From 9d45b71731fbd33cc5f01739bfef2083853a736b Mon Sep 17 00:00:00 2001
From: tokumeikoi <tokumeikoi@protonmail.com>
Date: Tue, 29 Mar 2022 20:39:22 +0800
Subject: [PATCH] update: register limit by ip

---
 app/Console/Commands/ClearUser.php            | 51 +++++++++++++++++++
 .../Controllers/Passport/AuthController.php   |  7 +++
 app/Utils/CacheKey.php                        |  3 +-
 resources/lang/en-US.json                     |  3 +-
 resources/lang/zh-CN.json                     |  3 +-
 5 files changed, 64 insertions(+), 3 deletions(-)
 create mode 100644 app/Console/Commands/ClearUser.php

diff --git a/app/Console/Commands/ClearUser.php b/app/Console/Commands/ClearUser.php
new file mode 100644
index 00000000..30eb3389
--- /dev/null
+++ b/app/Console/Commands/ClearUser.php
@@ -0,0 +1,51 @@
+<?php
+
+namespace App\Console\Commands;
+
+use App\Models\Ticket;
+use App\Models\User;
+use Illuminate\Console\Command;
+
+class ClearUser extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'clear:user';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = '清理用户';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+        $builder = User::where('plan_id', NULL)
+            ->where('transfer_enable', 0)
+            ->where('expired_at', 0)
+            ->where('last_login_at', NULL);
+        $count = $builder->count();
+        if ($builder->delete()) {
+            $this->info("已删除${count}位没有任何数据的用户");
+        }
+    }
+}
diff --git a/app/Http/Controllers/Passport/AuthController.php b/app/Http/Controllers/Passport/AuthController.php
index 423bd33e..c053be42 100644
--- a/app/Http/Controllers/Passport/AuthController.php
+++ b/app/Http/Controllers/Passport/AuthController.php
@@ -20,6 +20,10 @@ class AuthController extends Controller
 {
     public function register(AuthRegister $request)
     {
+        $registerCountByIP = CacheKey::get('REGISTER_IP_RATE_LIMIT', $request->ip()) || 0;
+        if ($registerCountByIP >= 3) {
+            abort(500, __('Register frequently, please try again after 1 hour'));
+        }
         if ((int)config('v2board.recaptcha_enable', 0)) {
             $recaptcha = new ReCaptcha(config('v2board.recaptcha_key'));
             $recaptchaResp = $recaptcha->verify($request->input('recaptcha_data'));
@@ -109,6 +113,9 @@ class AuthController extends Controller
         ];
         $request->session()->put('email', $user->email);
         $request->session()->put('id', $user->id);
+        $user->last_login_at = time();
+        $user->save();
+        Cache::put(CacheKey::get('REGISTER_IP_RATE_LIMIT', $request->ip()), $registerCountByIP + 1, 3600);
         return response()->json([
             'data' => $data
         ]);
diff --git a/app/Utils/CacheKey.php b/app/Utils/CacheKey.php
index 5cc43bd3..8babf579 100644
--- a/app/Utils/CacheKey.php
+++ b/app/Utils/CacheKey.php
@@ -18,7 +18,8 @@ class CacheKey
         'SERVER_SHADOWSOCKS_LAST_PUSH_AT' => 'ss节点最后推送时间',
         'TEMP_TOKEN' => '临时令牌',
         'LAST_SEND_EMAIL_REMIND_TRAFFIC' => '最后发送流量邮件提醒',
-        'SCHEDULE_LAST_CHECK_AT' => '计划任务最后检查时间'
+        'SCHEDULE_LAST_CHECK_AT' => '计划任务最后检查时间',
+        'REGISTER_IP_RATE_LIMIT' => '注册频率限制'
     ];
 
     public static function get(string $key, $uniqueValue)
diff --git a/resources/lang/en-US.json b/resources/lang/en-US.json
index 04f77349..b44bed14 100644
--- a/resources/lang/en-US.json
+++ b/resources/lang/en-US.json
@@ -87,5 +87,6 @@
     "The service in :app_name is about to expire": "The service in :app_name is about to expire",
     "The coupon can only be used :limit_use_with_user per person": "The coupon can only be used :limit_use_with_user per person",
     "The coupon code cannot be used for this period": "The coupon code cannot be used for this period",
-    "Request failed, please try again later": "Request failed, please try again later"
+    "Request failed, please try again later": "Request failed, please try again later",
+    "Register frequently, please try again after 1 hour": "Register frequently, please try again after 1 hour"
 }
diff --git a/resources/lang/zh-CN.json b/resources/lang/zh-CN.json
index 5425ae0b..4aaba82d 100644
--- a/resources/lang/zh-CN.json
+++ b/resources/lang/zh-CN.json
@@ -87,5 +87,6 @@
     "The service in :app_name is about to expire": "在 :app_name 的服务即将到期",
     "The coupon can only be used :limit_use_with_user per person": "该优惠券每人只能用 :limit_use_with_user 次",
     "The coupon code cannot be used for this period": "此优惠券无法用于该付款周期",
-    "Request failed, please try again later": "请求失败，请稍后再试"
+    "Request failed, please try again later": "请求失败，请稍后再试",
+    "Register frequently, please try again after 1 hour": "注册频繁，请等待1小时后再次尝试"
 }