|
...
|
...
|
@@ -6,6 +6,7 @@ use LibModels\Web\Passport\LoginData; |
|
|
|
use Passport\PassportModel as PassportModel;
|
|
|
|
use Configs\ChannelConfig;
|
|
|
|
use WebPlugin\Helpers;
|
|
|
|
use WebPlugin\Cache;
|
|
|
|
|
|
|
|
class LoginController extends WebAction
|
|
|
|
{
|
|
...
|
...
|
@@ -61,8 +62,7 @@ class LoginController extends WebAction |
|
|
|
*/
|
|
|
|
public function authAction()
|
|
|
|
{
|
|
|
|
$data = array('code' => 400, 'message' => '账号或密码不正确', 'data' => '');
|
|
|
|
|
|
|
|
$data = array('code' => 400, 'message' => '您输入的密码及账户名不匹配,是否忘记密码?', 'data' => '');
|
|
|
|
do {
|
|
|
|
/* 判断是不是AJAX请求 */
|
|
|
|
if (!$this->isAjax()) {
|
|
...
|
...
|
@@ -91,10 +91,29 @@ class LoginController extends WebAction |
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* 调用登录接口进行登录 */
|
|
|
|
/* 购物车 */
|
|
|
|
$shoppingKey = Helpers::getShoppingKeyByCookie();
|
|
|
|
/*
|
|
|
|
* 登录-防恶意机制
|
|
|
|
* 同一用户名登录密码错误次数超10次,需30分钟后尝试
|
|
|
|
* 同一ip登录密码错误次数超100次,需1小时后尝试 , ip错误提示语:您尝试的次数过多,账号已被暂时锁定,请稍后再试
|
|
|
|
*/
|
|
|
|
$ip = Helpers::getClientIp();
|
|
|
|
$ipKey = md5('ip_signin_' . $ip);
|
|
|
|
$accountKey = md5('account_signin_' . $account);
|
|
|
|
$accountTimes = Cache::increment($accountKey, 1, 0, 1800);
|
|
|
|
$ipTimes = Cache::increment($ipKey, 1, 0, 3600);
|
|
|
|
if ($accountTimes > 10) {
|
|
|
|
$data = array('code' => 400, 'message' => '您输入的密码及账户名不匹配,是否忘记密码?', 'data' => '');
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
if ($ipTimes > 100) {
|
|
|
|
$data = array('code' => 400, 'message' => '您尝试的次数过多,账号已被暂时锁定,请稍后再试', 'data' => '');
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
$data = LoginData::signin($area, $account, $password, $shoppingKey);
|
|
|
|
if (!isset($data['code']) || $data['code'] != 200 || !isset($data['data']['uid'])) {
|
|
|
|
$data = array('code' => 400, 'message' => '您输入的密码及账户名不匹配,是否忘记密码?', 'data' => '');
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
...
|
...
|
|
