update

b/user/mobilecode.dspy

@@ -1,3 +1,70 @@
+async def handle_login_failed(mobile: str) -> bool:
+    """检查短信发送限制，十分钟内最多发送三次"""
+    from datetime import datetime, timedelta
+    db = DBPools()
+    async with db.sqlorContext('kboss') as sor:
+        # 查询该手机号的发送记录
+        records = await sor.R('sms_limit', {'mobile': mobile})
+        
+        current_time = datetime.now()
+        
+        if len(records) == 0:
+            # 首次发送，创建记录
+            await sor.C('sms_limit', {
+                'mobile': mobile,
+                'first_send_time': current_time,
+                'send_count': 1,
+                'last_send_time': current_time,
+                'lock_until': None
+            })
+            return True
+        
+        record = records[0]
+        lock_until = record.get('lock_until', None)
+        if lock_until:
+            lock_until = datetime.strptime(lock_until, '%Y-%m-%d %H:%M:%S')
+        
+        # 检查是否在锁定时间内
+        if record.get('lock_until') and current_time < lock_until:
+            return False
+        
+        # 检查十分钟内的发送次数
+        if record.get('first_send_time'):
+            first_send_time = datetime.strptime(record['first_send_time'], '%Y-%m-%d %H:%M:%S')
+            time_diff = current_time - first_send_time
+            if time_diff < timedelta(minutes=10):
+                # 十分钟内，检查发送次数
+                if record.get('send_count', 0) >= 3:
+                    # 超过三次，锁定10分钟
+                    lock_time = current_time + timedelta(minutes=10)
+                    sql = "update sms_limit set lock_until='%s' where mobile='%s'" % (
+                        lock_time,
+                        mobile
+                    )
+                    await sor.sqlExe(sql, {})
+                    return False
+                else:
+                    # 未超过三次，增加计数
+                    sql = "update sms_limit set send_count='%s', last_send_time='%s' where mobile='%s'" % (
+                        record['send_count'] + 1,
+                        current_time,
+                        mobile
+                    )
+                    await sor.sqlExe(sql, {})
+                    return True
+            else:
+                # 超过十分钟，重置计数
+                sql = "update sms_limit set first_send_time='%s', send_count='%s', last_send_time='%s', lock_until=NULL where mobile='%s'" % (
+                    current_time,
+                    1,
+                    current_time,
+                    mobile
+                )
+                await sor.sqlExe(sql, {})
+                return True
+        
+        return True
+
 async def mobilecode(ns):
     """发送短信验证码，支持注册和登录筛选"""
     db = DBPools()
@@ -13,6 +80,11 @@ async def mobilecode(ns):
         if not mobile:
             return {'status': False, 'msg': '手机号不能为空'}
         
+        # 检查短信发送限制
+        can_send = await handle_login_failed(mobile)
+        if not can_send:
+            return {'status': False, 'msg': '发送过于频繁，请10分钟后再试'}
+        
         userreacs = await sor.R('users', {'mobile': mobile, 'del_flg': '0'})
         
         # 注册逻辑：检查手机号是否已存在
@@ -65,4 +137,4 @@ async def mobilecode(ns):
 
 
 ret = await mobilecode(params_kw)
-return ret 
+return ret

kgadget/src/baiDuSmsClient.py

@@ -33,8 +33,8 @@ class BaiduSMS:
         # self.signature_id = 'sms-sign-BqOhYB33019' # 开元云
         # self.signature_id = 'sms-sign-LOShPq75464' # 开元云北京
         # self.signature_id = 'sms-sign-xQYUwp42637' # 开元云北京
-        # self.signature_id = 'sms-sign-SyPAar57327' # 开元云北京科技
-        self.signature_id = 'sms-sign-JEimHH86684' # 开元数智北京科技
+        self.signature_id = 'sms-sign-SyPAar57327' # 开元云北京科技
+        # self.signature_id = 'sms-sign-JEimHH86684' # 开元数智北京科技
         # 短信模板类型映射（键为业务类型，值为对应模板ID）
         self.sms_types = {
             "注册登录验证": "sms-tpl-123",  # 示例模板ID