Merge branch 'develop' into standalone_develop

app/controllers/accounts_controller.rb

@@ -324,6 +324,8 @@ class AccountsController < ApplicationController
     send_type = verify_type(login_type, type)
     verification_code = code.sample(6).join
 
+    status, message = InfoRiskControlService.call(value, request.remote_ip)
+    tip_exception(420, message) if status == 0 
     sign = Digest::MD5.hexdigest("#{OPENKEY}#{value}")
     tip_exception(501, "请求不合理") if sign != params[:smscode]
 

app/controllers/api/v1/users_controller.rb

@@ -9,21 +9,24 @@ class Api::V1::UsersController < Api::V1::BaseController
     mail = params[:email]
     code_type = params[:code_type]
 
+    status, message = InfoRiskControlService.call(0, request.remote_ip)
+    tip_exception(420, message) if status == 0 
+
     sign = Digest::MD5.hexdigest("#{OPENKEY}#{mail}")
     Rails.logger.info sign
 
     tip_exception(501, "请求不合理") if sign != params[:smscode]
 
     # 60s内不能重复发送
-    send_email_limit_cache_key = "send_email_60_second_limit:#{mail}"
-    tip_exception(-2, '请勿频繁操作') if Rails.cache.exist?(send_email_limit_cache_key)
-    send_email_control = LimitForbidControl::SendEmailCode.new(mail)
-    tip_exception(-2, '邮件发送太频繁，请稍后再试') if send_email_control.forbid?
+    # send_email_limit_cache_key = "send_email_60_second_limit:#{mail}"
+    # tip_exception(-2, '请勿频繁操作') if Rails.cache.exist?(send_email_limit_cache_key)
+    # send_email_control = LimitForbidControl::SendEmailCode.new(mail)
+    # tip_exception(-2, '邮件发送太频繁，请稍后再试') if send_email_control.forbid?
     begin
       UserMailer.update_email(mail, verification_code).deliver_now
 
-      Rails.cache.write(send_email_limit_cache_key, 1, expires_in: 1.minute)
-      send_email_control.increment!
+      # Rails.cache.write(send_email_limit_cache_key, 1, expires_in: 1.minute)
+      # send_email_control.increment!
     rescue Exception => e
       logger_error(e)
       tip_exception(-2,"邮件发送失败，请稍后重试")

app/controllers/application_controller.rb

@@ -112,12 +112,12 @@ class ApplicationController < ActionController::Base
 			# 邮箱类型的发送
 			sigle_para = {email: value}
 			# 60s内不能重复发送
-			send_email_limit_cache_key = "send_email_60_second_limit:#{value}"
-			tip_exception(-1, '请勿频繁操作') if Rails.cache.exist?(send_email_limit_cache_key)
+			# send_email_limit_cache_key = "send_email_60_second_limit:#{value}"
+			# tip_exception(-1, '请勿频繁操作') if Rails.cache.exist?(send_email_limit_cache_key)
 
-			# 短时间内不能大量发送
-			send_email_control = LimitForbidControl::SendEmailCode.new(value)
-			tip_exception(-1, '邮件发送太频繁，请稍后再试') if send_email_control.forbid?
+			# # 短时间内不能大量发送
+			# send_email_control = LimitForbidControl::SendEmailCode.new(value)
+			# tip_exception(-1, '邮件发送太频繁，请稍后再试') if send_email_control.forbid?
 			begin
 				if send_type == 3
 					UserMailer.find_password(value, code).deliver_now
@@ -126,8 +126,8 @@ class ApplicationController < ActionController::Base
 				else
 					UserMailer.register_email(value, code).deliver_now
 				end
-				Rails.cache.write(send_email_limit_cache_key, 1, expires_in: 1.minute)
-				send_email_control.increment!
+				# Rails.cache.write(send_email_limit_cache_key, 1, expires_in: 1.minute)
+				# send_email_control.increment!
 				# Mailer.run.email_register(code, value)
 			rescue Exception => e
 				logger_error(e)

app/services/info_risk_control_service.rb

@@ -0,0 +1,77 @@
+class InfoRiskControlService < ApplicationService
+
+  attr_reader :receiver, :remote_ip 
+  attr_accessor :status, :message
+
+
+  def initialize(receiver="", remote_ip="0.0.0.0")
+    @receiver = receiver
+    @remote_ip = remote_ip 
+    @status = 1
+    @message = ""
+  end
+
+  def call
+    if receiver == ""
+      remote_ip_minute_risk_control
+      remote_ip_risk_control if @status = 1
+    else  
+      remote_ip_minute_risk_control
+      remote_ip_risk_control if @status = 1
+      minute_risk_control 
+      day_risk_control if @status = 1
+    end
+
+    return @status, @message
+  end
+
+  private 
+  def remote_ip_minute_risk_control 
+    result = Rails.cache.read("InfoRiskControlService-RemoteIp-Minute-#{remote_ip}")
+    if result.present? 
+      @status = 0 
+      @message = "您的请求过于频繁，请稍后再试"
+    else 
+      Rails.cache.write("InfoRiskControlService-RemoteIp-Minute-#{remote_ip}", 1, expires_in: 1.minute)
+    end
+  end 
+
+  def remote_ip_risk_control 
+    result = Rails.cache.read("InfoRiskControlService-RemoteIp-#{remote_ip}")
+    if result.present? 
+      if result.to_i > 20
+        @status = 0 
+        @message = "暂时无法请求，请稍后再试"
+      else 
+        Rails.cache.write("InfoRiskControlService-RemoteIp-#{remote_ip}", result.to_i + 1)
+      end
+    else 
+      Rails.cache.write("InfoRiskControlService-RemoteIp-#{remote_ip}", 1, expires_in: 1.day)
+    end
+  end
+
+  def minute_risk_control 
+    result = Rails.cache.read("InfoRiskControlService-Minute-#{receiver}")
+    if result.present?  
+      @status = 0 
+      @message = "您的请求过于频繁，请稍后再试" 
+    else 
+      Rails.cache.write("InfoRiskControlService-Minute-#{receiver}", 1, expires_in: 1.minute)
+    end
+  end
+
+  def day_risk_control 
+    result = Rails.cache.read("InfoRiskControlService-Day-#{receiver}")
+    if result.present? 
+      if result.to_i > 10
+        @status = 0 
+        @message = "您的请求过于频繁，请稍后再试"
+      else 
+        Rails.cache.write("InfoRiskControlService-Day-#{receiver}", result.to_i + 1)
+      end
+    else 
+      Rails.cache.write("InfoRiskControlService-Day-#{receiver}", 1, expires_in: 1.days)
+    end 
+  end
+
+end