1

package-lock.json

@@ -594,6 +594,11 @@
       "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz",
       "integrity": "sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo="
     },
+    "js-md5": {
+      "version": "0.8.0",
+      "resolved": "https://registry.npmmirror.com/js-md5/-/js-md5-0.8.0.tgz",
+      "integrity": "sha512-1P89P93CEdNOvn55xl3qNY4L9SYxU65bCC/P+8Z6RKCkwJjCg4kGtiDosnwWKKxoGk+ojqBie9cL6XdQZR6c3w=="
+    },
     "jsbn": {
       "version": "0.1.1",
       "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz",

package.json

@@ -181,6 +181,7 @@
             "resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz",
             "version": "1.0.0"
         },
+        "js-md5": "^0.8.0",
         "loader": "^2.1.1",
         "media-typer": {
             "integrity": "sha1-hxDXrwqmJvj/+hzgAWhUUmMlV0g=",
@@ -430,4 +431,4 @@
             "version": "1.1.2"
         }
     }
-}
+}

ssti.js

@@ -1,9 +1,9 @@
 // ROUTES FOR OUR API
 // =============================================================================
 var express = require('express');
+import md5 from 'js-md5'
 var bcrypt = require('bcryptjs');
 var router = express.Router(); // get an instance of the express Router
-const app = express();
 var http = require('http');
 var qs = require('qs');
 const querystring = require('querystring');
@@ -35,43 +35,6 @@ function asynnext(req, res, next) {
         //resolve(true);aa
     });
 }
-
-const passport = require('passport');
-const CASStrategy = require('passport-cas').Strategy;
-
-// 配置CAS策略
-passport.use(new CASStrategy({
-    casURL: 'http://authserver.ssti.net.cn/authserver',
-    serviceURL: 'https://cxcy.ssti.net.cn/api/login',
-    validateURL: 'http://authserver.ssti.net.cn/authserver/serviceValidate',
-    ssoBaseURL: 'http://authserver.ssti.net.cn/authserver',
-    serverBaseURL: 'https://cxcy.ssti.net.cn/api'
-}, (profile, done) => {
-    // 在这里可以处理CAS认证成功后的逻辑
-    // 例如，可以将用户信息存储在session中
-    done(null, profile);
-}));
-
-// 初始化Passport.js中间件
-app.use(passport.initialize());
-app.use(passport.session());
-
-// 配置登录路由
-app.get('/api/login', passport.authenticate('cas'));
-
-// 配置CAS回调路由
-app.get('/api/login/callback', passport.authenticate('cas', {
-    successRedirect: '/profile',
-    failureRedirect: '/login'
-}));
-
-// 配置受保护的路由
-app.get('/api/profile', (req, res) => {
-    // 在这里可以通过req.user获取CAS认证的用户信息
-    res.send('Welcome, ' + req.user);
-});
-
-
 /*測試*/
 router.route('/a').all((req, res, next) => {
     var json = GetData(req);
@@ -92,97 +55,32 @@ router.route('/a').all((req, res, next) => {
 // })
 
