Skip to content
This repository was archived by the owner on Nov 5, 2024. It is now read-only.

Commit cafff6a

Browse files
iwindiwind
committed
操作日志中记录失败的登录
1 parent 74c6287 commit cafff6a

File tree

1 file changed

+24
-10
lines changed

1 file changed

+24
-10
lines changed

teaweb/actions/default/login/index.go

Lines changed: 24 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -51,16 +51,6 @@ func (this *IndexAction) RunPost(params struct {
5151
Must *actions.Must
5252
Auth *helpers.UserShouldAuth
5353
}) {
54-
// 记录登录
55-
go func() {
56-
err := teadb.AuditLogDAO().InsertOne(audits.NewLog(params.Username, audits.ActionLogin, "登录", map[string]string{
57-
"ip": this.RequestRemoteIP(),
58-
}))
59-
if err != nil {
60-
logs.Error(err)
61-
}
62-
}()
63-
6454
// 检查IP限制
6555
if !configs.SharedAdminConfig().AllowIP(this.RequestRemoteIP()) {
6656
this.ResponseWriter.WriteHeader(http.StatusForbidden)
@@ -85,14 +75,17 @@ func (this *IndexAction) RunPost(params struct {
8575

8676
// 检查token
8777
if len(params.Token) <= 32 {
78+
this.log(params.Username, false)
8879
this.Fail("请通过登录页面登录")
8980
}
9081
timestampString := params.Token[32:]
9182
if stringutil.Md5(TokenSalt+timestampString) != params.Token[:32] {
83+
this.log(params.Username, false)
9284
this.FailField("refresh", "登录页面已过期,请刷新后重试")
9385
}
9486
timestamp := types.Int64(timestampString)
9587
if timestamp < time.Now().Unix()-1800 {
88+
this.log(params.Username, false)
9689
this.FailField("refresh", "登录页面已过期,请刷新后重试")
9790
}
9891

@@ -102,12 +95,14 @@ func (this *IndexAction) RunPost(params struct {
10295
if user != nil {
10396
// 错误次数
10497
if user.CountLoginTries() >= 3 {
98+
this.log(params.Username, false)
10599
this.Fail("登录失败已超过3次,系统被锁定,需要重置服务后才能继续")
106100
}
107101

108102
// 密码错误
109103
if !adminConfig.ComparePassword(params.Password, user.Password) {
110104
user.IncreaseLoginTries()
105+
this.log(params.Username, false)
111106
this.Fail("登录失败,请检查用户名密码")
112107
}
113108

@@ -128,9 +123,28 @@ func (this *IndexAction) RunPost(params struct {
128123
}
129124
}
130125

126+
this.log(params.Username, true)
131127
this.Next("/", nil, "").Success()
132128
return
133129
}
134130

131+
this.log(params.Username, false)
135132
this.Fail("登录失败,请检查用户名密码")
136133
}
134+
135+
func (this *IndexAction) log(username string, success bool) {
136+
go func() {
137+
var message string
138+
if success {
139+
message = "登录成功"
140+
} else {
141+
message = "登录失败"
142+
}
143+
err := teadb.AuditLogDAO().InsertOne(audits.NewLog(username, audits.ActionLogin, message, map[string]string{
144+
"ip": this.RequestRemoteIP(),
145+
}))
146+
if err != nil {
147+
logs.Error(err)
148+
}
149+
}()
150+
}

0 commit comments

Comments
 (0)