update: register limit by ip

2025-10-31 09:21:46 +08:00 · 2022-03-29 20:39:22 +08:00
parent c6cc307147
commit 9d45b71731
5 changed files with 64 additions and 3 deletions
--- a/app/Console/Commands/ClearUser.php
+++ b/app/Console/Commands/ClearUser.php
@@ -0,0 +1,51 @@
+<?php
+
+namespace App\Console\Commands;
+
+use App\Models\Ticket;
+use App\Models\User;
+use Illuminate\Console\Command;
+
+class ClearUser extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'clear:user';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = '清理用户';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+        $builder = User::where('plan_id', NULL)
+            ->where('transfer_enable', 0)
+            ->where('expired_at', 0)
+            ->where('last_login_at', NULL);
+        $count = $builder->count();
+        if ($builder->delete()) {
+            $this->info("已删除${count}位没有任何数据的用户");
+        }
+    }
+}
--- a/app/Http/Controllers/Passport/AuthController.php
+++ b/app/Http/Controllers/Passport/AuthController.php
@@ -20,6 +20,10 @@ class AuthController extends Controller
 {
    public function register(AuthRegister $request)
    {
+        $registerCountByIP = CacheKey::get('REGISTER_IP_RATE_LIMIT', $request->ip()) || 0;
+        if ($registerCountByIP >= 3) {
+            abort(500, __('Register frequently, please try again after 1 hour'));
+        }
        if ((int)config('v2board.recaptcha_enable', 0)) {
            $recaptcha = new ReCaptcha(config('v2board.recaptcha_key'));
            $recaptchaResp = $recaptcha->verify($request->input('recaptcha_data'));
@@ -109,6 +113,9 @@ class AuthController extends Controller
        ];
        $request->session()->put('email', $user->email);
        $request->session()->put('id', $user->id);
+        $user->last_login_at = time();
+        $user->save();
+        Cache::put(CacheKey::get('REGISTER_IP_RATE_LIMIT', $request->ip()), $registerCountByIP + 1, 3600);
        return response()->json([
            'data' => $data
        ]);
--- a/app/Utils/CacheKey.php
+++ b/app/Utils/CacheKey.php
@@ -18,7 +18,8 @@ class CacheKey
        'SERVER_SHADOWSOCKS_LAST_PUSH_AT' => 'ss节点最后推送时间',
        'TEMP_TOKEN' => '临时令牌',
        'LAST_SEND_EMAIL_REMIND_TRAFFIC' => '最后发送流量邮件提醒',
-        'SCHEDULE_LAST_CHECK_AT' => '计划任务最后检查时间'
+        'SCHEDULE_LAST_CHECK_AT' => '计划任务最后检查时间',
+        'REGISTER_IP_RATE_LIMIT' => '注册频率限制'
    ];

    public static function get(string $key, $uniqueValue)