isSecurity.php 959 B

123456789101112131415161718192021222324252627282930313233343536373839
  1. <?php
  2. namespace App\Http\Middleware;
  3. use Cache;
  4. use Closure;
  5. use Log;
  6. use Response;
  7. class isSecurity {
  8. /**
  9. * 是否需要安全码才访问(仅用于登录页)
  10. *
  11. * @param $request
  12. * @param Closure $next
  13. *
  14. * @return mixed
  15. */
  16. public function handle($request, Closure $next) {
  17. $ip = getClientIP();
  18. $code = $request->securityCode;
  19. $cacheKey = 'SecurityLogin_'.ip2long($ip);
  20. $websiteSecurityCode = sysConfig('website_security_code');
  21. if($websiteSecurityCode && !Cache::has($cacheKey)){
  22. if($code != $websiteSecurityCode){
  23. Log::info("拒绝非安全入口访问(".$ip.")");
  24. return Response::view('auth.error', [
  25. 'message' => trans('error.SecurityError').', '.trans('error.Visit').'<a href="/login?securityCode=" target="_self">'.trans('error.SecurityEnter').'</a>'
  26. ], 403);
  27. }
  28. Cache::put($cacheKey, $ip, 7200); // 2小时之内无需再次输入安全码访问
  29. }
  30. return $next($request);
  31. }
  32. }