diff --git a/IRaCIS.Core.Application/Service/Management/UserService.cs b/IRaCIS.Core.Application/Service/Management/UserService.cs index 10a01e0cb..fef36d73e 100644 --- a/IRaCIS.Core.Application/Service/Management/UserService.cs +++ b/IRaCIS.Core.Application/Service/Management/UserService.cs @@ -85,7 +85,7 @@ namespace IRaCIS.Application.Services if (oldPwd != null && oldPwd == newPwd) { - //---新密码与旧密码相同。 + //---新密码与旧密码相同。 throw new BusinessValidationFailedException(_localizer["User_NewOldPwdSame"]); } @@ -94,13 +94,13 @@ namespace IRaCIS.Application.Services if (oldPwd != null && dbUser.Password != oldPwd) { - //---旧密码验证失败。 + //---旧密码验证失败。 throw new BusinessValidationFailedException(_localizer["User_OldPwdInvalid"]); } if (dbUser.Password == newPwd) { - //---新密码与旧密码相同。 + //---新密码与旧密码相同。 throw new BusinessValidationFailedException(_localizer["User_NewOldPwdSame"]); } @@ -159,7 +159,7 @@ namespace IRaCIS.Application.Services //检查验证码是否失效 if (verificationRecord.ExpirationTime < DateTime.Now) { - //---验证码已经过期。 + //---验证码已经过期。 return ResponseOutput.NotOk(_localizer["User_VerificationCodeExpired"]); } @@ -361,7 +361,7 @@ namespace IRaCIS.Application.Services if (verificationRecord.ExpirationTime < DateTime.Now) { - //---验证码已经过期。 + //---验证码已经过期。 throw new BusinessValidationFailedException(_localizer["User_VerificationCodeExpired"]); } else //验证码正确 并且 没有超时 @@ -465,7 +465,7 @@ namespace IRaCIS.Application.Services public async Task> GetUserList(UserListQueryDTO param) { var userQueryable = _userRepository.Where(x => x.UserTypeEnum != UserTypeEnum.SuperAdmin) - .WhereIf(!string.IsNullOrWhiteSpace(param.UserName), t => t.UserName.Contains(param.UserName) ) + .WhereIf(!string.IsNullOrWhiteSpace(param.UserName), t => t.UserName.Contains(param.UserName)) .WhereIf(!string.IsNullOrWhiteSpace(param.RealName), t => t.FullName.Contains(param.RealName)) .WhereIf(!string.IsNullOrWhiteSpace(param.Phone), t => t.Phone.Contains(param.Phone)) .WhereIf(!string.IsNullOrWhiteSpace(param.OrganizationName), t => t.OrganizationName.Contains(param.OrganizationName)) @@ -617,34 +617,33 @@ namespace IRaCIS.Application.Services public async Task> Login(string userName, string password) { - //const string cachePrefix = "login-failures:"; - //const int maxFailures = 3; - //const int lockoutMinutes = 3; + const string cachePrefix = "login-failures:"; + const int maxFailures = 3; + const int lockoutMinutes = 1; - //// 生成缓存键 - //string cacheKey = $"{cachePrefix}{userName}"; + // 生成缓存键 + string cacheKey = $"{cachePrefix}{userName}"; - //// 从缓存中获取登录失败次数 - //int? failCount = _cache.Get(cacheKey); + // 从缓存中获取登录失败次数 + int? failCount = _cache.Get(cacheKey); - //if (failCount != null) - //{ + if (failCount == null) + { + failCount = 0; + } + + //每次登录 都重置缓存时间 + _cache.Set(cacheKey, failCount, TimeSpan.FromMinutes(lockoutMinutes)); + + + + if (failCount >= maxFailures) + { + throw new BusinessValidationFailedException($"密码连续错误3次,当前账号已被限制登录,请等待 {lockoutMinutes} 分钟后再试。"); + } - // _cache.Set(cacheKey + ":locked", true, TimeSpan.FromMinutes(lockoutMinutes)); - // if (failCount >= maxFailures) - // { - // throw new BusinessValidationFailedException($"账号已被锁定,请等待 {lockoutMinutes} 分钟后再试。"); - // } - - //} - - //if (failCount >= maxFailures) - //{ - // // 如果登录失败次数达到了 3 次,则锁定用户 - // _cache.Set(cacheKey + ":locked", true, TimeSpan.FromMinutes(lockoutMinutes)); - //} @@ -674,7 +673,9 @@ namespace IRaCIS.Application.Services #endregion - + //错误次数累加 + failCount++; + _cache.Set(cacheKey, failCount, TimeSpan.FromMinutes(lockoutMinutes)); return ResponseOutput.NotOk(_localizer["User_CheckNameOrPw"], new LoginReturnDTO()); @@ -688,6 +689,12 @@ namespace IRaCIS.Application.Services return ResponseOutput.NotOk(_localizer["User_Disabled"], new LoginReturnDTO()); } + + //登录成功 清除缓存 + _cache.Set(cacheKey, 0, TimeSpan.FromMinutes(lockoutMinutes)); + + + userLoginReturnModel.BasicInfo = loginUser; // 登录 清除缓存 @@ -721,7 +728,7 @@ namespace IRaCIS.Application.Services // //} - + // //return isLocked; //}