【新增】短信功能增加【单IP每日发送量】限制，增加【IP白名单】【IP黑名单】功能，减少可能存在的恶意请求发送申请。

CoreCms.Net.Services/Message/CoreCmsSmsServices.cs

@@ -9,6 +9,8 @@
  ***********************************************************************/
 
 using System;
+using System.Collections.Generic;
+using System.Linq;
 using System.Threading.Tasks;
 using CoreCms.Net.Configuration;
 using CoreCms.Net.IRepository;
@@ -78,8 +80,37 @@ namespace CoreCms.Net.Services
             Random rd = new Random();
             int codeNumber = rd.Next(100000, 999999);
 
-            //获取是否存在
+
             var dt = DateTime.Now;
+
+            //获取当前ip今日的发送记录
+            var ip = _httpContextAccessor.HttpContext?.Connection.RemoteIpAddress != null ? _httpContextAccessor.HttpContext.Connection.RemoteIpAddress.MapToIPv4().ToString() : "127.0.0.1";
+            if (string.IsNullOrEmpty(ip))
+            {
+                jm.msg = "短信发送IP获取失败";
+                return jm;
+            }
+            var black = smsOptions.SmsIpSendBlackList.Split('|').ToList();
+            if (black.Count > 0 && black.Contains(ip))
+            {
+                jm.msg = "此IP被禁止短信业务";
+                return jm;
+            }
+            var white = smsOptions.SmsIpSendWhiteList.Split('|').ToList();
+            if (white.Count <= 0 || !white.Contains(ip))
+            {
+                var startDateTime = new DateTime(DateTime.Now.Year, DateTime.Now.Month, DateTime.Now.Day, 0, 0, 0, DateTimeKind.Utc);
+                var endDateTime = new DateTime(DateTime.Now.Year, DateTime.Now.Month, DateTime.Now.Day, 23, 59, 59, DateTimeKind.Utc);
+
+                var sendCount = await _dal.GetCountAsync(p => p.ip.Equals(ip) && p.createTime > startDateTime && p.createTime < endDateTime);
+                if (smsOptions.SmsIpSendNumber > 0 && sendCount > smsOptions.SmsIpSendNumber)
+                {
+                    jm.msg = "此IP被已超过每日短信发送限额。";
+                    return jm;
+                }
+            }
+
+            //获取是否存在
             var endDt = dt.AddMinutes(10);
 
             var oldLog = await _dal.QueryByClauseAsync(p => p.code == type && p.mobile == mobile && p.createTime > dt && p.createTime < endDt, p => p.id, OrderByType.Desc);
@@ -87,9 +118,9 @@ namespace CoreCms.Net.Services
             {
                 oldLog = new CoreCmsSms();
                 oldLog.code = type;
-                oldLog.createTime = DateTime.Now;
+                oldLog.createTime = dt;
                 oldLog.mobile = mobile;
-                oldLog.ip = _httpContextAccessor.HttpContext?.Connection.RemoteIpAddress != null ? _httpContextAccessor.HttpContext.Connection.RemoteIpAddress.MapToIPv4().ToString() : "127.0.0.1";
+                oldLog.ip = ip;
                 oldLog.isUsed = false;
                 var obj = new
                 {
@@ -206,6 +237,36 @@ namespace CoreCms.Net.Services
                 jm.msg = "短信功能未开启";
                 return jm;
             }
+            var dt = DateTime.Now;
+
+            //获取当前ip今日的发送记录
+            var ip = _httpContextAccessor.HttpContext?.Connection.RemoteIpAddress != null ? _httpContextAccessor.HttpContext.Connection.RemoteIpAddress.MapToIPv4().ToString() : "";
+            if (string.IsNullOrEmpty(ip))
+            {
+                jm.msg = "短信发送IP获取失败";
+                return jm;
+            }
+            var black = smsOptions.SmsIpSendBlackList.Split('|').ToList();
+            if (black.Count > 0 && black.Contains(ip))
+            {
+                jm.msg = "此IP被禁止短信业务";
+                return jm;
+            }
+            var white = smsOptions.SmsIpSendWhiteList.Split('|').ToList();
+            if (white.Count <= 0 || !white.Contains(ip))
+            {
+                var startDateTime = new DateTime(DateTime.Now.Year, DateTime.Now.Month, DateTime.Now.Day, 0, 0, 0,
+                    DateTimeKind.Utc);
+                var endDateTime = new DateTime(DateTime.Now.Year, DateTime.Now.Month, DateTime.Now.Day, 23, 59, 59,
+                    DateTimeKind.Utc);
+
+                var sendCount = await _dal.GetCountAsync(p => p.ip.Equals(ip) && p.createTime > startDateTime && p.createTime < endDateTime);
+                if (smsOptions.SmsIpSendNumber > 0 && sendCount > smsOptions.SmsIpSendNumber)
+                {
+                    jm.msg = "此IP被已超过每日短信发送限额。";
+                    return jm;
+                }
+            }
 
             if (string.IsNullOrEmpty(mobile))
             {
@@ -215,7 +276,6 @@ namespace CoreCms.Net.Services
             var isUsed = false;
             if (code == GlobalEnumVars.SmsMessageTypes.Reg.ToString() || code == GlobalEnumVars.SmsMessageTypes.Login.ToString() || code == GlobalEnumVars.SmsMessageTypes.Veri.ToString())
             {
-                var dt = DateTime.Now;
                 var newCreateTime = DateTime.Now.AddSeconds(-60);
                 var smsInfo = await _dal.QueryByClauseAsync(p =>
                     p.mobile == mobile && p.code == code && p.createTime < newCreateTime && p.isUsed == false);
@@ -227,7 +287,7 @@ namespace CoreCms.Net.Services
                         jm.msg = "两次发送时间间隔小于60秒";
                         return jm;
                     }
-                    parameters = JObject.Parse(smsInfo.parameters); ;
+                    parameters = JObject.Parse(smsInfo.parameters);
                 }
                 else
                 {
@@ -360,8 +420,8 @@ namespace CoreCms.Net.Services
             oldLog.code = code;
             oldLog.parameters = JsonConvert.SerializeObject(parameters);
             oldLog.contentBody = str;
-            oldLog.createTime = DateTime.Now;
-            oldLog.ip = _httpContextAccessor.HttpContext?.Connection.RemoteIpAddress != null ? _httpContextAccessor.HttpContext.Connection.RemoteIpAddress.MapToIPv4().ToString() : "127.0.0.1";
+            oldLog.createTime = dt;
+            oldLog.ip = ip;
             oldLog.isUsed = isUsed;
 
             await _dal.InsertAsync(oldLog);