fix login

2023-04-15 15:35:55 +07:00 · 2023-04-15 15:35:55 +07:00 · cd94018a17
parent 3d1c1d7538
commit cd94018a17
5 changed files with 42 additions and 6 deletions
--- a/cache/cache.go
+++ b/cache/cache.go
@ -54,3 +54,14 @@ func GetValueByKey(key string) ([]byte, error) {
 	ctx := context.Background()
 	return c.Get(ctx, key).Bytes()
 }
+
+func GetJSON(key string, result interface{}) bool {
+	v, err := GetValueByKey(key)
+	if err != nil {
+		return false
+	}
+	if err = json.Unmarshal(v, result); err != nil {
+		return false
+	}
+	return true
+}
--- a/cache/key.go
+++ b/cache/key.go
@ -0,0 +1,9 @@
+package cache
+
+const (
+	keyPrefix = "usermngmt_"
+)
+
+const (
+	KeyLoginFailedTimes = keyPrefix + "login_failed_time"
+)
--- a/config/config.go
+++ b/config/config.go
@ -1,5 +1,12 @@
 package config

+import "time"
+
+const (
+	MaximumLoginFailedTime     = 5
+	LoginFailedBlockedDuration = time.Hour
+)
+
 type Configuration struct {
 	EmailIsUnique       bool
 	PhoneNumberIsUnique bool
--- a/internal/error.go
+++ b/internal/error.go
@ -28,5 +28,7 @@ const (

 	// Incorrect

-	ErrorIncorrectPassword = "mật khẩu không chính xác"
+	ErrorIncorrectPassword      = "mật khẩu không chính xác"
+	ErrorInvalidLogin           = "thông tin đăng nhập không đúng"
+	ErrorExceedMaximumLoginFail = "bạn đã đăng nhập sai thông tin quá số lần cho phép"
 )
--- a/user/handle.go
+++ b/user/handle.go
@ -578,16 +578,22 @@ func ChangeAllUsersStatus(roleID, status string) error {
 // LoginWithEmailAndPassword ...
 func LoginWithEmailAndPassword(email, password string) (result model.User, err error) {
 	var (
-		ctx = context.Background()
+		ctx            = context.Background()
+		numOfLoginFail int
 	)
+	k := cache.KeyLoginFailedTimes + email
+	// process block if reach maximum of login failed
+	if ok := cache.GetJSON(k, &numOfLoginFail); ok && numOfLoginFail >= config.MaximumLoginFailedTime {
+		return model.User{}, errors.New(internal.ErrorExceedMaximumLoginFail)
+	}

 	// Validate email, password
 	if email == "" {
-		err = errors.New(internal.ErrorInvalidEmail)
+		err = errors.New(internal.ErrorInvalidLogin)
 		return
 	}
 	if password == "" {
-		err = errors.New(internal.ErrorInvalidPassword)
+		err = errors.New(internal.ErrorInvalidLogin)
 		return
 	}

@ -597,13 +603,14 @@ func LoginWithEmailAndPassword(email, password string) (result model.User, err e
 		"deleted": false,
 	})
 	if user.ID.IsZero() {
-		err = errors.New(internal.ErrorNotFoundUser)
+		err = errors.New(internal.ErrorInvalidLogin)
 		return
 	}

 	// Check Password
 	if !internal.CheckPasswordHash(password, user.HashedPassword) {
-		err = errors.New(internal.ErrorIncorrectPassword)
+		err = errors.New(internal.ErrorInvalidLogin)
+		cache.SetKeyValue(k, numOfLoginFail+1, config.LoginFailedBlockedDuration)
 		return
 	}