yanyu/v2board
1
0
Fork 0
mirror of https://github.com/v2board/v2board.git synced 2024-11-10 09:39:10 +08:00
Code Issues Packages Projects Releases Wiki Activity

update: password check limit

Browse Source
This commit is contained in:
tokumeikoi 2022-12-14 22:58:42 +08:00
parent 4398f05b91
commit c36a54dae2
4 changed files with 18 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
app/Http/Controllers/Passport/AuthController.php
View File

@ -190,6 +190,12 @@ class AuthController extends Controller
$email = $request->input('email'); $email = $request->input('email');
$password = $request->input('password'); $password = $request->input('password');
$passwordErrorCount = (int)Cache::get('PASSWORD_ERROR_LIMIT') || 0;
if ($passwordErrorCount >= 5) {
abort(500, __('Incorrect email or password'));
}
$user = User::where('email', $email)->first(); $user = User::where('email', $email)->first();
if (!$user) { if (!$user) {
abort(500, __('Incorrect email or password')); abort(500, __('Incorrect email or password'));
@ -200,6 +206,12 @@ class AuthController extends Controller
$password, $password,
$user->password) $user->password)
) { ) {
$passwordErrorCount = Cache::get('PASSWORD_ERROR_LIMIT') || 0;
Cache::put(
CacheKey::get('PASSWORD_ERROR_LIMIT', $email),
(int)$passwordErrorCount + 1,
30 * 60
);
abort(500, __('Incorrect email or password')); abort(500, __('Incorrect email or password'));
} }

3
app/Utils/CacheKey.php
View File

@ -20,7 +20,8 @@ class CacheKey
'LAST_SEND_EMAIL_REMIND_TRAFFIC' => '最后发送流量邮件提醒', 'LAST_SEND_EMAIL_REMIND_TRAFFIC' => '最后发送流量邮件提醒',
'SCHEDULE_LAST_CHECK_AT' => '计划任务最后检查时间', 'SCHEDULE_LAST_CHECK_AT' => '计划任务最后检查时间',
'REGISTER_IP_RATE_LIMIT' => '注册频率限制', 'REGISTER_IP_RATE_LIMIT' => '注册频率限制',
'LAST_SEND_LOGIN_WITH_MAIL_LINK_TIMESTAMP' => '最后一次发送登入链接时间' 'LAST_SEND_LOGIN_WITH_MAIL_LINK_TIMESTAMP' => '最后一次发送登入链接时间',
'PASSWORD_ERROR_LIMIT' => '密码错误次数限制'
]; ];
public static function get(string $key, $uniqueValue) public static function get(string $key, $uniqueValue)

3
resources/lang/en-US.json
View File

@ -93,5 +93,6 @@
"This subscription reset package does not apply to your subscription": "This subscription reset package does not apply to your subscription", "This subscription reset package does not apply to your subscription": "This subscription reset package does not apply to your subscription",
"Login to :name": "Login to :name", "Login to :name": "Login to :name",
"Sending frequently, please try again later": "Sending frequently, please try again later", "Sending frequently, please try again later": "Sending frequently, please try again later",
"Current product is sold out": "Current product is sold out" "Current product is sold out": "Current product is sold out",
"There are too many password errors, please try again after 30 minutes.": "There are too many password errors, please try again after 30 minutes."
} }

3
resources/lang/zh-CN.json
View File

@ -93,5 +93,6 @@
"This subscription reset package does not apply to your subscription": "该订阅重置包不适用于你的订阅", "This subscription reset package does not apply to your subscription": "该订阅重置包不适用于你的订阅",
"Login to :name": "登入到 :name", "Login to :name": "登入到 :name",
"Sending frequently, please try again later": "发送频繁,请稍后再试", "Sending frequently, please try again later": "发送频繁,请稍后再试",
"Current product is sold out": "当前商品已售罄" "Current product is sold out": "当前商品已售罄",
"There are too many password errors, please try again after 30 minutes.": "密码错误次数过多,请 30 分钟后再试"
} }