10 Commits 30da95a12b ... f176880714

Autor SHA1 Mensagem Data
  gmy f176880714 Merge branch 'yb_233_add_validity_period_0829@guomengyuan' 1 dia atrás
  gmy c5fbc140cb 233-登录验证码获取限制-验证码限制 1 mês atrás
  gmy 15d961aa1e 233-登录验证码获取限制-验证码限制 1 mês atrás
  gmy e0308a3019 233-登录验证码获取限制-验证码限制 1 mês atrás
  gmy 8d1d2b51cb Revert "233-登录验证码获取限制-验证码限制" 1 mês atrás
  gmy 875fd48eba 233-登录验证码获取限制-验证码限制 1 mês atrás
  gmy 277470e4d0 233-登录验证码获取限制-验证码限制 1 mês atrás
  gmy 91476e1bfa 233-登录验证码获取限制-邮箱限制 3 meses atrás
  gmy 68a891814c 233-登录验证码获取限制 3 meses atrás
  gmy e1a0787449 233-登录验证码获取限制 3 meses atrás
3 arquivos alterados com 28 adições e 1 exclusões
  1. 8 0
      controller/pc/pc.go
  2. 19 0
      logic/user/user.go
  3. 1 1
      models/tables/rddp/msg_code/query.go

+ 8 - 0
controller/pc/pc.go

@@ -702,6 +702,10 @@ func PcLogin(c *gin.Context) {
 			response.Fail("手机验证码错误,请重新输入", c)
 			return
 		}
+		if item.Code != req.SmsCode {
+			response.Fail("验证码失效,请重新最新验证码", c)
+			return
+		}
 
 		wxUser, err := wx_user.GetByMobile(req.Mobile)
 		if err != nil {
@@ -898,6 +902,8 @@ func GetSmsCode(c *gin.Context) {
 	if err != nil {
 		if errMsg != "" {
 			errMsg = "获取验证码失败"
+		} else {
+			errMsg = err.Error()
 		}
 		response.Fail(errMsg, c)
 		return
@@ -933,6 +939,8 @@ func GetEmailCode(c *gin.Context) {
 	if err != nil {
 		if errMsg != "" {
 			errMsg = "获取验证码失败"
+		} else {
+			errMsg = err.Error()
 		}
 		response.Fail(errMsg, c)
 		return

+ 19 - 0
logic/user/user.go

@@ -1,7 +1,9 @@
 package user
 
 import (
+	"context"
 	"errors"
+	"hongze/hongze_yb/global"
 	userReq "hongze/hongze_yb/models/request/user"
 	admin2 "hongze/hongze_yb/models/tables/admin"
 	"hongze/hongze_yb/models/tables/company"
@@ -432,6 +434,13 @@ func GetUserTabBar(userInfo user.UserInfo, version string) (list []string, err e
 
 // PcSendSmsCode 发送手机短信
 func PcSendSmsCode(mobile, areaNum string) (err error, errMsg string) {
+	cacheKey := utils.HONGZEYB_ + "REPORT_SMS_CODE_PC:GetSmsCode:" + areaNum + ":" + mobile
+	smsCodeStr, _ := global.Redis.Get(context.TODO(), cacheKey).Result()
+	if smsCodeStr != "" {
+		err = errors.New("请勿频繁发送验证码")
+		return
+	}
+
 	if mobile == "" {
 		err = errors.New("请输入手机号")
 		return
@@ -447,6 +456,7 @@ func PcSendSmsCode(mobile, areaNum string) (err error, errMsg string) {
 	}
 	//发送成功
 	if result {
+		// 验证码存库
 		item := &msg_code.MsgCode{
 			Mobile:          mobile,
 			Code:            msgCode,
@@ -456,6 +466,7 @@ func PcSendSmsCode(mobile, areaNum string) (err error, errMsg string) {
 			LastUpdatedTime: time.Time{},
 		}
 		err = item.Create()
+		global.Redis.Set(context.TODO(), cacheKey, msgCode, 60*time.Second)
 	} else {
 		err = errors.New("短信发送失败")
 	}
@@ -472,6 +483,13 @@ func PcSendEmailCode(email string) (err error, errMsg string) {
 		err = errors.New("邮箱格式错误,请重新输入")
 		return
 	}
+	cacheKey := utils.HONGZEYB_ + "REPORT_SMS_CODE_PC:PcSendEmailCode:" + email
+	smsCodeStr, _ := global.Redis.Get(context.TODO(), cacheKey).Result()
+	if smsCodeStr != "" {
+		err = errors.New("请勿频繁发送验证码")
+		return
+	}
+
 	msgCode := utils.GetRandDigit(4)
 	content := "尊敬的用户:</br>您好,感谢您使用弘则研究,您正在进行邮箱验证,本次请求的验证码为:" + msgCode + "(为了保障您账号的安全性,请在15分钟内完成验证。)</br>弘则研究团队 </br>" + time.Now().Format(utils.FormatDateCN)
 	title := "弘则研究登陆验证"
@@ -488,6 +506,7 @@ func PcSendEmailCode(email string) (err error, errMsg string) {
 			LastUpdatedTime: time.Time{},
 		}
 		err = item.Create()
+		global.Redis.Set(context.TODO(), cacheKey, msgCode, 60*time.Second)
 	} else {
 		err = errors.New("发送失败")
 	}

+ 1 - 1
models/tables/rddp/msg_code/query.go

@@ -6,6 +6,6 @@ import (
 
 // GetMsgCode 根据token获取信息
 func GetMsgCode(mobile, code string) (item *MsgCode, err error) {
-	err = rddp.GetDb().Where("mobile = ? and code = ? and FROM_UNIXTIME(expired_in)>=NOW() ", mobile, code).First(&item).Error
+	err = rddp.GetDb().Where("mobile = ? and FROM_UNIXTIME(expired_in)>=NOW() ", mobile).Order("msg_code_id DESC").First(&item).Error
 	return
 }