|
...
|
...
|
@@ -25,15 +25,10 @@ const cache = global.yoho.cache; |
|
|
|
|
|
|
|
let siteUrl = config.siteUrl.indexOf('//') === 0 ? 'http:' + config.siteUrl : config.siteUrl;
|
|
|
|
|
|
|
|
|
|
|
|
function getLoginStat(ip) {
|
|
|
|
let errorLoginKey = 'loginErrorIp:' + ip;
|
|
|
|
let accountKey = 'signinErrorIp:' + ip;
|
|
|
|
let cacheGet = [cache.get(errorLoginKey), cache.get(accountKey)];
|
|
|
|
|
|
|
|
return Promise.all(cacheGet).catch(() => {
|
|
|
|
return [0, 0];
|
|
|
|
});
|
|
|
|
return cache.get(errorLoginKey);
|
|
|
|
}
|
|
|
|
|
|
|
|
// 本地登录
|
|
...
|
...
|
@@ -42,7 +37,6 @@ passport.use('local', new LocalStrategy({ |
|
|
|
passwordField: 'password',
|
|
|
|
passReqToCallback: true
|
|
|
|
}, (req, username, password, done) => {
|
|
|
|
|
|
|
|
let area = req.body.areaCode || '86';
|
|
|
|
|
|
|
|
if (_.isEmpty(password)) {
|
|
...
|
...
|
@@ -55,48 +49,38 @@ passport.use('local', new LocalStrategy({ |
|
|
|
|
|
|
|
let clientIp = req.yoho.clientIp;
|
|
|
|
let errorLoginKey = 'loginErrorIp:' + clientIp;
|
|
|
|
let accountKey = 'signinErrorIp:' + clientIp;
|
|
|
|
|
|
|
|
getLoginStat(clientIp).then(times => {
|
|
|
|
let errLoginTimes = _.parseInt(times[0]) || 0;
|
|
|
|
let accountTimes = _.parseInt(times[1]) || 0;
|
|
|
|
|
|
|
|
if (accountTimes >= 10) {
|
|
|
|
done({message: '您的账号已被暂时锁定,请稍后再试'}, null);
|
|
|
|
} else {
|
|
|
|
return LoginApi.signin(type, area, username, password, shoppingKey, clientIp).then((result) => {
|
|
|
|
if (result.code && result.code === 200 && result.data.uid) {
|
|
|
|
cache.del(errorLoginKey).catch(() => {});
|
|
|
|
|
|
|
|
req.session.type = '';
|
|
|
|
done(null, result.data);
|
|
|
|
getLoginStat(clientIp).then((times) => {
|
|
|
|
let errLoginTimes = _.parseInt(times) || 0;
|
|
|
|
|
|
|
|
return LoginApi.signin(type, area, username, password, shoppingKey, clientIp).then((result) => {
|
|
|
|
if (result.code && result.code === 200 && result.data.uid) {
|
|
|
|
cache.del(errorLoginKey).catch(() => {});
|
|
|
|
req.session.type = '';
|
|
|
|
|
|
|
|
done(null, result.data);
|
|
|
|
} else {
|
|
|
|
errLoginTimes = errLoginTimes + 1;
|
|
|
|
cache.set(errorLoginKey, errLoginTimes, 3600).catch(() => {});
|
|
|
|
|
|
|
|
// 再次校验
|
|
|
|
if (errLoginTimes >= 1) {
|
|
|
|
req.session.type = 'needCaptcha';
|
|
|
|
done({
|
|
|
|
message: `您输入的密码及账户名不匹配,
|
|
|
|
是否<a href="${helpers.urlFormat('/passport/back/index')}" target="_blank">忘记密码?</a>`,
|
|
|
|
needCaptcha: true,
|
|
|
|
type: type
|
|
|
|
});
|
|
|
|
} else {
|
|
|
|
errLoginTimes = errLoginTimes + 1;
|
|
|
|
accountTimes = accountTimes + 1;
|
|
|
|
cache.set(errorLoginKey, errLoginTimes).catch(() => {});
|
|
|
|
cache.set(accountKey, accountTimes, 3600).catch(() => {});
|
|
|
|
|
|
|
|
// 再次校验
|
|
|
|
if (accountTimes >= 10) {
|
|
|
|
done({message: '您的账号已被暂时锁定,请稍后再试'}, null);
|
|
|
|
} else if (errLoginTimes >= 1) {
|
|
|
|
req.session.type = 'needCaptcha';
|
|
|
|
done({
|
|
|
|
message: `您输入的密码及账户名不匹配,
|
|
|
|
是否<a href="${helpers.urlFormat('/passport/back/index')}" target="_blank">忘记密码?</a>`,
|
|
|
|
needCaptcha: true,
|
|
|
|
type: type
|
|
|
|
});
|
|
|
|
} else {
|
|
|
|
done({
|
|
|
|
message: `您输入的密码及账户名不匹配,
|
|
|
|
是否<a href="${helpers.urlFormat('/passport/back/index')}" target="_blank">忘记密码?</a>`,
|
|
|
|
needCaptcha: false
|
|
|
|
});
|
|
|
|
}
|
|
|
|
done({
|
|
|
|
message: `您输入的密码及账户名不匹配,
|
|
|
|
是否<a href="${helpers.urlFormat('/passport/back/index')}" target="_blank">忘记密码?</a>`,
|
|
|
|
needCaptcha: false
|
|
|
|
});
|
|
|
|
}
|
|
|
|
});
|
|
|
|
}
|
|
|
|
}
|
|
|
|
});
|
|
|
|
}).catch(e => {
|
|
|
|
logger.error('call the signin service fail,', e);
|
|
|
|
done('登录失败,请稍后重试', null);
|
...
|
...
|
|
