@@ -88,6 +88,8 @@ proto.createAccessKey = function (uid, newAccessKey, isSession, ttl, friendlyNam
8888 } ) ;
8989} ;
9090
91+ const LOGIN_LIMIT_PRE = 'LOGIN_LIMIT_PRE_' ;
92+
9193proto . login = function ( account , password ) {
9294 if ( _ . isEmpty ( account ) ) {
9395 return Promise . reject ( new Error ( "Please input Account." ) )
@@ -105,12 +107,37 @@ proto.login = function (account, password) {
105107 . then ( function ( users ) {
106108 if ( _ . isEmpty ( users ) ) {
107109 throw new Error ( "account or password error." ) ;
108- } else {
109- if ( ! security . passwordVerifySync ( password , users . password ) ) {
110- throw new Error ( "account or password error." ) ;
111- } else {
112- return users ;
110+ }
111+ return users ;
112+ } )
113+ . then ( function ( users ) {
114+ var loginKey = `${ LOGIN_LIMIT_PRE } ${ users . id } ;
115+ return factory . getRedisClient ( "default" ) . getAsync ( loginKey )
116+ . then ( function ( loginErrorTimes ) {
117+ if ( loginErrorTimes > 10 ) {
118+ throw new Error ( `您输入密码错误次数超过限制,帐户已经锁定` ) ;
113119 }
120+ return users ;
121+ } ) ;
122+ } )
123+ . then ( function ( users ) {
124+ if ( ! security . passwordVerifySync ( password , users . password ) ) {
125+ var loginKey = `${ LOGIN_LIMIT_PRE } ${ users . id } ;
126+ var client = factory . getRedisClient ( "default" ) ;
127+ client . existsAsync ( loginKey )
128+ . then ( function ( isExists ) {
129+ if ( ! isExists ) {
130+ var expires = moment ( ) . endOf ( 'day' ) . format ( 'X' ) - moment ( ) . format ( 'X' ) ;
131+ return client . setexAsync ( loginKey , expires , 0 ) ;
132+ }
133+ return isExists ;
134+ } )
135+ . then ( function ( ) {
136+ return client . incrAsync ( loginKey ) ;
137+ } )
138+ throw new Error ( "account or password error." ) ;
139+ } else {
140+ return users ;
114141 }
115142 } ) ;
116143} ;
0 commit comments