From d4d6e46125c3c6a72568231755b263754d28e4f6 Mon Sep 17 00:00:00 2001
From: liangzai <2440983361@qq.com>
Date: Tue, 14 Oct 2025 20:48:17 +0800
Subject: [PATCH] fix

---
 app/main/api/etc/main.yaml                    |  2 +-
 .../internal/logic/query/queryservicelogic.go | 46 ++++++++++++++++++-
 2 files changed, 45 insertions(+), 3 deletions(-)

diff --git a/app/main/api/etc/main.yaml b/app/main/api/etc/main.yaml
index 6f1e6d1..dd63e77 100644
--- a/app/main/api/etc/main.yaml
+++ b/app/main/api/etc/main.yaml
@@ -16,7 +16,7 @@ VerifyCode:
     AccessKeyID: "LTAI5tKGB3TVJbMHSoZN3yr9"
     AccessKeySecret: "OCQ30GWp4yENMjmfOAaagksE18bp65"
     EndpointURL: "dysmsapi.aliyuncs.com"
-    SignName: "全能查"
+    SignName: "天远查"
     TemplateCode: "SMS_302641455"
     ValidTime: 300
 Encrypt:
diff --git a/app/main/api/internal/logic/query/queryservicelogic.go b/app/main/api/internal/logic/query/queryservicelogic.go
index 78ed83d..b7fbee1 100644
--- a/app/main/api/internal/logic/query/queryservicelogic.go
+++ b/app/main/api/internal/logic/query/queryservicelogic.go
@@ -16,6 +16,7 @@ import (
 	"tyc-server/pkg/lzkit/validator"
 
 	"github.com/pkg/errors"
+	"github.com/zeromicro/go-zero/core/stores/redis"
 
 	"tyc-server/app/main/api/internal/svc"
 	"tyc-server/app/main/api/internal/types"
@@ -55,9 +56,50 @@ func (l *QueryServiceLogic) DecryptData(data string) ([]byte, error) {
 
 // 校验验证码
 func (l *QueryServiceLogic) VerifyCode(mobile string, code string) error {
-	if code != "188924" {
-		return errors.Wrapf(xerr.NewErrMsg("验证码不正确"), "验证码不正确")
+	secretKey := l.svcCtx.Config.Encrypt.SecretKey
+	encryptedMobile, err := crypto.EncryptMobile(mobile, secretKey)
+	if err != nil {
+		return errors.Wrapf(xerr.NewErrCode(xerr.SERVER_COMMON_ERROR), "加密手机号失败: %+v", err)
 	}
+	codeRedisKey := fmt.Sprintf("%s:%s", "query", encryptedMobile)
+
+	// 检查验证码错误次数
+	failCountKey := fmt.Sprintf("%s:fail_count:%s", "query", encryptedMobile)
+	failCount, err := l.svcCtx.Redis.Get(failCountKey)
+	if err != nil && !errors.Is(err, redis.Nil) {
+		return errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "读取验证码失败次数失败, mobile: %s, err: %+v", encryptedMobile, err)
+	}
+
+	// 如果失败次数大于等于2次，删除验证码并返回错误
+	if failCount != "" && failCount >= "2" {
+		l.svcCtx.Redis.Del(codeRedisKey)
+		l.svcCtx.Redis.Del(failCountKey)
+		return errors.Wrapf(xerr.NewErrMsg("验证码已过期"), "验证码已过期: %s", encryptedMobile)
+	}
+
+	cacheCode, err := l.svcCtx.Redis.Get(codeRedisKey)
+	if err != nil {
+		if errors.Is(err, redis.Nil) {
+			return errors.Wrapf(xerr.NewErrMsg("验证码已过期"), "验证码过期: %s", encryptedMobile)
+		}
+		return errors.Wrapf(xerr.NewErrCode(xerr.DB_ERROR), "读取验证码redis缓存失败, mobile: %s, err: %+v", encryptedMobile, err)
+	}
+
+	if cacheCode != code {
+		// 验证码错误，增加失败次数
+		newFailCount := 1
+		if failCount != "" {
+			if count, parseErr := strconv.Atoi(failCount); parseErr == nil {
+				newFailCount = count + 1
+			}
+		}
+		l.svcCtx.Redis.SetexCtx(l.ctx, failCountKey, strconv.Itoa(newFailCount), int(10*time.Minute))
+
+		return errors.Wrapf(xerr.NewErrMsg("验证码不正确"), "验证码不正确: %s", encryptedMobile)
+	}
+
+	// 验证码正确，删除失败次数记录
+	l.svcCtx.Redis.Del(failCountKey)
 	return nil
 }