t.data.data):e.activities=t.data.data,n.save("activities",e.activities),e.has_more=t.data.count+10*t.data.page<t.data.all_count,n.save("has_more",e.has_more),n.save("page",t.data.page),console.log(t.data)},function(t){})},e.activities.length<=0?c.isBind().then(function(){e.loadActData(0)},function(t){e.alertService.showMessage("获取token出错",t)}):i(function(){window.scrollTo(0,n.get("yoffset"))}),e.goDetail=function(t,e,o){n.save("yoffset",window.document.body.scrollTop),a.path("/"+t+"/"+e)},e.addPraise=function(t){s.addCommonPraise(t)},e.decreasePraise=function(t){s.decreaseCommonPraise(t)}}]);
app.controller("ActivityController",["$anchorScroll","$location","$scope","$http","$timeout","auth","rms","common","alertService",function(a,t,e,o,i,c,n,r,s){e.replaceUrl=function(a){return a},e.alertService=s.create(),console.log("ActivityController load"),e.page=n.get("page")||0,e.activities=n.get("activities")||[],e.has_more=n.get("has_more"),e.loadActData=function(a){e.page=a,o({method:"POST",url:apiUrl+"activities",data:{token:c.token(),page:a}}).then(function(a){a.data.page>0?e.activities=e.activities.concat(a.data.data):e.activities=a.data.data,n.save("activities",e.activities),e.has_more=a.data.count+10*a.data.page<a.data.all_count,n.save("has_more",e.has_more),n.save("page",a.data.page),console.log(a.data)},function(a){})},e.activities.length<=0?e.loadActData(0):i(function(){window.scrollTo(0,n.get("yoffset"))}),e.goDetail=function(a,e,o){n.save("yoffset",window.document.body.scrollTop),t.path("/"+a+"/"+e)},e.addPraise=function(a){r.addCommonPraise(a)},e.decreasePraise=function(a){r.decreaseCommonPraise(a)}}]);
app.controller("AddClassController",["$scope",function(o){}]);
app.controller("BlogController",["$scope","$http","$routeParams","auth","common",function(o,l,t,n,a){a.init({id:t.id,scope:o,type:"blog_comments",replyType:"BlogComment",loadCallback:function(l){o.blog=l.data},replyCallback:function(){}})}]);
app.controller("CourseNoticeController",["$scope","$http","$routeParams","auth","common",function(o,e,t,n,a){a.init({id:t.id,scope:o,type:"newss",replyType:"News",loadCallback:function(e){o.news=e.data},replyCallback:function(){}})}]);
@ -9,10 +9,11 @@ app.controller("DiscussionController",["$scope","$http","$routeParams","auth","c
app.controller("HomeworkController",["$scope","$http","$routeParams","auth","common",function(o,e,l,n,r){r.init({id:l.id,scope:o,type:"whomeworks",replyType:"HomeworkCommon",loadCallback:function(e){console.log(e),o.homework=e.data},replyCallback:function(){}})}]);
app.controller("IssueController",["$scope","$http","$routeParams","auth","common",function(o,e,l,s,t){t.init({id:l.id,scope:o,type:"issues",replyType:"Issue",loadCallback:function(e){console.log(e),o.issue=e.data},replyCallback:function(){}})}]);
app.controller("JournalsController",["$scope","$http","$routeParams","auth","common",function(o,a,e,l,n){n.init({id:e.id,scope:o,type:"journal_for_messages",replyType:"JournalsForMessage",loadCallback:function(a){o.message=a.data},replyCallback:function(){}})}]);
app.controller("LoginController",["$scope","$http","$location","$routeParams","alertService","config","auth","session",function(e,o,t,i,a,n,s,r){s.isBind().then(function(){t.path("/activities")}),i.code&&r.save("code",i.code);var l=e;l.loginFailed=!1,l.alertService=a.create(),l.findPwdDialog=a.create(),l.login=function(i,a){return i.$setSubmitted(),console.log(a),i.$valid?(console.log(apiUrl+"auth"),void s.openid().then(function(e){return o.post(n.apiUrl+"users/wxbind",{login:a.login,password:a.password,openid:e})}).then(function(o){console.log(o.data),l.loginFailed=0!=o.data.status,e.loginFailed?l.alertService.showMessage("出错了",o.data.message):l.alertService.showMessage("提示",o.data.message,function(){t.path("/activities")})})["catch"](function(e){l.alertService.showMessage("出错了",e)})):void console.log(i.$error)},l.showBox=function(){l.findPwdDialog.showMessage("提示","请访问www.trustie.net获取密码谢谢")},l.goReg=function(){t.path("/reg")}}]);
app.controller("LoginController",["$scope","$http","$location","$routeParams","alertService","config","auth","session",function(e,o,t,a,i,n,s,l){s.get_bind().then(function(){t.path("/activities")}),a.code&&l.save("code",a.code);var r=e;r.loginFailed=!1,r.alertService=i.create(),r.findPwdDialog=i.create(),r.login=function(a,i){return a.$setSubmitted(),console.log(i),a.$valid?(console.log(apiUrl+"auth"),void o.post(n.apiUrl+"users/wxbind",{login:i.login,password:i.password}).then(function(o){console.log(o.data),r.loginFailed=0!=o.data.status,e.loginFailed?r.alertService.showMessage("出错了",o.data.message):r.alertService.showMessage("提示",o.data.message,function(){t.path("/activities")})})["catch"](function(e){r.alertService.showMessage("出错了",e)})):void console.log(a.$error)},r.showBox=function(){r.findPwdDialog.showMessage("提示","请访问www.trustie.net获取密码谢谢")},r.goReg=function(){t.path("/reg")}}]);
