登录失败多次等待60秒

2023-08-25 17:47:31 +08:00
parent 7a2a342f40
commit 25f4baf672
1 changed files with 45 additions and 18 deletions
--- a/lib/dborm/dborm.go
+++ b/lib/dborm/dborm.go
@@ -699,9 +699,22 @@ func pwdErrCountAdd(accountId, profileStr string, reset bool) int {
 		return 0
 	}

+	// 读取配置信息 登录策略设置
+	result, err := XormGetConfig("Security", "loginSecurity")
+	if err != nil {
+		return 0
+	}
+	data := make(map[string]any)
+	err = json.Unmarshal([]byte(result["value_json"].(string)), &data)
+	if err != nil {
+		return 0
+	}
+	limitNum := data["limit_num"].(string)
+	passwordLimitTime := data["password_limit_time"].(string)
+
 	// 重置
 	if reset {
-		xEngine.Exec("UPDATE user SET status = 'Active' WHERE account_id = ?", accountId)
+		// xEngine.Exec("UPDATE user SET status = 'Active' WHERE account_id = ?", accountId)
 		profile["pwdErrCount"] = float64(0)
 		profile["pwdErrTime"] = 0
 	} else {
@@ -717,9 +730,20 @@ func pwdErrCountAdd(accountId, profileStr string, reset bool) int {
 			// 计算当前时间与给定时间之间的差值
 			duration := currentTime.Sub(tm)

-			// 比较差值是否超过30分钟
-			if duration.Minutes() > 30 {
-				xEngine.Exec("UPDATE user SET status = 'Active' WHERE account_id = ?", accountId)
+			// // 比较差值是否超过30分钟
+			// if duration.Minutes() > 30 {
+			// 	xEngine.Exec("UPDATE user SET status = 'Active' WHERE account_id = ?", accountId)
+			// 	profile["pwdErrCount"] = float64(0)
+			// 	profile["pwdErrTime"] = 0
+			// }
+
+			// 比较差值是否小于限定时间s
+			passwordLimitTimeInt, err := strconv.Atoi(passwordLimitTime)
+			if err != nil {
+				passwordLimitTimeInt = 0
+			}
+			if duration.Seconds() > float64(passwordLimitTimeInt) {
+				// xEngine.Exec("UPDATE user SET status = 'Active' WHERE account_id = ?", accountId)
 				profile["pwdErrCount"] = float64(0)
 				profile["pwdErrTime"] = 0
 			}
@@ -730,12 +754,17 @@ func pwdErrCountAdd(accountId, profileStr string, reset bool) int {
 			profile["pwdErrCount"] = count
 			profile["pwdErrTime"] = timeMlli
 			// 错误最大后锁定
-			if count == 3 {
-				_, err := xEngine.Exec("UPDATE user SET status = 'Locked' WHERE account_id = ?", accountId)
-				if err != nil {
-					return count
-				}
-			} else if count > 3 {
+			limitNumInt, err := strconv.Atoi(limitNum)
+			if err != nil {
+				limitNumInt = 0
+			}
+			// if count == limitNumInt {
+			// 	_, err := xEngine.Exec("UPDATE user SET status = 'Locked' WHERE account_id = ?", accountId)
+			// 	if err != nil {
+			// 		return count
+			// 	}
+			// }
+			if count >= limitNumInt {
 				return count
 			}
 		} else {
@@ -780,7 +809,7 @@ func XormCheckLoginUser(name, password, cryptArgo string) (bool, *User, error) {
 		}
 	case "bcrypt":
 		has, err := xEngine.Table("user").Where("account_id=?", name).Get(user)
-		if err != nil || has == false {
+		if err != nil || !has {
 			log.Error("Failed to get user from database:", err)
 			return false, nil, err
 		}
@@ -793,15 +822,13 @@ func XormCheckLoginUser(name, password, cryptArgo string) (bool, *User, error) {
 				return false, nil, errors.New("登录失败次数过多，请30分钟后重试")
 			}
 			return false, nil, err
-		} else if user.Status != "Closed" && user.Status != "Locked" {
-			// 重置错误次数
-			pwdErrCountAdd(user.AccountId, user.Profile, true)
-			user.Status = "Active"
 		}
+		// 重置错误次数
+		pwdErrCountAdd(user.AccountId, user.Profile, true)
 	default:
-		err := errors.New("Incorrect crypt algoritmo")
-		log.Error("crypt:%s", err)
-		return false, nil, err
+		errMsg := "Incorrect crypt algoritmo"
+		log.Error("crypt:%s", errMsg)
+		return false, nil, errors.New(errMsg)
 	}

 	// enum('Active','Closed','Locked','Pending')