long-agent/user-system
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: P0-02 prevent login attempt counter race condition

Browse Source 
Add atomic Increment method to cache layers:
- L2Cache interface: add Increment method signature
- RedisCache: implement using Redis INCRBY
- L1Cache: implement with mutex-protected counter
- CacheManager: add Increment that updates both L1 and L2

Update incrementFailAttempts to use atomic Increment instead
of Get-Increment-Set pattern, preventing TOCTOU race.
This commit is contained in:
long-agent
2026-04-18 13:45:09 +08:00
parent 32a3d4c9e0
commit ca7ba5ccdf
4 changed files with 84 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
internal/cache/cache_manager.go vendored
View File

@@ -106,3 +106,16 @@ func (cm *CacheManager) GetL1() *L1Cache {
func (cm *CacheManager) GetL2() L2Cache {
return cm.l2
}
// Increment 原子递增同时更新L1和L2
func (cm *CacheManager) Increment(ctx context.Context, key string, delta int64, ttl time.Duration) (int64, error) {
// 先更新L1
cm.l1.Increment(key, delta, ttl)
// 再更新L2
if cm.l2 != nil {
return cm.l2.Increment(ctx, key, delta, ttl)
}
return cm.l1.Increment(key, 0, 0), nil
}