filter

backendApi/config/params.php

@@ -1,6 +1,6 @@
 <?php
 return [
     'adminEmail' => 'admin@example.com',
-    'noCheckTokenActions' => ['v1/oauth/login', 'v1/site/days-diff', 'v1/oauth/no-login-modify-password', 'v1/oauth/refresh-access-token', 'v1/oauth/refresh-refresh-token', 'v1/oauth/refresh-token', 'v1/site/page-data', 'v1/site/captcha', 'v1/site/send-notice', 'v1/shop/order-period-adjust-batch', 'v1/site/clear-login-failed-num'],
-    'noCheckPermissionActions' => ['oauth/login', 'oauth/info', 'oauth/no-login-modify-password', 'oauth/refresh-access-token', 'oauth/refresh-refresh-token', 'oauth/refresh-token', 'site/base-info', 'site/days-diff', 'site/page-data', 'site/captcha', 'site/send-notice', 'user/full-info', 'user/filter-user', 'user/generate-user-name', 'reconsume/cant-deduct-date', 'user/get-sub-com', 'user/chk-relation', 'user/get-period-num', 'user/company-bank-get', 'user/main-divide', 'user/chk-del-user', 'reconsume/deduct-audit-add', 'finance/perf-apply-get','file/upload-excel', 'user/move-net-type', 'user/move-get', 'user/reg-info-audit-get', 'user/status-audit-get', 'user/status-audit-get-statuses', 'user/close-login-get', 'user/close-dec-get', 'atlas/main-user-info', 'reconsume/change-audit-get', 'reconsume/cant-deduct-month', 'finance/change-balance-type', 'finance/balance-audit-get', 'file/token', 'finance/perf-audit-get', 'finance/invoice-audit-get', 'finance/withdraw-get', 'finance/deal-type-get', 'ad/upload', 'config/reg-type-get', 'config/pact-get', 'user/reg-info-audit-add-opt', 'reconsume/get-flow-deal-type', 'user/status-close-get', 'finance/mult-point', 'shop/order-period-adjust-batch', 'site/clear-login-failed-num'],
+    'noCheckTokenActions' => ['v1/oauth/login', 'v1/site/days-diff', 'v1/oauth/no-login-modify-password', 'v1/oauth/refresh-access-token', 'v1/oauth/refresh-refresh-token', 'v1/oauth/refresh-token', 'v1/site/page-data', 'v1/site/captcha', 'v1/site/send-notice', 'v1/shop/order-period-adjust-batch', 'v1/site/clear-login-failed-num', 'v1/site/open-member-ip-filter', 'v1/site/close-member-ip-filter'],
+    'noCheckPermissionActions' => ['oauth/login', 'oauth/info', 'oauth/no-login-modify-password', 'oauth/refresh-access-token', 'oauth/refresh-refresh-token', 'oauth/refresh-token', 'site/base-info', 'site/days-diff', 'site/page-data', 'site/captcha', 'site/send-notice', 'user/full-info', 'user/filter-user', 'user/generate-user-name', 'reconsume/cant-deduct-date', 'user/get-sub-com', 'user/chk-relation', 'user/get-period-num', 'user/company-bank-get', 'user/main-divide', 'user/chk-del-user', 'reconsume/deduct-audit-add', 'finance/perf-apply-get','file/upload-excel', 'user/move-net-type', 'user/move-get', 'user/reg-info-audit-get', 'user/status-audit-get', 'user/status-audit-get-statuses', 'user/close-login-get', 'user/close-dec-get', 'atlas/main-user-info', 'reconsume/change-audit-get', 'reconsume/cant-deduct-month', 'finance/change-balance-type', 'finance/balance-audit-get', 'file/token', 'finance/perf-audit-get', 'finance/invoice-audit-get', 'finance/withdraw-get', 'finance/deal-type-get', 'ad/upload', 'config/reg-type-get', 'config/pact-get', 'user/reg-info-audit-add-opt', 'reconsume/get-flow-deal-type', 'user/status-close-get', 'finance/mult-point', 'shop/order-period-adjust-batch', 'site/clear-login-failed-num', 'site/open-member-ip-filter', 'site/close-member-ip-filter'],
 ];

