diff --git a/config/config.go b/config/config.go index ddcd475..b988d93 100755 --- a/config/config.go +++ b/config/config.go @@ -207,7 +207,7 @@ func (conf *Config) ResetPassword(newPassword string) { func (conf *Config) CheckPassword(newPassword string) (hashedPwd string, err error) { var minEntropyBits float64 = 30 if conf.NotAllowWanAccess { - minEntropyBits = 20 + minEntropyBits = 25 } err = passwordvalidator.Validate(newPassword, minEntropyBits) if err != nil { diff --git a/go.mod b/go.mod index ff3c95a..311d48b 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/jeessy2/ddns-go/v6 -go 1.23.6 +go 1.23.12 require ( github.com/kardianos/service v1.2.4 diff --git a/util/messages.go b/util/messages.go index 984f7fc..0bd80e0 100644 --- a/util/messages.go +++ b/util/messages.go @@ -110,7 +110,7 @@ func init() { message.SetString(language.English, "%q 帐号密码不正确", "%q username or password is incorrect") message.SetString(language.English, "%q 登录成功", "%q login successfully") message.SetString(language.English, "用户名或密码错误", "Username or password is incorrect") - message.SetString(language.English, "登录失败次数过多,请等待 %d 分钟后再试", "Too many login failures, please try again after %d minutes") + message.SetString(language.English, "登录失败次数过多,请稍后再试", "Too many login failures, please try again later") message.SetString(language.English, "用户名 %s 的密码已重置成功! 请重启ddns-go", "The password of username %s has been reset successfully! Please restart ddns-go") message.SetString(language.English, "需在 %s 之前完成用户名密码设置,请重启ddns-go", "Need to complete the username and password setting before %s, please restart ddns-go") message.SetString(language.English, "配置文件 %s 不存在, 可通过-c指定配置文件", "Config file %s does not exist, you can specify the configuration file through -c") diff --git a/web/login.go b/web/login.go index 3e28e55..84bb561 100755 --- a/web/login.go +++ b/web/login.go @@ -17,7 +17,7 @@ import ( var loginEmbedFile embed.FS // CookieName cookie name -var cookieName = "token" +const cookieName = "token" // CookieInSystem only one cookie var cookieInSystem = &http.Cookie{} @@ -26,7 +26,10 @@ var cookieInSystem = &http.Cookie{} var startTime = time.Now() // 保存限制时间 -var saveLimit = time.Duration(30 * time.Minute) +const saveLimit = time.Duration(30) * time.Minute + +// 登录失败锁定时间 +const loginFailLockDuration = time.Duration(30) * time.Minute // 登录检测 type loginDetect struct { @@ -64,8 +67,8 @@ func LoginFunc(w http.ResponseWriter, r *http.Request) { util.InitLogLang(accept) if ld.failedTimes >= 5 { - lockMinute := loginUnlock() - returnError(w, util.LogStr("登录失败次数过多,请等待 %d 分钟后再试", lockMinute)) + loginUnlock() + returnError(w, util.LogStr("登录失败次数过多,请稍后再试")) return } @@ -147,14 +150,10 @@ func LoginFunc(w http.ResponseWriter, r *http.Request) { returnError(w, util.LogStr("用户名或密码错误")) } -// loginUnlock login unlock, return minute -func loginUnlock() (minute uint32) { +// loginUnlock login unlock, reset failed login attempts +func loginUnlock() { ld.failedTimes = ld.failedTimes + 1 - x := ld.failedTimes - if x > 1440 { - x = 1440 // 最多等待一天 - } - ld.ticker.Reset(time.Duration(x) * time.Minute) + ld.ticker.Reset(loginFailLockDuration) go func(ticker *time.Ticker) { for range ticker.C { @@ -163,5 +162,4 @@ func loginUnlock() (minute uint32) { } }(ld.ticker) - return x }