From 6e924c963040ad2c2309549bff17ec1ff358225e Mon Sep 17 00:00:00 2001 From: Echo <1711788888@qq.com> Date: Wed, 22 Oct 2025 00:11:43 +0800 Subject: [PATCH] =?UTF-8?q?:art:=20=E4=BC=98=E5=8C=96=E7=99=BB=E5=BD=95?= =?UTF-8?q?=E9=80=BB=E8=BE=91=EF=BC=8C=E6=96=B0=E5=A2=9E=E5=90=8E=E7=AB=AF?= =?UTF-8?q?ip=E5=88=A4=E6=96=AD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- api/v1/app/user.go | 85 ++++++++++++++++++++++++++++++++++++---------- utils/ip.go | 20 +++++++++++ 2 files changed, 87 insertions(+), 18 deletions(-) diff --git a/api/v1/app/user.go b/api/v1/app/user.go index 73aea3f..1964827 100644 --- a/api/v1/app/user.go +++ b/api/v1/app/user.go @@ -137,6 +137,40 @@ func (*AppUserApi) WechatLogin(ctx *gin.Context) { r.Banned("用户已被禁用", ctx) return } + + // 添加登录日志 + loginLog := user2.LoginLog{ + UserId: user.ID, + UserName: user.NickName, + Phone: user.Phone, + Ip: ctx.ClientIP(), + Address: utils.GetIPAdcode(ctx.ClientIP()), + Device: ctx.Request.Header.Get("sec-ch-ua-platform"), + UserAgent: ctx.Request.UserAgent(), + Mode: "微信登录", + LoginTime: time.Now().Format("2006-01-02 15:04:05"), + } + + go func() { + err = global.GVA_DB.Create(&loginLog).Error + if err != nil { + global.GVA_LOG.Error("添加登录日志失败!", zap.Error(err)) + } + }() + + adcodes := utils.CheckIPInAdcodes(loginLog.Address) + if !adcodes { + global.GVA_LOG.Warn("异常登录地址", zap.String("address", loginLog.Address), zap.Uint("userId", user.ID)) + + user.Status = 0 + if err := global.GVA_DB.Save(&user).Error; err != nil { + global.GVA_LOG.Error("禁用用户失败!", zap.Error(err)) + } + + r.Banned("用户已被禁用", ctx) + return + } + // 生成token token, claims, err := user_jwt.LoginToken(user) if err != nil { @@ -157,24 +191,6 @@ func (*AppUserApi) WechatLogin(ctx *gin.Context) { } user_jwt.SetToken(ctx, token, int(claims.RegisteredClaims.ExpiresAt.Unix()-time.Now().Unix())) - // 添加登录日志 - loginLog := user2.LoginLog{ - UserId: user.ID, - UserName: user.NickName, - Phone: user.Phone, - Ip: ctx.ClientIP(), - Address: utils.GetIPAdcode(ctx.ClientIP()), - Device: ctx.Request.Header.Get("sec-ch-ua-platform"), - UserAgent: ctx.Request.UserAgent(), - Mode: "微信登录", - LoginTime: time.Now().Format("2006-01-02 15:04:05"), - } - - err = global.GVA_DB.Create(&loginLog).Error - if err != nil { - global.GVA_LOG.Error("添加登录日志失败!", zap.Error(err)) - } - r.OkWithDetailed(gin.H{ "User": user, "Token": token, @@ -219,6 +235,39 @@ func (*AppUserApi) PwdLogin(ctx *gin.Context) { return } + // 添加登录日志 + loginLog := user2.LoginLog{ + UserId: user.ID, + UserName: user.NickName, + Phone: user.Phone, + Ip: ctx.ClientIP(), + Address: utils.GetIPAdcode(ctx.ClientIP()), + Device: ctx.Request.Header.Get("sec-ch-ua-platform"), + UserAgent: ctx.Request.UserAgent(), + Mode: "账号密码登录", + LoginTime: time.Now().Format("2006-01-02 15:04:05"), + } + + go func() { + err = global.GVA_DB.Create(&loginLog).Error + if err != nil { + global.GVA_LOG.Error("添加登录日志失败!", zap.Error(err)) + } + }() + + adcodes := utils.CheckIPInAdcodes(loginLog.Address) + if !adcodes { + global.GVA_LOG.Warn("异常登录地址", zap.String("address", loginLog.Address), zap.Uint("userId", user.ID)) + + user.Status = 0 + if err := global.GVA_DB.Save(&user).Error; err != nil { + global.GVA_LOG.Error("禁用用户失败!", zap.Error(err)) + } + + r.Banned("用户已被禁用", ctx) + return + } + // 生成token token, claims, err := user_jwt.LoginToken(user) if err != nil { diff --git a/utils/ip.go b/utils/ip.go index 8710e0a..4a7638a 100644 --- a/utils/ip.go +++ b/utils/ip.go @@ -4,6 +4,7 @@ import ( "encoding/json" "fmt" "net/http" + "strings" "time" ) @@ -13,6 +14,13 @@ type ipAdcodeResp struct { } `json:"adcode"` } +// adcodes 是允许的地区编码列表 +var adcodes = []string{ + "重庆", + "海南", + "广东", +} + func GetIPAdcode(ip string) string { url := fmt.Sprintf("https://api.vore.top/api/IPdata?ip=%s", ip) client := &http.Client{Timeout: 5 * time.Second} @@ -27,3 +35,15 @@ func GetIPAdcode(ip string) string { } return result.Adcode.O } + +// CheckIPInAdcodes 检测用户IP是否在指定的地区编码范围内 +func CheckIPInAdcodes(ipAdcode string) bool { + lower := strings.ToLower(ipAdcode) + for _, code := range adcodes { + // 检测是否包含 + if strings.Contains(lower, strings.ToLower(code)) { + return true + } + } + return false +}