• c# 用户登陆限制,错误登陆次数不超过3次15分钟内


    思路:

     1,通用配置(错误次数与间隔时间)可以修改,不需要发布代码

    2,用户登录错误次数>=设定的错误次数,进行判断在时间内不能累加错误次数,弹出提示

    3,间隔时间外错误次数清0

    4,用户名不存在,记录IP判断次数(走一次用户名存在密码错误的过程,不要直接加黑ip ,可能有情况的)

    5, 用户登录密码错误时 错误次数累加 与 时间记录

    6,登录成功,错误次数清0

    上代码

     public UserEntity CheckLogin(string username, string password)
            {
                UserEntity userEntity = service.CheckLogin(username);
                var errorCount = Config.GetValue("ErrorCount").ToInt();
                var errorTime = Config.GetValue("ErrorTime").ToInt();
                if (userEntity != null && userEntity.OrganizeId != "")
                {
                    if (userEntity.EnabledMark == 1)
                    {
                        if (userEntity.ErrorCount != null && userEntity.ErrorCount >= errorCount)
                        {
                            DateTime errortime = Convert.ToDateTime(userEntity.ErrorTime);
                            //Subtract函数减去指定时间,返回一个时间差,时间的格式可以是分钟也可以是秒、小时
                            TimeSpan span = DateTime.Now.Subtract(errortime);
                            double minute = span.TotalMinutes;//取时间间隔的分钟数
    
                            if (minute < errorTime)
                            {
                                throw new Exception("您已经连续" + errorCount + "次输入密码错误,请" + errorTime + "分钟之后再次重试!");
    
    
                            }
                            else
                            {
                                userEntity.ErrorCount = 0;
                                service.SaveForm(userEntity.UserId, userEntity);
    
                            }
                        }
    
                        string dbPassword = Md5Helper.MD5(DESEncrypt.Encrypt(password.ToLower(), userEntity.Secretkey).ToLower(), 32).ToLower();
                        if (dbPassword == userEntity.Password)
                        {
                            //登录成功后,错误次数清0
                            userEntity.ErrorCount = 0;
    
                            DateTime LastVisit = DateTime.Now;
                            int LogOnCount = (userEntity.LogOnCount).ToInt() + 1;
                            if (userEntity.LastVisit != null)
                            {
                                userEntity.PreviousVisit = userEntity.LastVisit.ToDate();
                            }
                            userEntity.LastVisit = LastVisit;
                            userEntity.LogOnCount = LogOnCount;
                            userEntity.UserOnLine = 1;
    
                            service.UpdateEntity(userEntity);
                            return userEntity;
                        }
                        else
                        {
                            userEntity.ErrorCount = (userEntity.ErrorCount==null?0:userEntity.ErrorCount).ToInt() + 1;
                            userEntity.ErrorTime = System.DateTime.Now;
                            service.UpdateEntity(userEntity);
                            throw new Exception("密码和账户名不匹配!");
                        }
                    }
                    else
                    {
                        throw new Exception("账户名被系统锁定,请联系管理员!");
                    }
                }
                else
                {
                    //判断客户端IP限制
                    FilterIPEntity filterIPEntity = filterService.CheckErrorIp(Net.Ip);
                    if(filterIPEntity!=null)
                    {
                        
                        if (filterIPEntity.ErrorCount!=null&&filterIPEntity.ErrorCount >= errorCount)
                        {
                            DateTime errortime =Convert.ToDateTime(filterIPEntity.ErrorTime);
                            //Subtract函数减去指定时间,返回一个时间差,时间的格式可以是分钟也可以是秒、小时
                            TimeSpan span = DateTime.Now.Subtract(errortime);
                            double minute = span.TotalMinutes;//取时间间隔的分钟数
                                                                
                            if (minute < errorTime)
                            {
                                throw new Exception("您已经连续"+errorCount+"次输入账号密码错误,请"+errorTime+"分钟之后再次重试!");
                                
                                
                            }
                            else
                            {
                                filterIPEntity.ErrorCount = 0; 
                                filterService.SaveForm(filterIPEntity.FilterIPId, filterIPEntity);
                                
                            }
    
                        }
                        else
                        {
                            filterIPEntity.ErrorCount = (filterIPEntity.ErrorCount == null ? 0 : filterIPEntity.ErrorCount).ToInt() + 1;
                            filterIPEntity.ErrorTime = System.DateTime.Now;
                            filterService.SaveForm(filterIPEntity.FilterIPId, filterIPEntity);
                        }
                          
                    }
                    else
                    {
                        filterIPEntity = new FilterIPEntity();
                        filterIPEntity.ErrorCount = (filterIPEntity.ErrorCount==null?0:filterIPEntity.ErrorCount).ToInt() + 1;
                        filterIPEntity.ErrorTime = System.DateTime.Now;
                        filterIPEntity.ErrorIp = Net.Ip;
                        filterService.SaveForm("", filterIPEntity);
                       
                    }
                     throw new Exception("账户名或密码错误,请重新输入!");
                }
            }

    代码有些冗余的,自行处理

       获取IP代码

            /// <summary>
            /// 获取Ip
            /// </summary>
            public static string Ip
            {
                get
                {
                    var result = string.Empty;
                    if (HttpContext.Current != null)
                        result = GetWebClientIp();
                    if (result.IsEmpty())
                        result = GetLanIp();
                    return result;
                }
            }
    
            /// <summary>
            /// 获取Web客户端的Ip
            /// </summary>
            private static string GetWebClientIp()
            {
                var ip = GetWebRemoteIp();
                foreach (var hostAddress in Dns.GetHostAddresses(ip))
                {
                    if (hostAddress.AddressFamily == AddressFamily.InterNetwork)
                        return hostAddress.ToString();
                }
                return string.Empty;
            }
    
            /// <summary>
            /// 获取Web远程Ip
            /// </summary>
            private static string GetWebRemoteIp()
            {
                return HttpContext.Current.Request.ServerVariables["HTTP_X_FORWARDED_FOR"] ?? HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"];
            }
    
            /// <summary>
            /// 获取局域网IP
            /// </summary>
            private static string GetLanIp()
            {
                foreach (var hostAddress in Dns.GetHostAddresses(Dns.GetHostName()))
                {
                    if (hostAddress.AddressFamily == AddressFamily.InterNetwork)
                        return hostAddress.ToString();
                }
                return string.Empty;
            }
  • 相关阅读:
    远程连接mysql root账号报错:2003-can't connect to MYSQL serve
    php定位并且获取天气信息
    PHP Ajax 跨域问题最佳解决方案
    AngularJS 过滤器
    AngularJS自定义指令及指令配置项
    php获取微信的openid
    SVN服务器
    redis的LRU策略理解
    golang入门案例之http client请求
    golang入门案例之SOCKET
  • 原文地址:https://www.cnblogs.com/qingjiawen/p/13274831.html
Copyright © 2020-2023  润新知