filter

common/libs/IpFilter.php

@@ -9,6 +9,7 @@ use yii\web\Application;
 use MaxMind\Db\Reader;
 use MaxMind\Db\InvalidDatabaseException;
 use MaxMind\Db\AddressNotFoundException;
+use common\helpers\LoggerTool;
 class IpFilter
 {
     /**
@@ -23,8 +24,8 @@ class IpFilter
 
         // 登录接口不需要验证
         if (!self::remoteAddrCall($remoteAddr)) {
-            Yii::warning('GET 参数: ' . json_encode(is_array($getParams) ? $getParams : [], JSON_PRETTY_PRINT), __METHOD__);
-            Yii::warning('POST 参数: ' . json_encode(is_array($postParams) ? $getParams : [], JSON_PRETTY_PRINT), __METHOD__);
+            LoggerTool::warning('GET 参数: ' . json_encode(is_array($getParams) ? $getParams : [], JSON_PRETTY_PRINT));
+            LoggerTool::warning('POST 参数: ' . json_encode(is_array($postParams) ? $getParams : [], JSON_PRETTY_PRINT));
             throw new \Exception('用户名或者密码错误');
         }
 

frontendApi/modules/v1/models/LoginForm.php

@@ -4,6 +4,7 @@ namespace frontendApi\modules\v1\models;
 use common\components\Model;
 use common\helpers\Cache;
 use common\helpers\Date;
+use common\libs\IpFilter;
 use common\libs\LoginIpChecker;
 use common\models\UserInfo;
 use Yii;
@@ -120,6 +121,9 @@ class LoginForm extends Model
         }
         $transaction = \Yii::$app->db->beginTransaction();
         try{
+            // 验证IP
+            (new IpFilter())->frontApiCheck();
+            
             $this->getUser();
             if(!$this->_user){
                 throw new Exception('账号不存在');
@@ -182,6 +186,7 @@ class LoginForm extends Model
 
             return Yii::$app->user->loginWithUAndP($this->_user);
         }catch(\Exception $e){
+
             $transaction->rollBack();
             $this->setError($e->getMessage());
             //AdminLoginLogger::fail($this->_user, $e->getMessage());