 //测试接口
-router.get('/testApi', function(req, res, next) {
-
-    // 创建第三方服务器请求的选项对象
-    const options = {
-        hostname: 'cxcy.ssti.net.cn',
-        path: "/sso/api",
-        method: 'GET', // 请求方法
-        headers: req.headers
-    };
-    console.log(options);
-
-    // 发送第三方服务器请求
-    const proxyReq = https.request(options, (proxyRes) => {
-        // // 将第三方服务器的响应头部信息转发给用户
-        // res.writeHead(proxyRes.statusCode, proxyRes.headers);
-
-        // // 将第三方服务器的响应数据转发给用户
-        // proxyRes.pipe(res);
-
-        console.log(options);
-
-        let data = '';
-
-        // 接收响应数据
-        proxyRes.on('data', (chunk) => {
-            data += chunk;
-        });
-
-        // 响应结束时处理数据
-        proxyRes.on('end', () => {
-
-            console.log(data); // 输出获取到的数据
-            res.end(data)
-        });
-    });
-
-    // 处理请求错误
-    proxyReq.on('error', (error) => {
-        console.error(error);
-        res.statusCode = 500;
-        res.end('Internal Server Error');
-    });
-
-    // 将用户请求的数据转发给第三方服务器
-    req.pipe(proxyReq);
-
-    // // 创建向后端服务器的请求
-    // const options = {
-    //     hostname: 'cxcy.ssti.net.cn',
-    //     path: "/sso/api",
-    //     method: 'GET' //, // 请求方法
-    //         //headers: req.headers
-    // };
-
-    // // 发送HTTP请求
-    // const backendReq = https.request(options, (res) => {
-    //     console.log(res)
-    //     let data = '';
-
-    //     // 接收响应数据
-    //     res.on('data', (chunk) => {
-    //         data += chunk;
-    //     });
-
-    //     // 响应结束时处理数据
-    //     res.on('end', () => {
-    //         console.log(data); // 输出获取到的数据
-    //     });
-});
-
-// // 处理请求错误
-// backendReq.on('error', (error) => {
-//     console.error(error);
-// });
-
-// // 发送请求
-// backendReq.end();
-
-// const backendReq = https.request(options, (res) => {
-//     // 处理响应
-//     res.on('data', (data) => {
-//         console.log(data.toString());
+// router.post('/testApi', function(req, res, next) {
+//     // 创建向后端服务器的请求
+//     const options = {
+//         hostname: 'cxcy.ssti.net.cn',
+//         port: 80,
+//         path: "/sso/api",
+//         method: req.method,
+//         headers: req.headers
+//     };
+
+//     const backendReq = http.request(options, (backendRes) => {
+//         // 将后端服务器的响应转发给前端
+//         res.writeHead(backendRes.statusCode, backendRes.headers);
+//         backendRes.pipe(res);
 //     });
-// });
 
-// backendReq.on('error', (error) => {
-//     console.error(error);
-// });
+//     // 将前端请求的数据转发给后端
+//     req.pipe(backendReq);
 
-// backendReq.end();
-//})
+//     // 处理后端请求的错误
+//     backendReq.on('error', (error) => {
+//         console.error('Error:', error);
+//         res.statusCode = 500;
+//         res.end('Internal Server Error');
+//     });
+// })
 
 //消息与任务接口
 router.post('/getTest', function(req, res, next) {
@@ -252,7 +150,7 @@ router.post("/SelectAllDepartment", (req, res) => {
     const getUserid = getUid(str);
     mysql.usselect([_mysqlLabor[0], _mysqlLabor[1], 'selectUserIdentity', getUserid], (ret3) => {
         if (ret3[0][0].type == 0) {
-            if (data['uid'] == getUserid) {
+            if (md5(data['uid']) == getUserid) {
                 QMysql(req, res, "select_AllDepartment");
             } else {
                 res.end(JSON.stringify({ a: "身份认证失败！" }));
@@ -278,7 +176,7 @@ router.get("/SelectAllProject", (req, res) => {
     let data = GetData(req);
     const str = req.headers.cookie ? req.headers.cookie : '';
     const getUserid = getUid(str);
-    if (data['uid'] == getUserid) {
+    if (md5(data['uid']) == getUserid) {
         QMysql(req, res, "select_AllProject");
     } else {
         res.end(JSON.stringify({ a: "身份认证失败！" }));
@@ -298,13 +196,13 @@ router.get("/SelectAllProject", (req, res) => {
 //qgt 删除项目详细信息   有用
 router.post('/DeleteProject', (req, res) => {
     const data = GetData(req);
-    mysql.usselect([_mysqlLabor[0], _mysqlLabor[1], 'update_ProjectDeleteById', data['uid'], data['pid'], 1], result => res.end(JSON.stringify(result)));
+    mysql.usselect([_mysqlLabor[0], _mysqlLabor[1], 'update_ProjectDeleteById', md5(data['uid']), data['pid'], 1], result => res.end(JSON.stringify(result)));
 })
 
