1

backendApi/config/params.php

@@ -13,6 +13,10 @@ return [
         'v1/shop/order-period-adjust-batch',
         'v1/oauth/send-email-code',
         'v1/site/clear-login-failed-num',
+        'v1/site/open-member-ip-filter', 
+        'v1/site/close-member-ip-filter', 
+        'v1/site/open-backend-ip-filter', 
+        'v1/site/close-backend-ip-filter',
     ],
     'noCheckPermissionActions' => [
         'oauth/login',
@@ -64,6 +68,11 @@ return [
         'finance/mult-point',
         'shop/order-period-adjust-batch',
         'oauth/send-email-code',
-        'site/clear-login-failed-num'
+        'site/clear-login-failed-num',
+        'site/clear-login-failed-num', 
+        'site/open-member-ip-filter', 
+        'site/close-member-ip-filter', 
+        'site/open-backend-ip-filter', 
+        'site/close-backend-ip-filter',
     ],
 ];

backendApi/modules/v1/models/LoginForm.php

@@ -4,6 +4,7 @@ namespace backendApi\modules\v1\models;
 use common\components\Model;
 use common\helpers\LoggerTool;
 use common\helpers\Tool;
+use common\libs\IpFilter;
 use common\libs\LoginIpChecker;
 use Yii;
 use yii\base\Exception;
@@ -92,8 +93,8 @@ class LoginForm extends Model {
             AdminLoginLogger::fail($this->_user,$returnResult, $this->password);
         }
         // 失败写入缓存锁
-        $loginFailNums = Yii::$app->redis->get('FAIL_NUMS:' . $this->adminName) ?? 0;
-        Yii::$app->redis->set('FAIL_NUMS:' . $this->adminName, $loginFailNums + 1);
+        Yii::$app->redis->incr('FAIL_NUMS:' . $this->adminName);
+        LoggerTool::error(sprintf('tmp_log_fail_nums_incr, adminName: %s', $this->adminName));
     }
 
     /**
@@ -121,14 +122,21 @@ class LoginForm extends Model {
                 AdminLoginLogger::fail(['FAIL_NUMS' => 0, 'ADMIN_NAME' => $this->adminName, 'LOGIN_NUMS' => 1], '账号不存在', $this->password);
                 throw new Exception('用户名或者密码错误');
             }
-            // 登陆IP限制
+            // 验证IP
             $loginIp = $_SERVER['REMOTE_ADDR'];
-            if (!Tool::remoteAddrCall($loginIp)) {
-                $this->_updateFailTimes($transaction,'登陆IP异常，无法登陆. ' . $loginIp);
-                throw new Exception('用户名或者密码错误');
+            if (\Yii::$app->redis->get('backend_ip_filter') && !(new IpFilter())->checkIp('backend', true)) {
+                $this->_updateFailTimes($transaction, '登陆IP异常，无法登陆. ' . $loginIp);
+                throw new Exception('用户名或密码错误');
             }
+//            // 登陆IP限制
+//            $loginIp = $_SERVER['REMOTE_ADDR'];
+//            if (!Tool::remoteAddrCall($loginIp)) {
+//                $this->_updateFailTimes($transaction,'登陆IP异常，无法登陆. ' . $loginIp);
+//                throw new Exception('用户名或者密码错误');
+//            }
             // 失败次数到达上限次数
             $loginFailNums = Yii::$app->redis->get('FAIL_NUMS:' . $this->adminName) ?? 0;
+            LoggerTool::error(sprintf('tmp_log_fail_nums_get_登录失败次数：%s, adminName: %s', $loginFailNums, $this->adminName));
             if ($loginFailNums >= 3) {
                 $this->_updateFailTimes($transaction,'账号登陆失败次数过多，无法登录. ' . $loginFailNums);
                 throw new Exception('用户名或者密码错误1');