评论限流

src/Masuit.MyBlogs.Core/Controllers/CommentController.cs

@@ -1,4 +1,5 @@
-using Hangfire;
+using CacheManager.Core;
+using Hangfire;
 using Masuit.MyBlogs.Core.Common;
 using Masuit.MyBlogs.Core.Extensions;
 using Masuit.MyBlogs.Core.Infrastructure.Services.Interface;
@@ -36,6 +37,7 @@ namespace Masuit.MyBlogs.Core.Controllers
         public IPostService PostService { get; set; }
         public IInternalMessageService MessageService { get; set; }
         public IWebHostEnvironment HostEnvironment { get; set; }
+        public ICacheManager<int> CommentFeq { get; set; }
 
         /// <summary>
         /// 发表评论
@@ -45,7 +47,7 @@ namespace Masuit.MyBlogs.Core.Controllers
         [HttpPost, ValidateAntiForgeryToken]
         public async Task<ActionResult> Submit(CommentCommand dto)
         {
-            var match = Regex.Match(dto.NickName + dto.Content, CommonHelper.BanRegex);
+            var match = Regex.Match(dto.NickName + dto.Content.RemoveHtmlTag(), CommonHelper.BanRegex);
             if (match.Success)
             {
                 LogManager.Info($"提交内容：{dto.NickName}/{dto.Content}，敏感词：{match.Value}");
@@ -59,9 +61,10 @@ namespace Masuit.MyBlogs.Core.Controllers
             }
 
             dto.Content = dto.Content.Trim().Replace("<p><br></p>", string.Empty);
-            if (dto.Content.RemoveHtmlTag().Trim().Equals(HttpContext.Session.Get<string>("comment" + dto.PostId)))
+            if (CommentFeq.GetOrAdd("Comments:" + ClientIP, 1) > 2)
             {
-                return ResultData(null, false, "您刚才已经在这篇文章发表过一次评论了，换一篇文章吧，或者换一下评论内容吧！");
+                CommentFeq.Expire("Comments:" + ClientIP, TimeSpan.FromMinutes(1));
+                return ResultData(null, false, "您的发言频率过快，请稍后再发表吧！");
             }
 
             var comment = dto.Mapper<Comment>();
@@ -93,7 +96,8 @@ namespace Masuit.MyBlogs.Core.Controllers
                 return ResultData(null, false, "评论失败");
             }
 
-            HttpContext.Session.Set("comment" + comment.PostId, comment.Content.RemoveHtmlTag().Trim());
+            CommentFeq.AddOrUpdate("Comments:" + ClientIP, 1, i => i + 1, 5);
+            CommentFeq.Expire("Comments:" + ClientIP, TimeSpan.FromMinutes(1));
             var emails = new HashSet<string>();
             var email = CommonHelper.SystemSettings["ReceiveEmail"]; //站长邮箱
             emails.Add(email);

src/Masuit.MyBlogs.Core/Controllers/MsgController.cs

@@ -1,4 +1,5 @@
-using Hangfire;
+using CacheManager.Core;
+using Hangfire;
 using Masuit.MyBlogs.Core.Common;
 using Masuit.MyBlogs.Core.Extensions;
 using Masuit.MyBlogs.Core.Infrastructure.Services.Interface;
@@ -41,6 +42,8 @@ namespace Masuit.MyBlogs.Core.Controllers
 
         public IWebHostEnvironment HostEnvironment { get; set; }
 
+        public ICacheManager<int> MsgFeq { get; set; }
+
         /// <summary>
         /// 留言板
         /// </summary>
@@ -119,7 +122,7 @@ namespace Masuit.MyBlogs.Core.Controllers
         [HttpPost, ValidateAntiForgeryToken]
         public async Task<ActionResult> Submit(LeaveMessageCommand dto)
         {
-            var match = Regex.Match(dto.NickName + dto.Content, CommonHelper.BanRegex);
+            var match = Regex.Match(dto.NickName + dto.Content.RemoveHtmlTag(), CommonHelper.BanRegex);
             if (match.Success)
             {
                 LogManager.Info($"提交内容：{dto.NickName}/{dto.Content}，敏感词：{match.Value}");
@@ -127,9 +130,10 @@ namespace Masuit.MyBlogs.Core.Controllers
             }
 
