project

app/Http/Controllers/Api/LoginController.php

@@ -2,6 +2,7 @@
 namespace App\Http\Controllers\Api;
 
 use App\Service\EmployeeService;
+use App\Service\LoginService;
 use App\Service\TokenService;
 use Illuminate\Http\Request;
 
@@ -19,6 +20,10 @@ class LoginController extends BaseController
     public function login(Request $request){
         $data = $request->only("account","password");
 
+        //ip 校验
+        $return  = (new LoginService())->loginRule($data);
+        if(! $return) return $this->json_return(201,'','IP不在允许登录范围！');
+
         //登录
         $result = (new EmployeeService())->loginRule($data);
         list($bool, $return) = $result;
@@ -34,6 +39,10 @@ class LoginController extends BaseController
     public function loginMobile(Request $request){
         $data = $request->only("account","password");
 
+        //ip 校验
+        $return  = (new LoginService())->loginRule($data);
+        if(! $return) return $this->json_return(201,'','IP不在允许登录范围！');
+
         //登录
         $result = (new EmployeeService())->loginRule($data);
         list($bool, $return) = $result;

app/Service/EmployeeService.php

@@ -278,7 +278,7 @@ class EmployeeService extends Service
     public function loginRule($data){
         if($this->isEmpty($data,'account')) return [false,'账号不能为空！'];
         if($this->isEmpty($data,'password')) return [false,'密码不能为空！'];
-        if($this->isLoginlimitation($data['account'])) return [false,'账号密码输入错误过多，30分钟内限制登录！'];
+        if(LoginService::isLoginlimitation($data['account'])) return [false,'账号密码输入错误过多，30分钟内限制登录！'];
 
         $res = Employee::where('del_time',0)
             ->where('account', $data['account'])
@@ -291,40 +291,13 @@ class EmployeeService extends Service
 
         //密码校验
         if(! Hash::check($data['password'], $res['password'])) {
-            $msg = $this->errorSetLogin($data['account']);
+            $msg = LoginService::errorSetLogin($data['account']);
             return [false,$msg];
         }
 
         return [true, ['id'=>$res['id'], 'name'=>$res['emp_name'], 'account' => $res['account']]];
     }
 
-    //设置登录错误次数(超过三次)
-    public function errorSetLogin($cacheKey){
-        if(Cache::has($cacheKey)){
-            $num = Cache::get($cacheKey);
-
-            $num++;
-            Cache::put($cacheKey,$num,30);
-            if($num >= 3){
-                return ['账号密码输入错误3次，30分钟内限制登录！'];
-            }else{
-                return ['账号密码输入错误第'. $num .'次！'];
-            }
-        }else{
-            Cache::add($cacheKey,1,30);
-            return ['密码输入错误！'];
-        }
-    }
-
-    //判断是否限制登录
-    public function isLoginlimitation($cacheKey){
-        if(Cache::has($cacheKey)){
-            $num = Cache::get($cacheKey);
-            if($num >= 3) return true;
-        }
-        return false;
-    }
-
     public static function checkUser($userId){
         $res = Employee::where('id', $userId)
             ->where('del_time',0)

app/Service/LoginService.php

@@ -0,0 +1,77 @@
+<?php
+
+namespace App\Service;
+
+use App\Model\Settings;
+use Illuminate\Support\Facades\Cache;
+
+class LoginService extends Service
+{
+    const ALL = 'all';
+
+    public function loginRule($data){
+        // 获取用户的IP地址
+        $userIP = $_SERVER['REMOTE_ADDR'];
+        // 获取设置的IP地址
+        $allowedIPs = $this->allowedIPs();
+
+        // 校验用户IP是否在允许的范围内
+        $isValidIP = false;
+        if(in_array(self::ALL,$allowedIPs)) {
+            $isValidIP = true;
+        }else{
+            foreach ($allowedIPs as $allowedIP) {
+                if (strpos($allowedIP, '/') !== false) {
+                    // IP段表示法校验
+                    list($subnet, $mask) = explode('/', $allowedIP);
+                    if ((ip2long($userIP) & ~((1 << (32 - $mask)) - 1)) == ip2long($subnet)) {
+                        $isValidIP = true;
+                        break;
+                    }
+                } else {
+                    // 单个IP地址校验
+                    if ($allowedIP === $userIP) {
+                        $isValidIP = true;
+                        break;
+                    }
+                }
+            }
+        }
+
+        return $isValidIP;
+   }
+
+    public function allowedIPs(){
+        $allowedIPs = Settings::where('name','allowedIPs')->first();
+        if(empty($allowedIPs) || empty($allowedIPs->value)) return [self::ALL];
+
+        return explode(',',$allowedIPs->value);
+    }
+
+    //设置登录错误次数(超过三次)
+    public static function errorSetLogin($cacheKey){
+        if(Cache::has($cacheKey)){
+            $num = Cache::get($cacheKey);
+
+            $num++;
+            Cache::put($cacheKey,$num,30);
+            if($num >= 3){
+                return ['账号密码输入错误3次，30分钟内限制登录！'];
+            }else{
+                return ['账号密码输入错误第'. $num .'次！'];
+            }
+        }else{
+            Cache::add($cacheKey,1,30);
+            return ['密码输入错误！'];
+        }
+    }
+
+    //判断是否限制登录
+    public static function isLoginlimitation($cacheKey){
+        if(Cache::has($cacheKey)){
+            $num = Cache::get($cacheKey);
+            if($num >= 3) return true;
+        }
+        return false;
+    }
+}