main #105
@ -140,7 +140,7 @@ async def logintype(ns):
|
|||||||
async with db.sqlorContext('kboss') as sor:
|
async with db.sqlorContext('kboss') as sor:
|
||||||
|
|
||||||
domain_name = ns.get('domain_name')
|
domain_name = ns.get('domain_name')
|
||||||
if domain_name in ['www.opencomputing.cn', 'dev.opencomputing.cn', 'localhost:9527'] and ns.get('username') not in ['开元云(北京)科技有限公司', 'admin', 'kyy_root', 'kyy_kaiyuan', 'kyacloud']:
|
if domain_name in ['www.opencomputing.cn', 'dev.opencomputing.cn', 'localhost:9527'] and ns.get('username') not in ['开元云(北京)科技有限公司', 'admin', 'kyy_root', 'kyy_kaiyuan', 'kyacloud', 'kyy_运营', 'kyy_销售', 'kyy_财务']:
|
||||||
|
|
||||||
# 登录失败次数限制
|
# 登录失败次数限制
|
||||||
login_allowed = await check_login_allowed(ns.get('username'))
|
login_allowed = await check_login_allowed(ns.get('username'))
|
||||||
|
|||||||
@ -1,3 +1,70 @@
|
|||||||
|
async def handle_login_failed(mobile: str) -> bool:
|
||||||
|
"""检查短信发送限制,十分钟内最多发送三次"""
|
||||||
|
from datetime import datetime, timedelta
|
||||||
|
db = DBPools()
|
||||||
|
async with db.sqlorContext('kboss') as sor:
|
||||||
|
# 查询该手机号的发送记录
|
||||||
|
records = await sor.R('sms_limit', {'mobile': mobile})
|
||||||
|
|
||||||
|
current_time = datetime.now()
|
||||||
|
|
||||||
|
if len(records) == 0:
|
||||||
|
# 首次发送,创建记录
|
||||||
|
await sor.C('sms_limit', {
|
||||||
|
'mobile': mobile,
|
||||||
|
'first_send_time': current_time,
|
||||||
|
'send_count': 1,
|
||||||
|
'last_send_time': current_time,
|
||||||
|
'lock_until': None
|
||||||
|
})
|
||||||
|
return True
|
||||||
|
|
||||||
|
record = records[0]
|
||||||
|
lock_until = record.get('lock_until', None)
|
||||||
|
if lock_until:
|
||||||
|
lock_until = datetime.strptime(lock_until, '%Y-%m-%d %H:%M:%S')
|
||||||
|
|
||||||
|
# 检查是否在锁定时间内
|
||||||
|
if record.get('lock_until') and current_time < lock_until:
|
||||||
|
return False
|
||||||
|
|
||||||
|
# 检查十分钟内的发送次数
|
||||||
|
if record.get('first_send_time'):
|
||||||
|
first_send_time = datetime.strptime(record['first_send_time'], '%Y-%m-%d %H:%M:%S')
|
||||||
|
time_diff = current_time - first_send_time
|
||||||
|
if time_diff < timedelta(minutes=10):
|
||||||
|
# 十分钟内,检查发送次数
|
||||||
|
if record.get('send_count', 0) >= 3:
|
||||||
|
# 超过三次,锁定10分钟
|
||||||
|
lock_time = current_time + timedelta(minutes=10)
|
||||||
|
sql = "update sms_limit set lock_until='%s' where mobile='%s'" % (
|
||||||
|
lock_time,
|
||||||
|
mobile
|
||||||
|
)
|
||||||
|
await sor.sqlExe(sql, {})
|
||||||
|
return False
|
||||||
|
else:
|
||||||
|
# 未超过三次,增加计数
|
||||||
|
sql = "update sms_limit set send_count='%s', last_send_time='%s' where mobile='%s'" % (
|
||||||
|
record['send_count'] + 1,
|
||||||
|
current_time,
|
||||||
|
mobile
|
||||||
|
)
|
||||||
|
await sor.sqlExe(sql, {})
|
||||||
|
return True
|
||||||
|
else:
|
||||||
|
# 超过十分钟,重置计数
|
||||||
|
sql = "update sms_limit set first_send_time='%s', send_count='%s', last_send_time='%s', lock_until=NULL where mobile='%s'" % (
|
||||||
|
current_time,
|
||||||
|
1,
|
||||||
|
current_time,
|
||||||
|
mobile
|
||||||
|
)
|
||||||
|
await sor.sqlExe(sql, {})
|
||||||
|
return True
|
||||||
|
|
||||||
|
return True
|
||||||
|
|
||||||
async def mobilecode(ns):
|
async def mobilecode(ns):
|
||||||
"""发送短信验证码,支持注册和登录筛选"""
|
"""发送短信验证码,支持注册和登录筛选"""
|
||||||
db = DBPools()
|
db = DBPools()
|
||||||
@ -13,6 +80,11 @@ async def mobilecode(ns):
|
|||||||
if not mobile:
|
if not mobile:
|
||||||
return {'status': False, 'msg': '手机号不能为空'}
|
return {'status': False, 'msg': '手机号不能为空'}
|
||||||
|
|
||||||
|
# 检查短信发送限制
|
||||||
|
can_send = await handle_login_failed(mobile)
|
||||||
|
if not can_send:
|
||||||
|
return {'status': False, 'msg': '发送过于频繁,请10分钟后再试'}
|
||||||
|
|
||||||
userreacs = await sor.R('users', {'mobile': mobile, 'del_flg': '0'})
|
userreacs = await sor.R('users', {'mobile': mobile, 'del_flg': '0'})
|
||||||
|
|
||||||
# 注册逻辑:检查手机号是否已存在
|
# 注册逻辑:检查手机号是否已存在
|
||||||
@ -65,4 +137,4 @@ async def mobilecode(ns):
|
|||||||
|
|
||||||
|
|
||||||
ret = await mobilecode(params_kw)
|
ret = await mobilecode(params_kw)
|
||||||
return ret
|
return ret
|
||||||
@ -33,7 +33,8 @@ class BaiduSMS:
|
|||||||
# self.signature_id = 'sms-sign-BqOhYB33019' # 开元云
|
# self.signature_id = 'sms-sign-BqOhYB33019' # 开元云
|
||||||
# self.signature_id = 'sms-sign-LOShPq75464' # 开元云北京
|
# self.signature_id = 'sms-sign-LOShPq75464' # 开元云北京
|
||||||
# self.signature_id = 'sms-sign-xQYUwp42637' # 开元云北京
|
# self.signature_id = 'sms-sign-xQYUwp42637' # 开元云北京
|
||||||
self.signature_id = 'sms-sign-JEimHH86684' # 开元云北京
|
self.signature_id = 'sms-sign-SyPAar57327' # 开元云北京科技
|
||||||
|
# self.signature_id = 'sms-sign-JEimHH86684' # 开元数智北京科技
|
||||||
# 短信模板类型映射(键为业务类型,值为对应模板ID)
|
# 短信模板类型映射(键为业务类型,值为对应模板ID)
|
||||||
self.sms_types = {
|
self.sms_types = {
|
||||||
"注册登录验证": "sms-tpl-123", # 示例模板ID
|
"注册登录验证": "sms-tpl-123", # 示例模板ID
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user