From eabeb705c4ee13791a14f114c1fa2cdb1556c9f2 Mon Sep 17 00:00:00 2001 From: insistence <3055204202@qq.com> Date: Mon, 4 Mar 2024 15:47:13 +0800 Subject: [PATCH] =?UTF-8?q?feat:=20=E8=B4=A6=E5=8F=B7=E5=AF=86=E7=A0=81?= =?UTF-8?q?=E7=99=BB=E5=BD=95=E6=96=B0=E5=A2=9EIP=E9=BB=91=E5=90=8D?= =?UTF-8?q?=E5=8D=95=E6=A0=A1=E9=AA=8C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../module_admin/service/login_service.py | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/ruoyi-fastapi-backend/module_admin/service/login_service.py b/ruoyi-fastapi-backend/module_admin/service/login_service.py index f0ecace..551cc17 100644 --- a/ruoyi-fastapi-backend/module_admin/service/login_service.py +++ b/ruoyi-fastapi-backend/module_admin/service/login_service.py @@ -56,6 +56,7 @@ class LoginService: :param login_user: 登录用户对象 :return: 校验结果 """ + await cls.__check_login_ip(request) account_lock = await request.app.state.redis.get( f"{RedisInitKeyConfig.ACCOUNT_LOCK.get('key')}:{login_user.user_name}") if login_user.user_name == account_lock: @@ -100,6 +101,21 @@ class LoginService: f"{RedisInitKeyConfig.PASSWORD_ERROR_COUNT.get('key')}:{login_user.user_name}") return user + @classmethod + async def __check_login_ip(cls, request: Request): + """ + 校验用户登录ip是否在黑名单内 + :param request: Request对象 + :return: 校验结果 + """ + black_ip_value = await request.app.state.redis.get( + f"{RedisInitKeyConfig.SYS_CONFIG.get('key')}:sys.login.blackIPList") + black_ip_list = black_ip_value.split(',') if black_ip_value else [] + if request.headers.get('X-Forwarded-For') in black_ip_list: + logger.warning("当前IP禁止登录") + raise LoginException(data="", message="当前IP禁止登录") + return True + @classmethod async def __check_login_captcha(cls, request: Request, login_user: UserLogin): """