From 53be6dc1454c8b2f40249bfc01df9e72f5fd5135 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=96=BB=E5=8B=87=E7=A5=A5?= <237899745@qq.com> Date: Thu, 13 Nov 2025 23:22:11 +0800 Subject: [PATCH] =?UTF-8?q?test:=20=E6=B7=BB=E5=8A=A0=E9=98=B2=E7=88=86?= =?UTF-8?q?=E7=A0=B4=E4=BF=9D=E6=8A=A4=E6=B5=8B=E8=AF=95=E8=84=9A=E6=9C=AC?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 使用方法: ./test_rate_limit.sh 功能: - 自动测试登录防爆破保护 - 连续5次错误登录 - 第6次应返回封锁提示 --- test_rate_limit.sh | 47 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) create mode 100644 test_rate_limit.sh diff --git a/test_rate_limit.sh b/test_rate_limit.sh new file mode 100644 index 0000000..ba2db34 --- /dev/null +++ b/test_rate_limit.sh @@ -0,0 +1,47 @@ +#!/bin/bash + +# 防爆破保护测试脚本 + +API_BASE="http://localhost:40001" + +echo "========================================" +echo " 玩玩云防爆破保护测试" +echo "========================================" +echo "" + +# 测试1: 登录限流 +echo "📝 测试1: 登录防爆破保护" +echo "----------------------------------------" +echo "连续5次错误登录,第6次应被封锁..." +echo "" + +for i in {1..6}; do + echo "第 $i 次尝试:" + RESPONSE=$(curl -s -X POST "$API_BASE/api/login" \ + -H "Content-Type: application/json" \ + -d '{"username":"admin","password":"wrongpassword123"}') + + SUCCESS=$(echo $RESPONSE | grep -o '"success":[^,}]*' | cut -d':' -f2) + MESSAGE=$(echo $RESPONSE | grep -o '"message":"[^"]*"' | cut -d'"' -f4) + BLOCKED=$(echo $RESPONSE | grep -o '"blocked":[^,}]*' | cut -d':' -f2) + + if [ "$BLOCKED" == "true" ]; then + echo " ✅ 已被封锁: $MESSAGE" + echo " 状态: SUCCESS=$SUCCESS, BLOCKED=$BLOCKED" + break + else + echo " ❌ 登录失败: $MESSAGE" + fi + echo "" + sleep 1 +done + +echo "" +echo "========================================" +echo "测试完成!" +echo "========================================" +echo "" +echo "💡 提示:" +echo "1. 如果第6次显示'已被封锁',说明防爆破保护正常工作" +echo "2. 封锁时长为30分钟" +echo "3. 可以查看后端日志确认: pm2 logs vue-driven-cloud-storage-backend"