登录限制密码错误次数

application/common/library/Auth.php

@@ -6,6 +6,7 @@ use app\common\model\User;
 use app\common\model\UserRule;
 use fast\Random;
 use think\Config;
+use think\Cookie;
 use think\Db;
 use think\Exception;
 use think\Hook;
@@ -207,8 +208,16 @@ class Auth
             $this->setError('Account is locked');
             return false;
         }
+        $loginError = Cookie::get($account);
+        print_r($loginError);
+        if ($loginError && $loginError>=5) {
+            $this->setError(__('登录错误次数过多，请5分钟后再登录'));;
+            return false;
+        }
         if ($user->password != $this->getEncryptPassword($password, $user->salt)) {
-            $this->setError('Password is incorrect');
+            $loginError = $loginError?$loginError+1:1;
+            Cookie::set($account,$loginError,60*5);
+            $this->setError("登录错误".$loginError."次，5次后将被限制登录5分钟");
             return false;
         }