app.controller("MyClassController",["$scope",function(o){}]);
app.controller("RegController",["$scope","$http","$location","alertService",function(e,o,a,r){var s=e;s.errDialog=r.create(),s.goLogin=function(){a.path("/login")},s.isagreed=!0,s.agreed=function(e){s.isagreed=!e},s.reg=function(e,a){return e.$setSubmitted(),console.log(e),e.$valid?(console.log(a),void o.post(apiUrl+"users",{login:a.username,password:a.password,mail:a.email}).then(function(e){0!=e.data.status?s.errDialog.showMessage("出错了",e.data.message):s.errDialog.showMessage("提示","注册且绑定微信成功")},function(e){s.errDialo.showMessage("出错了",e.data)})):void console.log(e.$error)}}]);
app.directive("myAlert",["config",function(t){return{templateUrl:t.rootPath+"templates/alert.html",scope:{title:"=",message:"=",visible:"=",cb:"="},link:function(t){t.dismiss=function(){t.visible=!1,"function"==typeof t.cb&&t.cb()}}}}]);
app.directive("pwdconfirm",function(){return{require:"ngModel",link:function(r,n,i,e){e.$validators.pwdconfirm=function(n,i){return r.user&&r.user.password==i}}}});
app.directive("inputAuto",function(){return{restrict:"A",scope:{},link:function(n,t){var e=t.parent().children().eq(0),i=t.parent().next();t.on("input",function(){console.log(i),e.html(t[0].value);var n=e[0].scrollHeight;t.css("height",n+"px")}),i.on("click",function(){t.css("height","28px")})}}});
app.directive("loadingSpinner",["$http",function(i){return{restrict:"A",replace:!0,template:'<div ng-show="activeCalls>0" class="loading-bg"><div class="loading-box"><img src="/images/loading.gif" alt=""/><span>加载中...</span></div></div>'}}]);
app.config(["$routeProvider","$httpProvider","$locationProvider","config",function(e,o,r,t){var l=t.rootPath,n={delay:["auth",function(e){return e.isBind()}]},i=function(e,o){return{templateUrl:l+e,controller:o,resolve:n}};e.when("/login",{templateUrl:l+"login.html",controller:"LoginController"}).when("/reg",{templateUrl:l+"reg.html",controller:"RegController"}).when("/activites",i("activities.html","ActivityController")).when("/issues/:id",i("issue_detail.html","IssueController")).when("/project_discussion/:id",i("project_discussion.html","DiscussionController")).when("/homework/:id",i("homework_detail.html","HomeworkController")).when("/course_notice/:id",i("course_notice.html","CourseNoticeController")).when("/course_discussion/:id",i("course_discussion.html","DiscussionController")).when("/journal_for_message/:id",i("jour_message_detail.html","JournalsController")).when("/blog_comment/:id",i("blog_detail.html","BlogController")).when("/add_class",i("add_class.html","AddClassController")).otherwise({redirectTo:"/activites"}),o.interceptors.push(["$q","$rootScope",function(e,o){return void 0==o.activeCalls&&(o.activeCalls=0),{request:function(e){return o.activeCalls+=1,e},requestError:function(e){return o.activeCalls-=1,e},response:function(e){return o.activeCalls-=1,e},responseError:function(e){return o.activeCalls-=1,e}}}])}]);
app.config(["$routeProvider","$httpProvider","$locationProvider","config",function(e,o,r,t){var l=t.rootPath,n={delay:["auth",function(e){return e.get_bind()}]},s=function(e,o){return{templateUrl:l+e,controller:o,resolve:n}};e.when("/login",{templateUrl:l+"login.html",controller:"LoginController"}).when("/reg",{templateUrl:l+"reg.html",controller:"RegController"}).when("/activites",s("activities.html","ActivityController")).when("/issues/:id",s("issue_detail.html","IssueController")).when("/project_discussion/:id",s("project_discussion.html","DiscussionController")).when("/homework/:id",s("homework_detail.html","HomeworkController")).when("/course_notice/:id",s("course_notice.html","CourseNoticeController")).when("/course_discussion/:id",s("course_discussion.html","DiscussionController")).when("/journal_for_message/:id",s("jour_message_detail.html","JournalsController")).when("/blog_comment/:id",s("blog_detail.html","BlogController")).when("/add_class",s("add_class.html","AddClassController")).when("/myclass",s("myclass.html","MyClassController")).otherwise({redirectTo:"/activites"}),o.interceptors.push(["$q","$rootScope",function(e,o){return void 0==o.activeCalls&&(o.activeCalls=0),{request:function(e){return o.activeCalls+=1,e},requestError:function(e){return o.activeCalls-=1,e},response:function(e){return o.activeCalls-=1,e},responseError:function(e){return o.activeCalls-=1,e}}}])}]);

