登录限制提交

2023-04-28 14:33:39 +08:00 · 2023-04-28 14:33:39 +08:00 · 5f119d6f0e
parent 2eecca60f0
commit 5f119d6f0e
1 changed files with 37 additions and 30 deletions
--- a/IRaCIS.Core.Application/Service/Management/UserService.cs
+++ b/IRaCIS.Core.Application/Service/Management/UserService.cs
@ -617,34 +617,33 @@ namespace IRaCIS.Application.Services
        public async Task<IResponseOutput<LoginReturnDTO>> Login(string userName, string password)
        {

-            //const string cachePrefix = "login-failures:";
-            //const int maxFailures = 3;
-            //const int lockoutMinutes = 3;
+            const string cachePrefix = "login-failures:";
+            const int maxFailures = 3;
+            const int lockoutMinutes = 1;

-            //// 生成缓存键
-            //string cacheKey = $"{cachePrefix}{userName}";
+            // 生成缓存键
+            string cacheKey = $"{cachePrefix}{userName}";

-            //// 从缓存中获取登录失败次数
-            //int? failCount = _cache.Get<int?>(cacheKey);
+            // 从缓存中获取登录失败次数
+            int? failCount = _cache.Get<int?>(cacheKey);


-            //if (failCount != null)
-            //{
+            if (failCount == null)
+            {
+                failCount = 0;
+            }

-            //    _cache.Set(cacheKey + ":locked", true, TimeSpan.FromMinutes(lockoutMinutes));
+            //每次登录 都重置缓存时间
+            _cache.Set(cacheKey, failCount, TimeSpan.FromMinutes(lockoutMinutes));

-            //    if (failCount >= maxFailures)
-            //    {
-            //        throw new BusinessValidationFailedException($"账号已被锁定，请等待 {lockoutMinutes} 分钟后再试。");
-            //    }

-            //}

-            //if (failCount >= maxFailures)
-            //{
-            //    // 如果登录失败次数达到了 3 次，则锁定用户
-            //    _cache.Set(cacheKey + ":locked", true, TimeSpan.FromMinutes(lockoutMinutes));
-            //}
+            if (failCount >= maxFailures)
+            {
+                throw new BusinessValidationFailedException($"密码连续错误3次,当前账号已被限制登录，请等待 {lockoutMinutes} 分钟后再试。");
+            }
+
+



@ -674,7 +673,9 @@ namespace IRaCIS.Application.Services
                #endregion


-
+                //错误次数累加
+                failCount++;
+                _cache.Set(cacheKey, failCount, TimeSpan.FromMinutes(lockoutMinutes));

                return ResponseOutput.NotOk(_localizer["User_CheckNameOrPw"], new LoginReturnDTO());

@ -688,6 +689,12 @@ namespace IRaCIS.Application.Services
                return ResponseOutput.NotOk(_localizer["User_Disabled"], new LoginReturnDTO());
            }

+
+            //登录成功  清除缓存
+            _cache.Set(cacheKey, 0, TimeSpan.FromMinutes(lockoutMinutes));
+
+
+
            userLoginReturnModel.BasicInfo = loginUser;

            // 登录 清除缓存