| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206 |
- import { CanActivateFn, Router } from '@angular/router';
- import { inject } from '@angular/core';
- import { WxworkAuth, FmodeParse } from 'fmode-ng/core';
- /**
- * 自定义企微认证守卫
- * 🔥 修复:如果是从客服板块跳转,跳过激活检查,直接允许访问
- * 如果用户未激活,重定向到身份激活页面
- * 如果用户已激活,允许访问
- */
- export const CustomWxworkAuthGuard: CanActivateFn = async (route, state) => {
- const router = inject(Router);
-
- console.log('🔐 CustomWxworkAuthGuard 执行,当前路由:', state.url);
-
- try {
- // 🔥 检查是否从客服板块或组长看板进入(跳过激活检查)
- const fromCustomerService = localStorage.getItem('enterFromCustomerService');
- const customerServiceMode = localStorage.getItem('customerServiceMode');
- const teamLeaderMode = localStorage.getItem('teamLeaderMode');
- const enterAsTeamLeader = localStorage.getItem('enterAsTeamLeader');
-
- console.log('🔍 检查进入模式标记:', {
- enterFromCustomerService: fromCustomerService,
- customerServiceMode: customerServiceMode,
- teamLeaderMode: teamLeaderMode,
- enterAsTeamLeader: enterAsTeamLeader
- });
-
- // 如果是从客服板块进入(一次性标记)或处于客服模式(持久化标记),都跳过激活检查
- if (fromCustomerService === '1' || customerServiceMode === 'true') {
- console.log('✅ 客服模式,跳过激活检查,直接允许访问');
- // 清除一次性标记(customerServiceMode保留,用于权限控制)
- if (fromCustomerService === '1') {
- localStorage.removeItem('enterFromCustomerService');
- }
- return true;
- }
-
- // 🔥 新增:如果是从组长看板进入,也跳过激活检查
- if (teamLeaderMode === 'true' || enterAsTeamLeader === '1') {
- console.log('✅ 组长模式,跳过激活检查,直接允许访问');
- // 清除一次性标记(teamLeaderMode保留,用于权限控制)
- if (enterAsTeamLeader === '1') {
- localStorage.removeItem('enterAsTeamLeader');
- }
- return true;
- }
-
- // 🔥 新增:如果从 /team-leader 路径进入,也跳过激活检查
- if (typeof window !== 'undefined' && (
- window.location.pathname.includes('/team-leader/') ||
- document.referrer.includes('/team-leader/')
- )) {
- console.log('✅ 检测到组长路径,跳过激活检查,直接允许访问');
- return true;
- }
-
- // 获取 cid
- let cid = route.paramMap.get('cid') ||
- route.queryParamMap.get('cid') ||
- localStorage.getItem('company');
-
- if (cid) {
- localStorage.setItem('company', cid);
- }
-
- if (!cid) {
- console.error('❌ 缺少 cid 参数');
- return false;
- }
-
- // 测试模式:跳过企微认证,直接检查 Profile
- if (cid === 'test' || cid === 'demo') {
- console.log('🧪 测试模式:跳过企微认证');
-
- const Parse = FmodeParse.with('nova');
- const query = new Parse.Query('Profile');
- query.equalTo('userid', 'test_user_001');
- const profile = await query.first();
-
- if (!profile || !profile.get('isActivated')) {
- console.log('⚠️ 测试用户未激活,跳转到激活页面');
- // 🔥 保存原始URL,激活后跳转回来
- localStorage.setItem('returnUrl', state.url);
- await router.navigate(['/wxwork', cid, 'activation']);
- return false;
- }
-
- console.log('✅ 测试模式认证通过');
- return true;
- }
-
- // 生产模式:真实企微认证
- // 初始化 WxworkAuth
- const wxAuth = new WxworkAuth({ cid, appId: 'crm' });
-
- // 尝试获取用户信息
- let userInfo;
- try {
- userInfo = await wxAuth.getUserInfo();
- console.log('✅ 获取用户信息成功:', {
- name: userInfo?.name,
- userid: userInfo?.userid,
- cid
- });
- } catch (err) {
- console.log('⚠️ 需要授权,跳转到激活页面');
- // 🔥 保存原始URL,激活后跳转回来
- localStorage.setItem('returnUrl', state.url);
- // 需要授权,跳转到激活页面
- await router.navigate(['/wxwork', cid, 'activation']);
- return false;
- }
-
- if (!userInfo) {
- console.log('⚠️ 无用户信息,跳转到激活页面');
- // 🔥 保存原始URL,激活后跳转回来
- localStorage.setItem('returnUrl', state.url);
- await router.navigate(['/wxwork', cid, 'activation']);
- return false;
- }
-
- // 检查用户是否已激活
- const profile = await wxAuth.currentProfile();
- console.log('🔎 currentProfile 查询结果:', {
- id: profile?.id,
- name: profile?.get?.('name'),
- realname: profile?.get?.('realname'),
- userid: profile?.get?.('userid'),
- isActivated: profile?.get?.('isActivated'),
- activatedAt: profile?.get?.('activatedAt')
- });
- if (!profile || !profile.get('isActivated')) {
- // 回退:直接按 userid 查询 Profile,避免因未登录或缓存导致的取数失败
- try {
- const Parse = FmodeParse.with('nova');
- const q = new Parse.Query('Profile');
- q.equalTo('userid', userInfo.userid);
-
- // 🔥 强制从服务器获取最新数据,不使用缓存
- const p2 = await q.first();
-
- console.log('🔎 回退 Profile 查询结果:', {
- userid查询: userInfo.userid,
- 找到Profile: !!p2,
- id: p2?.id,
- name: p2?.get?.('name'),
- realname: p2?.get?.('realname'),
- userid: p2?.get?.('userid'),
- isActivated: p2?.get?.('isActivated'),
- activatedAt: p2?.get?.('activatedAt'),
- createdAt: p2?.get?.('createdAt'),
- updatedAt: p2?.get?.('updatedAt')
- });
-
- if (p2 && p2.get('isActivated')) {
- // 已激活:执行自动登录并放行
- await wxAuth.autoLogin(userInfo);
- console.log('✅ 回退校验通过(已激活),允许访问');
- return true;
- }
-
- // 🔥 新增:如果Profile存在但isActivated为false/undefined,输出详细信息
- if (p2) {
- console.error('❌ Profile存在但未激活:', {
- profileId: p2.id,
- isActivated: p2.get('isActivated'),
- '所有字段': {
- name: p2.get('name'),
- realname: p2.get('realname'),
- userid: p2.get('userid'),
- roleName: p2.get('roleName'),
- mobile: p2.get('mobile'),
- isActivated: p2.get('isActivated'),
- isDisabled: p2.get('isDisabled'),
- isDeleted: p2.get('isDeleted')
- }
- });
- } else {
- console.error('❌ 未找到Profile记录, userid:', userInfo.userid);
- }
- } catch (e) {
- console.error('⚠️ 回退 Profile 查询异常:', e);
- }
- console.log('⚠️ 用户未激活,跳转到激活页面');
- // 🔥 保存原始URL,激活后跳转回来
- localStorage.setItem('returnUrl', state.url);
- await router.navigate(['/wxwork', cid, 'activation']);
- return false;
- }
- // 用户已激活,自动登录
- await wxAuth.autoLogin(userInfo);
-
- console.log('✅ 认证通过');
- return true;
-
- } catch (error) {
- console.error('❌ 认证守卫错误:', error);
- return false;
- }
- };
|