             dto.Content = dto.Content.Trim().Replace("<p><br></p>", string.Empty);
-            if (dto.Content.RemoveHtmlTag().Trim().Equals(HttpContext.Session.Get<string>("msg")))
+            if (MsgFeq.GetOrAdd("Comments:" + ClientIP, 1) > 2)
             {
-                return ResultData(null, false, "您刚才已经发表过一次留言了！");
+                MsgFeq.Expire("Comments:" + ClientIP, TimeSpan.FromMinutes(1));
+                return ResultData(null, false, "您的发言频率过快，请稍后再发表吧！");
             }
 
             var msg = dto.Mapper<LeaveMessage>();
@@ -162,7 +166,8 @@ namespace Masuit.MyBlogs.Core.Controllers
                 return ResultData(null, false, "留言发表失败！");
             }
 
-            HttpContext.Session.Set("msg", msg.Content.RemoveHtmlTag().Trim());
+            MsgFeq.AddOrUpdate("Comments:" + ClientIP, 1, i => i + 1, 5);
+            MsgFeq.Expire("Comments:" + ClientIP, TimeSpan.FromMinutes(1));
             var email = CommonHelper.SystemSettings["ReceiveEmail"];
             var content = new Template(await System.IO.File.ReadAllTextAsync(HostEnvironment.WebRootPath + "/template/notify.html")).Set("title", "网站留言板").Set("time", DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss")).Set("nickname", msg.NickName).Set("content", msg.Content);
             if (msg.Status == Status.Published)

src/Masuit.MyBlogs.Core/Controllers/ToolsController.cs

@@ -5,7 +5,6 @@ using Masuit.Tools.Models;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
 using Newtonsoft.Json;
-using System;
 using System.Collections.Generic;
 using System.Net.Http;
 using System.Threading.Tasks;
@@ -33,10 +32,7 @@ namespace Masuit.MyBlogs.Core.Controllers
         /// </summary>
         /// <param name="ip"></param>
         /// <returns></returns>
-        [Route("ip/{ip?}"), ResponseCache(Duration = 600, VaryByQueryKeys = new[]
-        {
-            "ip"
-        }, VaryByHeader = "Cookie")]
+        [Route("ip/{ip?}"), ResponseCache(Duration = 600, VaryByQueryKeys = new[] { "ip" }, VaryByHeader = "Cookie")]
         public async Task<ActionResult> GetIpInfo(string ip)
         {
             if (string.IsNullOrEmpty(ip))
@@ -80,11 +76,7 @@ namespace Masuit.MyBlogs.Core.Controllers
         /// <param name="lat"></param>
         /// <param name="lng"></param>
         /// <returns></returns>
-        [HttpGet("pos"), ResponseCache(Duration = 600, VaryByQueryKeys = new[]
-        {
-            "lat",
-            "lng"
-        }, VaryByHeader = "Cookie")]
+        [HttpGet("pos"), ResponseCache(Duration = 600, VaryByQueryKeys = new[] { "lat", "lng" }, VaryByHeader = "Cookie")]
         public async Task<ActionResult> Position(string lat, string lng)
         {
             if (string.IsNullOrEmpty(lat) || string.IsNullOrEmpty(lng))
@@ -108,10 +100,7 @@ namespace Masuit.MyBlogs.Core.Controllers
         /// </summary>
         /// <param name="addr"></param>
         /// <returns></returns>
-        [Route("addr"), ResponseCache(Duration = 600, VaryByQueryKeys = new[]
-        {
-            "addr"
-        }, VaryByHeader = "Cookie")]
+        [Route("addr"), ResponseCache(Duration = 600, VaryByQueryKeys = new[] { "addr" }, VaryByHeader = "Cookie")]
         public async Task<ActionResult> Address(string addr)
         {
             if (string.IsNullOrEmpty(addr))