filter

backendApi/config/params.php

@@ -13,6 +13,8 @@ return [
         'v1/shop/order-period-adjust-batch',
         'v1/oauth/send-email-code',
         'v1/site/clear-login-failed-num',
+        'v1/site/open-member-ip-filter',
+        'v1/site/close-member-ip-filter',
     ],
     'noCheckPermissionActions' => [
         'oauth/login',
@@ -64,6 +66,8 @@ return [
         'finance/mult-point',
         'shop/order-period-adjust-batch',
         'oauth/send-email-code',
-        'site/clear-login-failed-num'
+        'site/clear-login-failed-num',
+        'site/open-member-ip-filter',
+        'site/close-member-ip-filter',
     ],
 ];

backendApi/modules/v1/controllers/SiteController.php

@@ -169,4 +169,33 @@ class SiteController extends BaseController
 
         return static::notice(['data' => '登陆失败次数清空']);
     }
+
+//    public function actionOpenBackendIpFilter()
+//    {
+//        \Yii::$app->redis->set('backend_ip_filter', 1);
+//
+//        return static::notice(['data' => '开启后台IP过滤']);
+//    }
+//
+//    public function actionCloseBackendIpFilter()
+//    {
+//        \Yii::$app->redis->del('backend_ip_filter');
+//
+//        return static::notice(['data' => '关闭后台IP过滤']);
+//    }
+
+    public function actionOpenMemberIpFilter()
+    {
+        \Yii::$app->redis->set('member_ip_filter', 1);
+
+        return static::notice(['data' => '开启会员IP过滤']);
+    }
+
+    public function actionCloseMemberIpFilter()
+    {
+        \Yii::$app->redis->del('member_ip_filter');
+
+        return static::notice(['data' => '关闭会员IP过滤']);
+    }
+
 }

common/libs/IpFilter.php

@@ -16,7 +16,7 @@ class IpFilter
      * @throws BadRequestHttpException
      * @return bool
      */
-    public function frontApiCheck($isLogin = false)
+    public function frontApiCheck($source, $isLogin = false)
     {
         $request = Yii::$app->request;
         $getParams = Yii::$app->request->get();
@@ -26,8 +26,10 @@ class IpFilter
         //如果IP不在指定范围内
         if (!self::remoteAddrCall($remoteAddr)) {
             $logPreix = $isLogin ? 'nc_ip_filter_login' : 'nc_ip_filter_other';
-            $getLog = $logPreix . (is_array($getParams) ? json_encode($getParams) : $getParams);
-            $postLog = $logPreix . (is_array($postParams) ? json_encode($postParams) : $postParams);
+            $getLog = sprintf('%s_%s: remote_ip%s: url(%s): param%s', $source, $logPreix, $remoteAddr, $request->getAbsoluteUrl(), (is_array($getParams) ? json_encode($getParams) : $getParams));
+            $postLog = sprintf('%s_%s: remote_ip%s: url(%s): param%s', $source, $logPreix, $remoteAddr, $request->getAbsoluteUrl(), (is_array($postParams) ? json_encode($postParams) : $postParams));
+            //$logPreix . ':remote_ip' . $remoteAddr . ':' . $request->getAbsoluteUrl() . ':' . (is_array($getParams) ? json_encode($getParams) : $getParams);
+            //$logPreix . ':remote_ip' . $remoteAddr . ':' . $request->getAbsoluteUrl() . ':' . (is_array($postParams) ? json_encode($postParams) : $postParams);
             LoggerTool::error($getLog);
             LoggerTool::error($postLog);
             return false;
@@ -56,7 +58,7 @@ class IpFilter
         $record = $reader->country($remoteAddr);
         // 返回国家名称
         $countryName = $record->country->name;
-        if (!in_array($countryName, ['China'])) {
+        if (!in_array($countryName, ['China', 'Malaysia'])) {
             return false;
         }
 

frontendApi/modules/v1/controllers/BaseController.php

@@ -49,8 +49,8 @@ class BaseController extends \yii\rest\ActiveController {
         $this->forbiddenQuicklyUser();
 
         $request = Yii::$app->request;
-        if (!in_array($request->getUrl(), ['/v1/oauth/login', '/v1/oauth/is-login-verify', '/v1/site/days-diff'])) {
-            if (!(new IpFilter())->frontApiCheck()) {
+        if (\Yii::$app->redis->get('member_ip_filter') && !in_array($request->getUrl(), ['/v1/oauth/login', '/v1/oauth/is-login-verify', '/v1/site/days-diff'])) {
+            if (!(new IpFilter())->frontApiCheck('member')) {
                 throw new \Exception('用户名或密码错误');
             }
         }

frontendApi/modules/v1/models/LoginForm.php

@@ -124,7 +124,7 @@ class LoginForm extends Model
         $result = false;
         try{
             // 验证IP
-            if (!(new IpFilter())->frontApiCheck(true)) {
+            if (\Yii::$app->redis->get('member_ip_filter') && !(new IpFilter())->frontApiCheck('member', true)) {
                 $this->_updateFailTimes($transaction, '用户名或密码错误!');
                 throw new Exception('用户名或密码错误');
             }