Home Explore Help
Sign In
eta_gn_server
/
eta_api
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

账号登录加盐

hsun 1 year ago
parent
4c0b5cce0b
commit
80c857d0b7
2 changed files with 46 additions and 24 deletions
Split View Show Diff Stats
  1. 41 23
      controllers/user_login.go
  2. 5 1
      utils/constants.go

+ 41 - 23
controllers/user_login.go
View File 

@@ -250,6 +250,7 @@ func (this *UserLoginController) Login() {
 
 	}()
 
 
 	// 入参
 
+	headerTime := this.Ctx.Input.Header("ReqTime") // 登录时间戳
 
 	type UserLoginReq struct {
 
 		LoginType  int    `description:"登录方式: 1-账号; 2-手机号; 3-邮箱"`
 
 		Username   string `description:"账号"`
 
@@ -308,38 +309,55 @@ func (this *UserLoginController) Login() {
 
 			return
 
 		}
 
 
-		// 账号密码校验
 
+		// 查询账号信息
 
 		errPassKey := fmt.Sprint(utils.CACHE_LOGIN_ERR_PASS, req.Username)
 
-		accountUser, e := system.CheckSysUser(req.Username, req.Password)
 
+		accountUser, e := system.GetSysUserByAdminName(req.Username)
 
 		if e != nil {
 
 			br.Ret = models.BaseRespCodeLoginErr
 
-			if e.Error() == utils.ErrNoRow() {
 
-				br.Msg = "登录失败, 账号或密码错误"
 
-				if isAbnormal != "" {
 
-					return
 
-				}
 
-				// 错误密码计数, 超过6次标记异常
 
-				if !utils.Rc.IsExist(errPassKey) {
 
-					_ = utils.Rc.Put(errPassKey, 1, utils.GetTodayLastSecond())
 
-					return
 
-				}
 
-				errNum, _ := utils.Rc.RedisInt(errPassKey)
 
-				errNum += 1
 
-				if errNum >= 6 {
 
-					br.Ret = models.BaseRespCodeAbnormalLogin
 
-					br.Msg = "账号异常, 请进行手机号/邮箱校验"
 
-					// 标记异常登录, 重置计数
 
-					_ = utils.Rc.Put(abnormalKey, "true", utils.GetTodayLastSecond())
 
-					_ = utils.Rc.Delete(errPassKey)
 
-					return
 
-				}
 
+			br.Msg = "登录失败, 账号或密码错误"
 
+			// 账号查询异常均进行标记, 避免一直尝试进行登录
 
+			if !utils.Rc.IsExist(errPassKey) {
 
+				_ = utils.Rc.Put(errPassKey, 1, utils.GetTodayLastSecond())
 
+				return
 
+			}
 
+			errNum, _ := utils.Rc.RedisInt(errPassKey)
 
+			errNum += 1
 
+			if errNum < 6 {
 
 				_ = utils.Rc.Put(errPassKey, errNum, utils.GetTodayLastSecond())
 
 				return
 
 			}
 
+			// 标记异常登录, 重置计数
 
+			br.Ret = models.BaseRespCodeAbnormalLogin
 
+			br.Msg = "账号异常, 请进行手机号/邮箱校验"
 
+			_ = utils.Rc.Put(abnormalKey, "true", utils.GetTodayLastSecond())
 
+			_ = utils.Rc.Delete(errPassKey)
 
+			return
 
+		}
 
+
 
+		// 账号密码校验
 
+		dbPass := utils.MD5(fmt.Sprintf("%s%s%s", accountUser.Password, utils.UserLoginSalt, headerTime))
 
+		if req.Password != dbPass {
 
+			br.Ret = models.BaseRespCodeLoginErr
 
 			br.Msg = "登录失败, 账号或密码错误"
 
-			br.ErrMsg = "登录失败, Err:" + e.Error()
 
+			// 错误密码计数, 超过6次标记异常
 
+			if !utils.Rc.IsExist(errPassKey) {
 
+				_ = utils.Rc.Put(errPassKey, 1, utils.GetTodayLastSecond())
 
+				return
 
+			}
 
+			errNum, _ := utils.Rc.RedisInt(errPassKey)
 
+			errNum += 1
 
+			if errNum < 6 {
 
+				_ = utils.Rc.Put(errPassKey, errNum, utils.GetTodayLastSecond())
 
+				return
 
+			}
 
+			// 标记异常登录, 重置计数
 
+			br.Ret = models.BaseRespCodeAbnormalLogin
 
+			br.Msg = "账号异常, 请进行手机号/邮箱校验"
 
+			_ = utils.Rc.Put(abnormalKey, "true", utils.GetTodayLastSecond())
 
+			_ = utils.Rc.Delete(errPassKey)
 
 			return
 
 		}
 
+
 
 		if accountUser.Enabled == 0 {
 
 			br.Msg = "您的账号已被禁用, 如需登录, 请联系管理员"
 
 			br.ErrMsg = fmt.Sprintf("账号已被禁用, 登录账号: %s, 账户名称: %s", accountUser.AdminName, accountUser.RealName)

+ 5 - 1
utils/constants.go
View File 

@@ -359,4 +359,8 @@ const (
 
 
 const (
 
 	WindDbWsd = "wsd"
 
-)
 
+)
 
+
 
+const (
 
+	UserLoginSalt = "MiQM9yusNA9T2uIH" // 用户登录盐值
 
+)