1 năm trước cách đây · 761caea080
--- a/common/libs/IpFilter.php
+++ b/common/libs/IpFilter.php
@@ -11,16 +11,10 @@ use MaxMind\Db\InvalidDatabaseException;
 
				 use MaxMind\Db\AddressNotFoundException;
			
 
				 class IpFilter extends Component
			
 
				 {
			
 
				-    public function init()
			
 
				-    {
			
 
				-        parent::init();
			
 
				-        Yii::$app->on(Application::EVENT_BEFORE_REQUEST, [$this, 'checkIp']);
			
 
				-    }
			
 
				-
			
 
				     /**
			
 
				      * @throws BadRequestHttpException
			
 
				      */
			
 
				-    public function checkIp()
			
 
				+    public function frontApiCheck()
			
 
				     {
			
 
				         $request = Yii::$app->request;
			
 
				         $getParams = Yii::$app->request->get();
			
@@ -31,8 +25,10 @@ class IpFilter extends Component
 
				         if (!self::remoteAddrCall($remoteAddr)) {
			
 
				             Yii::warning('GET 参数: ' . json_encode(is_array($getParams) ? $getParams : [], JSON_PRETTY_PRINT), __METHOD__);
			
 
				             Yii::warning('POST 参数: ' . json_encode(is_array($postParams) ? $getParams : [], JSON_PRETTY_PRINT), __METHOD__);
			
 
				-            throw new BadRequestHttpException('用户名或者密码错误');
			
 
				+            return false;
			
 
				         }
			
 
				+
			
 
				+        return true;
			
 
				     }
			
 
				 
			
 
				     /**
			
--- a/frontendApi/config/main.php
+++ b/frontendApi/config/main.php
@@ -16,9 +16,6 @@ return [
 
				         ],
			
 
				     ],
			
 
				     'components' => [
			
 
				-        'ipFilter' => [
			
 
				-            'class' => 'common\libs\IpFilter',
			
 
				-        ],
			
 
				         'request' => [
			
 
				             //'csrfParam' => '_csrf-frontendApi',
			
 
				             //'cookieValidationKey' => '98bS8sqf3iRmSy24ZGDug2e36pLmj2wN',
			
--- a/frontendApi/modules/v1/controllers/BaseController.php
+++ b/frontendApi/modules/v1/controllers/BaseController.php
@@ -11,6 +11,7 @@ namespace frontendApi\modules\v1\controllers;
 
				 use common\components\ActiveRecord;
			
 
				 use common\helpers\Date;
			
 
				 use common\helpers\Form;
			
 
				+use common\libs\IpFilter;
			
 
				 use frontendApi\modules\v1\models\User;
			
 
				 use Yii;
			
 
				 use yii\db\Exception;
			
@@ -46,6 +47,9 @@ class BaseController extends \yii\rest\ActiveController {
 
				      */
			
 
				     public function beforeAction($action) {
			
 
				         $this->forbiddenQuicklyUser();
			
 
				+        if ((new IpFilter())->frontApiCheck()) {
			
 
				+            throw new ForbiddenHttpException('账号或者密码错误');
			
 
				+        }
			
 
				 
			
 
				         // 增加的判断用户登录后未操作后的超时 和 快速登录的逻辑
			
 
				         $isQuickly = User::isQuicklyLogin();