🎨 优化登录逻辑，新增后端ip判断

api/v1/app/user.go

@@ -137,6 +137,40 @@ func (*AppUserApi) WechatLogin(ctx *gin.Context) {
 		r.Banned("用户已被禁用", ctx)
 		return
 	}
+
+	// 添加登录日志
+	loginLog := user2.LoginLog{
+		UserId:    user.ID,
+		UserName:  user.NickName,
+		Phone:     user.Phone,
+		Ip:        ctx.ClientIP(),
+		Address:   utils.GetIPAdcode(ctx.ClientIP()),
+		Device:    ctx.Request.Header.Get("sec-ch-ua-platform"),
+		UserAgent: ctx.Request.UserAgent(),
+		Mode:      "微信登录",
+		LoginTime: time.Now().Format("2006-01-02 15:04:05"),
+	}
+
+	go func() {
+		err = global.GVA_DB.Create(&loginLog).Error
+		if err != nil {
+			global.GVA_LOG.Error("添加登录日志失败!", zap.Error(err))
+		}
+	}()
+
+	adcodes := utils.CheckIPInAdcodes(loginLog.Address)
+	if !adcodes {
+		global.GVA_LOG.Warn("异常登录地址", zap.String("address", loginLog.Address), zap.Uint("userId", user.ID))
+
+		user.Status = 0
+		if err := global.GVA_DB.Save(&user).Error; err != nil {
+			global.GVA_LOG.Error("禁用用户失败!", zap.Error(err))
+		}
+
+		r.Banned("用户已被禁用", ctx)
+		return
+	}
+
 	// 生成token
 	token, claims, err := user_jwt.LoginToken(user)
 	if err != nil {
@@ -157,24 +191,6 @@ func (*AppUserApi) WechatLogin(ctx *gin.Context) {
 	}
 	user_jwt.SetToken(ctx, token, int(claims.RegisteredClaims.ExpiresAt.Unix()-time.Now().Unix()))
 
-	// 添加登录日志
-	loginLog := user2.LoginLog{
-		UserId:    user.ID,
-		UserName:  user.NickName,
-		Phone:     user.Phone,
-		Ip:        ctx.ClientIP(),
-		Address:   utils.GetIPAdcode(ctx.ClientIP()),
-		Device:    ctx.Request.Header.Get("sec-ch-ua-platform"),
-		UserAgent: ctx.Request.UserAgent(),
-		Mode:      "微信登录",
-		LoginTime: time.Now().Format("2006-01-02 15:04:05"),
-	}
-
-	err = global.GVA_DB.Create(&loginLog).Error
-	if err != nil {
-		global.GVA_LOG.Error("添加登录日志失败!", zap.Error(err))
-	}
-
 	r.OkWithDetailed(gin.H{
 		"User":      user,
 		"Token":     token,
@@ -219,6 +235,39 @@ func (*AppUserApi) PwdLogin(ctx *gin.Context) {
 		return
 	}
 
+	// 添加登录日志
+	loginLog := user2.LoginLog{
+		UserId:    user.ID,
+		UserName:  user.NickName,
+		Phone:     user.Phone,
+		Ip:        ctx.ClientIP(),
+		Address:   utils.GetIPAdcode(ctx.ClientIP()),
+		Device:    ctx.Request.Header.Get("sec-ch-ua-platform"),
+		UserAgent: ctx.Request.UserAgent(),
+		Mode:      "账号密码登录",
+		LoginTime: time.Now().Format("2006-01-02 15:04:05"),
+	}
+
+	go func() {
+		err = global.GVA_DB.Create(&loginLog).Error
+		if err != nil {
+			global.GVA_LOG.Error("添加登录日志失败!", zap.Error(err))
+		}
+	}()
+
+	adcodes := utils.CheckIPInAdcodes(loginLog.Address)
+	if !adcodes {
+		global.GVA_LOG.Warn("异常登录地址", zap.String("address", loginLog.Address), zap.Uint("userId", user.ID))
+
+		user.Status = 0
+		if err := global.GVA_DB.Save(&user).Error; err != nil {
+			global.GVA_LOG.Error("禁用用户失败!", zap.Error(err))
+		}
+
+		r.Banned("用户已被禁用", ctx)
+		return
+	}
+
 	// 生成token
 	token, claims, err := user_jwt.LoginToken(user)
 	if err != nil {

utils/ip.go

@@ -4,6 +4,7 @@ import (
 	"encoding/json"
 	"fmt"
 	"net/http"
+	"strings"
 	"time"
 )
 
@@ -13,6 +14,13 @@ type ipAdcodeResp struct {
 	} `json:"adcode"`
 }
 
+// adcodes 是允许的地区编码列表
+var adcodes = []string{
+	"重庆",
+	"海南",
+	"广东",
+}
+
 func GetIPAdcode(ip string) string {
 	url := fmt.Sprintf("https://api.vore.top/api/IPdata?ip=%s", ip)
 	client := &http.Client{Timeout: 5 * time.Second}
@@ -27,3 +35,15 @@ func GetIPAdcode(ip string) string {
 	}
 	return result.Adcode.O
 }
+
+// CheckIPInAdcodes 检测用户IP是否在指定的地区编码范围内
+func CheckIPInAdcodes(ipAdcode string) bool {
+	lower := strings.ToLower(ipAdcode)
+	for _, code := range adcodes {
+		// 检测是否包含
+		if strings.Contains(lower, strings.ToLower(code)) {
+			return true
+		}
+	}
+	return false
+}