更新两步验证逻辑

2025-05-23 06:46:09 +08:00 · 2021-09-01 23:01:49 +08:00 · 2021-09-01 23:01:49 +08:00 · 00cb915f48
commit 00cb915f48
parent 97baff8baf
3 changed files with 38 additions and 62 deletions
--- a/back/api/auth.ts
+++ b/back/api/auth.ts
@ -151,15 +151,13 @@ export default (app: Router) => {
    celebrate({
      body: Joi.object({
        code: Joi.string().required(),
-        username: Joi.string().required(),
-        password: Joi.string().required(),
      }),
    }),
    async (req: Request, res: Response, next: NextFunction) => {
      const logger: Logger = Container.get('logger');
      try {
        const authService = Container.get(AuthService);
-        const data = await authService.twoFactorLogin(req.body, req);
+        const data = await authService.twoFactorLogin(req.body);
        res.send(data);
      } catch (e) {
        logger.error('🔥 error: %o', e);
--- a/back/services/auth.ts
+++ b/back/services/auth.ts
@ -23,7 +23,7 @@ export default class AuthService {
    }

    let { username, password } = payloads;
-    const content = fs.readFileSync(config.authConfigFile, 'utf8');
+    const content = this.getAuthInfo();
    const timestamp = Date.now();
    if (content) {
      const {
@ -34,8 +34,7 @@ export default class AuthService {
        lastip,
        lastaddr,
        twoFactorActived,
-        twoFactorChecked,
-      } = JSON.parse(content);
+      } = content;

      if (
        (cUsername === 'admin' && cPassword === 'adminadmin') ||
@ -45,21 +44,7 @@ export default class AuthService {
        return this.initAuthInfo();
      }

-      if (twoFactorActived && !twoFactorChecked) {
-        return {
-          code: 420,
-          message: '请输入两步验证token',
-        };
-      }
-
      if (retries > 2 && Date.now() - lastlogon < Math.pow(3, retries) * 1000) {
-        fs.writeFileSync(
-          config.authConfigFile,
-          JSON.stringify({
-            ...JSON.parse(content),
-            twoFactorChecked: false,
-          }),
-        );
        return {
          code: 410,
          message: `失败次数过多，请${Math.round(
@ -79,34 +64,31 @@ export default class AuthService {
          expiresIn: 60 * 60 * 24 * expiration,
          algorithm: 'HS384',
        });
-        fs.writeFileSync(
-          config.authConfigFile,
-          JSON.stringify({
-            ...JSON.parse(content),
-            token,
-            lastlogon: timestamp,
-            retries: 0,
-            lastip: ip,
-            lastaddr: address,
-            twoFactorChecked: false,
-          }),
-        );
-        return {
-          code: 200,
-          data: { token, lastip, lastaddr, lastlogon, retries },
-        };
+        this.updateAuthInfo(content, {
+          token,
+          lastlogon: timestamp,
+          retries: twoFactorActived ? retries : 0,
+          lastip: ip,
+          lastaddr: address,
+        });
+        if (twoFactorActived) {
+          return {
+            code: 420,
+            message: '请输入两步验证token',
+          };
+        } else {
+          return {
+            code: 200,
+            data: { token, lastip, lastaddr, lastlogon, retries },
+          };
+        }
      } else {
-        fs.writeFileSync(
-          config.authConfigFile,
-          JSON.stringify({
-            ...JSON.parse(content),
-            retries: retries + 1,
-            lastlogon: timestamp,
-            lastip: ip,
-            lastaddr: address,
-            twoFactorChecked: false,
-          }),
-        );
+        this.updateAuthInfo(content, {
+          retries: retries + 1,
+          lastlogon: timestamp,
+          lastip: ip,
+          lastaddr: address,
+        });
        return { code: 400, message: config.authError };
      }
    } else {
@ -158,21 +140,22 @@ export default class AuthService {
    return isValid;
  }

-  public async twoFactorLogin({ username, password, code }, req) {
+  public async twoFactorLogin({ code }) {
    const authInfo = this.getAuthInfo();
+    const { token, lastip, lastaddr, lastlogon, retries, twoFactorSecret } =
+      authInfo;
    const isValid = authenticator.verify({
      token: code,
-      secret: authInfo.twoFactorSecret,
+      secret: twoFactorSecret,
    });
    if (isValid) {
-      this.updateAuthInfo(authInfo, { twoFactorChecked: true });
-      return this.login({ username, password }, req);
+      this.updateAuthInfo(authInfo, { retries: 0 });
+      return {
+        code: 200,
+        data: { token, lastip, lastaddr, lastlogon, retries },
+      };
    } else {
-      const { ip, address } = await getNetIp(req);
-      this.updateAuthInfo(authInfo, {
-        lastip: ip,
-        lastaddr: address,
-      });
+      this.updateAuthInfo(authInfo, { retries: retries + 1 });
      return { code: 430, message: '验证失败' };
    }
  }
--- a/src/pages/login/index.tsx
+++ b/src/pages/login/index.tsx
@ -23,7 +23,6 @@ const Login = () => {
  const [waitTime, setWaitTime] = useState<any>();
  const { theme } = useTheme();
  const [twoFactor, setTwoFactor] = useState(false);
-  const [loginInfo, setLoginInfo] = useState<any>();
  const [verifing, setVerifing] = useState(false);

  const handleOk = (values: any) => {
@ -39,10 +38,6 @@ const Login = () => {
      })
      .then((data) => {
        if (data.code === 420) {
-          setLoginInfo({
-            username: values.username,
-            password: values.password,
-          });
          setTwoFactor(true);
        } else {
          checkResponse(data);
@ -59,7 +54,7 @@ const Login = () => {
    setVerifing(true);
    request
      .put(`${config.apiPrefix}user/two-factor/login`, {
-        data: { ...loginInfo, code: values.code },
+        data: { code: values.code },
      })
      .then((data: any) => {
        if (data.code === 430) {