Update

app/Http/Controllers/AuthController.php

@@ -33,12 +33,12 @@ class AuthController extends Controller
         $cacheKey = "admin_user_ban:{$username}";
 
         if (! Hash::check($request->input('password'), (string) $user?->password)) {
-            if ($user) {
-                $this->cache->add($cacheKey, 0, 86400);
+            $this->cache->add($cacheKey, 0, 86400);
 
-                $hits = $this->cache->increment($cacheKey, 1);
+            $hits = $this->cache->increment($cacheKey, 1);
 
-                if ($hits >= 3) {
+            if ($hits >= 3) {
+                if ($user) {
                     // 锁定账号
                     $user->update([
                         'banned_reason' => '24小时内密码连续错误3次',
@@ -48,7 +48,12 @@ class AuthController extends Controller
                     // 清空登录失败尝试次数
                     $this->cache->forget($cacheKey);
                 }
+
+                if ($hits > 3) {
+                    return $this->error('账号已封禁，请联系管理员');
+                }
             }
+
             return $this->error('用户名或密码错误');
         }