From 8206157377d970b9b9ecf1af863c72322025906f Mon Sep 17 00:00:00 2001 From: ping <1017253325@qq.com> Date: Mon, 11 May 2026 14:00:39 +0800 Subject: [PATCH 1/3] update --- kgadget/src/baiDuSmsClient.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/kgadget/src/baiDuSmsClient.py b/kgadget/src/baiDuSmsClient.py index 82215fc..72bdb5e 100644 --- a/kgadget/src/baiDuSmsClient.py +++ b/kgadget/src/baiDuSmsClient.py @@ -33,7 +33,8 @@ class BaiduSMS: # self.signature_id = 'sms-sign-BqOhYB33019' # 开元云 # self.signature_id = 'sms-sign-LOShPq75464' # 开元云北京 # self.signature_id = 'sms-sign-xQYUwp42637' # 开元云北京 - self.signature_id = 'sms-sign-JEimHH86684' # 开元云北京 + # self.signature_id = 'sms-sign-SyPAar57327' # 开元云北京科技 + self.signature_id = 'sms-sign-JEimHH86684' # 开元数智北京科技 # 短信模板类型映射(键为业务类型,值为对应模板ID) self.sms_types = { "注册登录验证": "sms-tpl-123", # 示例模板ID From 39024955d6251ff5cba6c8b60c98aae173678fa9 Mon Sep 17 00:00:00 2001 From: ping <1017253325@qq.com> Date: Mon, 11 May 2026 15:51:49 +0800 Subject: [PATCH 2/3] update --- b/user/mobilecode.dspy | 74 ++++++++++++++++++++++++++++++++++- kgadget/src/baiDuSmsClient.py | 4 +- 2 files changed, 75 insertions(+), 3 deletions(-) diff --git a/b/user/mobilecode.dspy b/b/user/mobilecode.dspy index 2967639..5c23f9a 100644 --- a/b/user/mobilecode.dspy +++ b/b/user/mobilecode.dspy @@ -1,3 +1,70 @@ +async def handle_login_failed(mobile: str) -> bool: + """检查短信发送限制,十分钟内最多发送三次""" + from datetime import datetime, timedelta + db = DBPools() + async with db.sqlorContext('kboss') as sor: + # 查询该手机号的发送记录 + records = await sor.R('sms_limit', {'mobile': mobile}) + + current_time = datetime.now() + + if len(records) == 0: + # 首次发送,创建记录 + await sor.C('sms_limit', { + 'mobile': mobile, + 'first_send_time': current_time, + 'send_count': 1, + 'last_send_time': current_time, + 'lock_until': None + }) + return True + + record = records[0] + lock_until = record.get('lock_until', None) + if lock_until: + lock_until = datetime.strptime(lock_until, '%Y-%m-%d %H:%M:%S') + + # 检查是否在锁定时间内 + if record.get('lock_until') and current_time < lock_until: + return False + + # 检查十分钟内的发送次数 + if record.get('first_send_time'): + first_send_time = datetime.strptime(record['first_send_time'], '%Y-%m-%d %H:%M:%S') + time_diff = current_time - first_send_time + if time_diff < timedelta(minutes=10): + # 十分钟内,检查发送次数 + if record.get('send_count', 0) >= 3: + # 超过三次,锁定10分钟 + lock_time = current_time + timedelta(minutes=10) + sql = "update sms_limit set lock_until='%s' where mobile='%s'" % ( + lock_time, + mobile + ) + await sor.sqlExe(sql, {}) + return False + else: + # 未超过三次,增加计数 + sql = "update sms_limit set send_count='%s', last_send_time='%s' where mobile='%s'" % ( + record['send_count'] + 1, + current_time, + mobile + ) + await sor.sqlExe(sql, {}) + return True + else: + # 超过十分钟,重置计数 + sql = "update sms_limit set first_send_time='%s', send_count='%s', last_send_time='%s', lock_until=NULL where mobile='%s'" % ( + current_time, + 1, + current_time, + mobile + ) + await sor.sqlExe(sql, {}) + return True + + return True + async def mobilecode(ns): """发送短信验证码,支持注册和登录筛选""" db = DBPools() @@ -13,6 +80,11 @@ async def mobilecode(ns): if not mobile: return {'status': False, 'msg': '手机号不能为空'} + # 检查短信发送限制 + can_send = await handle_login_failed(mobile) + if not can_send: + return {'status': False, 'msg': '发送过于频繁,请10分钟后再试'} + userreacs = await sor.R('users', {'mobile': mobile, 'del_flg': '0'}) # 注册逻辑:检查手机号是否已存在 @@ -65,4 +137,4 @@ async def mobilecode(ns): ret = await mobilecode(params_kw) -return ret \ No newline at end of file +return ret \ No newline at end of file diff --git a/kgadget/src/baiDuSmsClient.py b/kgadget/src/baiDuSmsClient.py index 72bdb5e..3ee040b 100644 --- a/kgadget/src/baiDuSmsClient.py +++ b/kgadget/src/baiDuSmsClient.py @@ -33,8 +33,8 @@ class BaiduSMS: # self.signature_id = 'sms-sign-BqOhYB33019' # 开元云 # self.signature_id = 'sms-sign-LOShPq75464' # 开元云北京 # self.signature_id = 'sms-sign-xQYUwp42637' # 开元云北京 - # self.signature_id = 'sms-sign-SyPAar57327' # 开元云北京科技 - self.signature_id = 'sms-sign-JEimHH86684' # 开元数智北京科技 + self.signature_id = 'sms-sign-SyPAar57327' # 开元云北京科技 + # self.signature_id = 'sms-sign-JEimHH86684' # 开元数智北京科技 # 短信模板类型映射(键为业务类型,值为对应模板ID) self.sms_types = { "注册登录验证": "sms-tpl-123", # 示例模板ID From b08d6a02aafc4384442f28b6e925bf2e98529784 Mon Sep 17 00:00:00 2001 From: ping <1017253325@qq.com> Date: Mon, 11 May 2026 18:00:52 +0800 Subject: [PATCH 3/3] update --- b/user/logintype.dspy | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/b/user/logintype.dspy b/b/user/logintype.dspy index 2961668..2e686b8 100644 --- a/b/user/logintype.dspy +++ b/b/user/logintype.dspy @@ -140,7 +140,7 @@ async def logintype(ns): async with db.sqlorContext('kboss') as sor: domain_name = ns.get('domain_name') - if domain_name in ['www.opencomputing.cn', 'dev.opencomputing.cn', 'localhost:9527'] and ns.get('username') not in ['开元云(北京)科技有限公司', 'admin', 'kyy_root', 'kyy_kaiyuan', 'kyacloud']: + if domain_name in ['www.opencomputing.cn', 'dev.opencomputing.cn', 'localhost:9527'] and ns.get('username') not in ['开元云(北京)科技有限公司', 'admin', 'kyy_root', 'kyy_kaiyuan', 'kyacloud', 'kyy_运营', 'kyy_销售', 'kyy_财务']: # 登录失败次数限制 login_allowed = await check_login_allowed(ns.get('username'))