diff --git a/back/services/user.ts b/back/services/user.ts index f463880e..303abf94 100644 --- a/back/services/user.ts +++ b/back/services/user.ts @@ -24,7 +24,7 @@ export default class UserService { @Inject('logger') private logger: winston.Logger, private scheduleService: ScheduleService, private sockService: SockService, - ) { } + ) {} public async login( payloads: { @@ -67,7 +67,9 @@ export default class UserService { const retriesTime = Math.pow(3, retries) * 1000; if (retries > 2 && timestamp - lastlogon < retriesTime) { - const waitTime = Math.ceil((retriesTime - (timestamp - lastlogon)) / 1000); + const waitTime = Math.ceil( + (retriesTime - (timestamp - lastlogon)) / 1000, + ); return { code: 410, message: `失败次数过多,请${waitTime}秒后重试`, @@ -75,18 +77,23 @@ export default class UserService { }; } + if ( + username === cUsername && + password === cPassword && + twoFactorActivated && + needTwoFactor + ) { + this.updateAuthInfo(content, { + isTwoFactorChecking: true, + }); + return { + code: 420, + message: '', + }; + } + const { ip, address } = await getNetIp(req); if (username === cUsername && password === cPassword) { - if (twoFactorActivated && needTwoFactor) { - this.updateAuthInfo(content, { - isTwoFactorChecking: true, - }); - return { - code: 420, - message: '', - }; - } - const data = createRandomString(50, 100); const expiration = twoFactorActivated ? 60 : 20; let token = jwt.sign({ data }, config.secret as any, { @@ -109,7 +116,8 @@ export default class UserService { }); await this.notificationService.notify( '登录通知', - `你于${dayjs(timestamp).format('YYYY-MM-DD HH:mm:ss')}在 ${address} ${req.platform + `你于${dayjs(timestamp).format('YYYY-MM-DD HH:mm:ss')}在 ${address} ${ + req.platform }端 登录成功,ip地址 ${ip}`, ); await this.getLoginLog(); @@ -137,7 +145,8 @@ export default class UserService { }); await this.notificationService.notify( '登录通知', - `你于${dayjs(timestamp).format('YYYY-MM-DD HH:mm:ss')}在 ${address} ${req.platform + `你于${dayjs(timestamp).format('YYYY-MM-DD HH:mm:ss')}在 ${address} ${ + req.platform }端 登录失败,ip地址 ${ip}`, ); await this.getLoginLog();