//检查注册频率 private IActionResult checkRegRates(string vcode, string vregval, string regip) { string key = "ip_regrates_" + regip; string c = UrsHelper.Cache_GetObj(key) as string; if (false == string.IsNullOrEmpty(c)) { RegCompact prev = RegCompact.Parse(c); if (prev.isOver()) { //如果传递了vcode和vregval 说明提交了验证码 if (vcode.Length == 4 && vregval.Length > 0) { //先判断vcode是否被重用了 if (UrsHelper.Cache_GetObj(string.Format("cache_reg_code_{0}_ip_{1}", vcode, regip)) != null) { return(this.FuncResult(new APIReturn(10102, "请刷新验证码"))); } this.regcode = vcode; return(decRegVal(vregval, vcode, regip)); } else { return(createVCode(regip)); } } } return(null); }
void addRegSuc(string regip) { RegCompact prev; string key = "ip_regrates_" + regip; string c = UrsHelper.Cache_GetObj(key) as string; if (false == string.IsNullOrEmpty(c)) { prev = RegCompact.Parse(c); prev.update(DateTime.Now); } else { prev = new RegCompact(DateTime.Now); } UrsHelper.Cache_SetObj(key, prev.ToString(), 60, 0); //一旦通过验证码完成注册,则将此码和ip一起作为key,添加缓存,下次提交验证码时判断, //是否有此session,有则怀疑重复提交相同验证码,10分钟都不允许同ip提交相同验证码,会误伤 if (!string.IsNullOrWhiteSpace(this.regcode) && this.regcode.Length == 4) { UrsHelper.Cache_SetObj(string.Format("cache_reg_code_{0}_ip_{1}", this.regcode, regip), 1, 10, 0); } }
IActionResult decRegVal(string encdata, string inputcode, string regip) { //应该先要判断session里有这个值 byte[] buffer = Convert.FromBase64String(encdata.Replace(" ", "+")); string s = System.Text.UTF8Encoding.UTF8.GetString(buffer); string decstr = UrsHelper.Decrypt(s, deskey, key_64, iv_64); string[] arr = decstr.Split(','); long ses = RegCompact.LastSeconds(DateTime.Now.Ticks, long.Parse(arr[2])); //10分钟600秒,过期之后重复生成有点浪费 //考虑原有在if2中已有频度检查,这里继续生成一个新的 if (ses > 600) { return(createVCode(regip)); } if (arr[1].ToLower() != inputcode.ToLower()) { //验证码不正确的时候,是否需要返回新的呢 return(this.FuncResult(new APIReturn(10101, "验证码不正确"))); } return(null); }