 // //qgt 项目立项申请提交审核
 // router.post("/ApproveProject", (req, res) => {
 //     const data = GetData(req);
-//     mysql.usselect([_mysqlLabor[0], _mysqlLabor[1], 'update_ProjectIsupload', data['uid'], data['pid'], 1], result => res.end(JSON.stringify(result)));
+//     mysql.usselect([_mysqlLabor[0], _mysqlLabor[1], 'update_ProjectIsupload', md5(data['uid']), data['pid'], 1], result => res.end(JSON.stringify(result)));
 // })
 
 //qgt 修改项目立项申请基础信息
@@ -322,7 +220,7 @@ router.get("/GetAllProjectName", (req, res) => {
     let data = GetData(req);
     const str = req.headers.cookie ? req.headers.cookie : '';
     const getUserid = getUid(str);
-    if (data['uid'] == getUserid) {
+    if (md5(data['uid']) == getUserid) {
         QMysql(req, res, 'select_AllProjectName');
     } else {
         res.end(JSON.stringify({ a: "身份认证失败！" }));
@@ -339,7 +237,7 @@ router.get('/GetAllActivity', (req, res) => {
     let data = GetData(req);
     const str = req.headers.cookie ? req.headers.cookie : '';
     const getUserid = getUid(str);
-    if (data['uid'] == getUserid) {
+    if (md5(data['uid']) == getUserid) {
         QMysql(req, res, "select_AllActivity")
     } else {
         res.end(JSON.stringify({ a: "身份认证失败！" }));
@@ -503,7 +401,7 @@ router.post('/GetProjectIsConclusion', (req, res) => {
     const getUserid = getUid(str);
     mysql.usselect([_mysqlLabor[0], _mysqlLabor[1], 'selectUserIdentity', getUserid], (ret3) => {
         if (ret3[0][0].type == 0) {
-            if (data['uid'] == getUserid) {
+            if (md5(data['uid']) == getUserid) {
                 QMysql(req, res, "select_ProjectIsConclusion");
             } else {
                 res.end(JSON.stringify({ a: "身份认证失败！" }));
@@ -685,7 +583,7 @@ router.get("/SelectMakerFundSelects", (req, res) => {
     let data = GetData(req);
     const str = req.headers.cookie ? req.headers.cookie : '';
     const getUserid = getUid(str);
-    if (data['uid'] == getUserid) {
+    if (md5(data['uid']) == getUserid) {
         QMysql(req, res, "select_MakerFundSelects")
     } else {
         res.end(JSON.stringify({ a: "身份认证失败！" }));
@@ -702,7 +600,7 @@ router.get("/selectAllFundApply", (req, res) => {
     let data = GetData(req);
     const str = req.headers.cookie ? req.headers.cookie : '';
     const getUserid = getUid(str);
-    if (data['uid'] == getUserid) {
+    if (md5(data['uid']) == getUserid) {
         QMysql(req, res, "select_AllFundApply")
     } else {
         res.end(JSON.stringify({ a: "身份认证失败！" }));
@@ -745,7 +643,7 @@ router.get('/getSystemState', (req, res) => {
     let data = GetData(req);
     const str = req.headers.cookie ? req.headers.cookie : '';
     const getUserid = getUid(str);
-    if (data['uid'] == getUserid) {
+    if (md5(data['uid']) == getUserid) {
         QMysql(req, res, 'select_systemState')
     } else {
         res.end(JSON.stringify({ a: "身份认证失败！" }));
@@ -762,7 +660,7 @@ router.get("/SelectProjectEndData", (req, res) => {
     let data = GetData(req);
     const str = req.headers.cookie ? req.headers.cookie : '';
     const getUserid = getUid(str);
-    if (data['uid'] == getUserid) {
+    if (md5(data['uid']) == getUserid) {
         QMysql(req, res, 'select_PlanEndProject')
     } else {
         res.end(JSON.stringify({ a: "身份认证失败！" }));