wip:短信验证发送

common/src/qfw/util/jy/jy.go

@@ -1,9 +1,12 @@
 package jy
 
 import (
+	"app.yhyue.com/moapp/jybase/mysql"
+	"app.yhyue.com/moapp/jybase/sms"
 	"encoding/json"
 	"fmt"
 	"log"
+	"net/http"
 	"regexp"
 	"sort"
 	"strings"
@@ -17,7 +20,6 @@ import (
 	. "app.yhyue.com/moapp/jybase/mongodb"
 	"app.yhyue.com/moapp/jybase/redis"
 	qrpc "app.yhyue.com/moapp/jybase/rpc"
-	"app.yhyue.com/moapp/jybase/sms"
 	. "app.yhyue.com/moapp/jypkg/middleground"
 	"bp.jydev.jianyu360.cn/BaseService/userCenter/rpc/pb"
 )
@@ -133,13 +135,107 @@ func SendMailIdentCode(to, code string, auth []*mail.GmailAuth) bool {
 	return false
 }
 
-func SendSMS(address, mobile string, params ...string) {
+type smsStrategy struct {
+	Day  string
+	Num  int
+	Date int64
+}
+
+var (
+	smsStrategys = []smsStrategy{
+		{
+			"1",
+			5,
+			24 * 60 * 60,
+		},
+		{
+			"7",
+			7,
+			7 * 24 * 60 * 60,
+		},
+		{
+			"15",
+			10,
+			15 * 24 * 60 * 60,
+		},
+	}
+	smsExistKey  = "sms_exist_%s"
+	smsIpKey     = "sms_ip_%s_%s"
+	smsPhoneKey  = "sms_phone_%s_%s"
+	smsCacheCode = "other"
+)
+
+func SmsStrategy(keys ...string) (abnormalKey []string) {
+	for _, key := range keys {
+		for _, s := range smsStrategys {
+			cacheKey := fmt.Sprintf(key, s.Day)
+			num := redis.GetInt(smsCacheCode, cacheKey)
+			ttl := redis.GetTTL(smsCacheCode, cacheKey)
+			if num > s.Num {
+				abnormalKey = append(abnormalKey, cacheKey)
+			}
+			if num == 0 || ttl <= 0 {
+				ttl = s.Date
+			}
+			num++
+			redis.Put(smsCacheCode, cacheKey, num, int(ttl))
+		}
+	}
+	return
+}
+func SendSMS(r *http.Request, BaseMysql *mysql.Mysql, address, mobile string, params ...string) (msg string) {
+	//异常手机号及ip拦截策略
+	ip := util.GetIp(r)
+	if strings.Contains(ip, ",") {
+		ip = strings.Split(ip, ",")[0]
+	}
+	if aks := SmsStrategy(fmt.Sprintf(smsIpKey, "%s", ip), fmt.Sprintf(smsPhoneKey, "%s", mobile)); len(aks) > 0 {
+		go func(aks []string, ip, mobile string) {
+			var (
+				ipState, phoneState int
+				now                 = time.Now()
+				ipE, _              = redis.Exists(smsCacheCode, fmt.Sprintf(smsExistKey, ip))
+				phoneE, _           = redis.Exists(smsCacheCode, fmt.Sprintf(smsExistKey, mobile))
+			)
+			for _, v := range aks {
+				if strings.Contains(v, "sms_ip") {
+					ipState = 1
+					redis.Put(smsCacheCode, fmt.Sprintf(smsExistKey, ip), 1, 30*24*60*60)
+				}
+				if strings.Contains(v, "sms_phone") {
+					phoneState = 1
+					redis.Put(smsCacheCode, fmt.Sprintf(smsExistKey, mobile), 1, 30*24*60*60)
+				}
+			}
+			if !ipE {
+				if id := BaseMysql.Insert("useranaly.sms_black_ip", map[string]interface{}{
+					"ip":       ip,
+					"ip_state": ipState,
+					"date":     FormatDate(&now, Date_Full_Layout),
+				}); id <= 0 {
+					log.Println("sms_black_phone 信息保存异常：", mobile, ip)
+				}
+			}
+			if !phoneE {
+				if id := BaseMysql.Insert("useranaly.sms_black_phone", map[string]interface{}{
+					"phone":       mobile,
+					"phone_state": phoneState,
+					"date":        FormatDate(&now, Date_Full_Layout),
+				}); id <= 0 {
+					log.Println("sms_black_phone 信息保存异常：", mobile, ip)
+				}
+			}
+		}(aks, ip, mobile)
+		msg = "当前用户发送短信验证次数超过最大限制"
+		return
+	}
 	sms.SendSms(address, "01", mobile, params...)
+	return
 }
 
 // 发送验证码
 // 增加sessionKey字段 更换手机号防止绕过身份校验
-func SendPhoneIdentCode(address, phone string, session *httpsession.Session, sessionKey ...string) bool {
+func SendPhoneIdentCode(r *http.Request, baseMysql *mysql.Mysql, address, phone string, session *httpsession.Session, sessionKey ...string) bool {
 	sessionKeyFlag := defaultPhoneFlag
 	if len(sessionKey) > 0 && sessionKey[0] != "" {
 		sessionKeyFlag = sessionKey[0]
@@ -157,7 +253,10 @@ func SendPhoneIdentCode(address, phone string, session *httpsession.Session, ses
 	session.Set(fmt.Sprintf("%sTime", sessionKeyFlag), time.Now().Unix())
 	//发送短信
 	log.Println("短信验证码", phone, s_ranNum)
-	SendSMS(address, phone, s_ranNum)
+	if msg := SendSMS(r, baseMysql, address, phone, s_ranNum); msg != "" {
+		log.Println("短信发异常：", phone, "-----", msg)
+		return false
+	}
 	return true
 }