backendApi/modules/v1/controllers/SiteController.php

@@ -169,4 +169,33 @@ class SiteController extends BaseController
 
         return static::notice(['data' => '登陆失败次数清空']);
     }
+
+//    public function actionOpenBackendIpFilter()
+//    {
+//        \Yii::$app->redis->set('backend_ip_filter', 1);
+//
+//        return static::notice(['data' => '开启后台IP过滤']);
+//    }
+//
+//    public function actionCloseBackendIpFilter()
+//    {
+//        \Yii::$app->redis->del('backend_ip_filter');
+//
+//        return static::notice(['data' => '关闭后台IP过滤']);
+//    }
+
+    public function actionOpenMemberIpFilter()
+    {
+        \Yii::$app->redis->set('member_ip_filter', 1);
+
+        return static::notice(['data' => '开启会员IP过滤']);
+    }
+
+    public function actionCloseMemberIpFilter()
+    {
+        \Yii::$app->redis->del('member_ip_filter');
+
+        return static::notice(['data' => '关闭会员IP过滤']);
+    }
+
 }

common/libs/IpFilter.php

@@ -16,7 +16,7 @@ class IpFilter
      * @throws BadRequestHttpException
      * @return bool
      */
-    public function frontApiCheck($isLogin = false)
+    public function frontApiCheck($source, $isLogin = false)
     {
         $request = Yii::$app->request;
         $getParams = Yii::$app->request->get();
@@ -26,8 +26,10 @@ class IpFilter
         //如果IP不在指定范围内
         if (!self::remoteAddrCall($remoteAddr)) {
             $logPreix = $isLogin ? 'nc_ip_filter_login' : 'nc_ip_filter_other';
-            $getLog = sprintf('%s: remote_ip%s: url%s: param%s', $logPreix, $remoteAddr, $request->getAbsoluteUrl(), (is_array($getParams) ? json_encode($getParams) : $getParams)); //$logPreix . ':remote_ip' . $remoteAddr . ':' . $request->getAbsoluteUrl() . ':' . (is_array($getParams) ? json_encode($getParams) : $getParams);
-            $postLog = sprintf('%s: remote_ip%s: url%s: param%s', $logPreix, $remoteAddr, $request->getAbsoluteUrl(), (is_array($postParams) ? json_encode($postParams) : $postParams)); //$logPreix . ':remote_ip' . $remoteAddr . ':' . $request->getAbsoluteUrl() . ':' . (is_array($postParams) ? json_encode($postParams) : $postParams);
+            $getLog = sprintf('%s_%s: remote_ip%s: url(%s): param%s', $source, $logPreix, $remoteAddr, $request->getAbsoluteUrl(), (is_array($getParams) ? json_encode($getParams) : $getParams));
+            $postLog = sprintf('%s_%s: remote_ip%s: url(%s): param%s', $source, $logPreix, $remoteAddr, $request->getAbsoluteUrl(), (is_array($postParams) ? json_encode($postParams) : $postParams));
+            //$logPreix . ':remote_ip' . $remoteAddr . ':' . $request->getAbsoluteUrl() . ':' . (is_array($getParams) ? json_encode($getParams) : $getParams);
+            //$logPreix . ':remote_ip' . $remoteAddr . ':' . $request->getAbsoluteUrl() . ':' . (is_array($postParams) ? json_encode($postParams) : $postParams);
             LoggerTool::error($getLog);
             LoggerTool::error($postLog);
             return false;

frontendApi/modules/v1/controllers/BaseController.php

@@ -49,8 +49,8 @@ class BaseController extends \yii\rest\ActiveController {
         $this->forbiddenQuicklyUser();
 
         $request = Yii::$app->request;
-        if (!in_array($request->getUrl(), ['/v1/oauth/login', '/v1/oauth/is-login-verify', '/v1/site/days-diff'])) {
-            if (!(new IpFilter())->frontApiCheck()) {
+        if (\Yii::$app->redis->get('member_ip_filter') && !in_array($request->getUrl(), ['/v1/oauth/login', '/v1/oauth/is-login-verify', '/v1/site/days-diff'])) {
+            if (!(new IpFilter())->frontApiCheck('member')) {
                 throw new \Exception('用户名或密码错误');
             }
         }

frontendApi/modules/v1/models/LoginForm.php

@@ -124,7 +124,7 @@ class LoginForm extends Model
         $result = false;
         try{
             // 验证IP
-            if (!(new IpFilter())->frontApiCheck(true)) {
+            if (\Yii::$app->redis->get('member_ip_filter') && !(new IpFilter())->frontApiCheck('member', true)) {
                 $this->_updateFailTimes($transaction, '用户名或密码错误!');
                 throw new Exception('用户名或密码错误');
             }