View File

@ -39,13 +39,7 @@ app.controller('ActivityController',
};
if($scope.activities.length<=0){
auth.isBind().then(
function(){
$scope.loadActData(0);
}, function errorCallback(response) {
$scope.alertService.showMessage("获取token出错",response);
}
);
$scope.loadActData(0);
} else {
$timeout(function(){
window.scrollTo(0, rms.get("yoffset"));

View File

@ -1,6 +1,6 @@
app.controller('LoginController', ['$scope', '$http', '$location', '$routeParams', 'alertService', 'config','auth','session',
function ($scope, $http, $location, $routeParams, alertService, config, auth,session) {
if(auth.isBind().then(function(){
if(auth.get_bind().then(function(){
$location.path("/activities");
}));
@ -24,13 +24,9 @@ app.controller('LoginController', ['$scope', '$http', '$location', '$routeParams
console.log(apiUrl + "auth");
auth.openid().then(
function(openid){
return $http.post(
config.apiUrl + "users/wxbind",
{login: user.login, password: user.password, openid: openid}
);
}
$http.post(
config.apiUrl + "users/wxbind",
{login: user.login, password: user.password}
).then(
function(response) {
console.log(response.data);

View File

@ -29,16 +29,6 @@ app.factory('alertService', function(){
app.factory('auth', ['$http','$routeParams', '$q', 'session', 'config',function($http,$routeParams, $q, session,config){
var _openid = '';
if(typeof g_openid !== 'undefined'){
_openid = g_openid;
}
if(!_openid){
_openid = session.get("openid");
}
//是否已经绑定
var isBind = function(){
var defer = $q.defer();
@ -47,12 +37,11 @@ app.factory('auth', ['$http','$routeParams', '$q', 'session', 'config',function(
if(token && token.length>10){
defer.resolve(token);
} else {
getOpenId().then(function(openid){
return $http.post(
config.apiUrl+ 'users/isbind',
{openid: openid}
)
}).then(function(response){
var code = window.g_code || $routeParams.code || session.get("code");
$http.post(
'/wechat/get_bind',
{} ///不用传code了,都由服务器来处理
).then(function(response){
if(response.data.status!=0){
defer.reject(response.data.message);
}else {
@ -67,38 +56,10 @@ app.factory('auth', ['$http','$routeParams', '$q', 'session', 'config',function(
return defer.promise;
}
var getOpenId = function() {
var deferred = $q.defer();
console.log(_openid);
if (typeof _openid !== 'undefined' && _openid && _openid.length > 0){
deferred.resolve(_openid);
} else {
var code = window.g_code || $routeParams.code || session.get("code");
$http({
url: '/wechat/get_open_id',
data: {code: code},
method: 'POST'
}).then(function successCallback(response) {
if(response.data.status != 0){
deferred.reject(response.data.message);
} else{
_openid = response.data.openid;
//session.save("openid", _openid);
deferred.resolve(_openid);
}
}, function errorCallback(response) {
deferred.reject(response);
});
}
return deferred.promise;
};
var openid = function(){
return _openid;
};
var getToken = function(){
return session.get("token");
}
return {isBind: isBind, token: getToken, openid: getOpenId};
return {get_bind: isBind, token: getToken};
}]);
app.factory("session", function(){

View File

@ -2,7 +2,7 @@ app.config(['$routeProvider',"$httpProvider", "$locationProvider",'config', func
var rootPath = config.rootPath;
var resolve = {
delay: ['auth',function(auth){
return auth.isBind();
return auth.get_bind();
}]
};
var makeRoute = function(path, ctrl){