From 8b857f9980ef09efe5af1625077d7780bf68945d Mon Sep 17 00:00:00 2001 From: skiffer-git <44203734@qq.com> Date: Mon, 15 Aug 2022 17:52:45 +0800 Subject: [PATCH] Restrict user login with IP --- cmd/open_im_demo/main.go | 3 + internal/demo/register/ip_limit.go | 74 +++++++++++++++---- .../db/mysql_model/im_mysql_model/ip_model.go | 21 +++++- 3 files changed, 83 insertions(+), 15 deletions(-) diff --git a/cmd/open_im_demo/main.go b/cmd/open_im_demo/main.go index 90d225fa0..b482f6c66 100644 --- a/cmd/open_im_demo/main.go +++ b/cmd/open_im_demo/main.go @@ -45,6 +45,9 @@ func main() { cmsRouterGroup.POST("/generate_invitation_code", register.GenerateInvitationCode) cmsRouterGroup.POST("/query_invitation_code", register.QueryInvitationCode) cmsRouterGroup.POST("/get_invitation_codes", register.GetInvitationCodes) + cmsRouterGroup.POST("/query_user_ip_limit_login", register.QueryUserIPLimitLogin) + cmsRouterGroup.POST("/add_user_ip_limit_login", register.AddUserIPLimitLogin) + cmsRouterGroup.POST("/remove_user_ip_limit_login", register.RemoveUserIPLimitLogin) } defaultPorts := config.Config.Demo.Port ginPort := flag.Int("port", defaultPorts[0], "get ginServerPort from cmd,default 10004 as port") diff --git a/internal/demo/register/ip_limit.go b/internal/demo/register/ip_limit.go index 9e4e42eee..bcd84d489 100644 --- a/internal/demo/register/ip_limit.go +++ b/internal/demo/register/ip_limit.go @@ -101,37 +101,83 @@ func RemoveIPLimit(c *gin.Context) { } -// ===========================================sk 写 +// ===========================================sk ========================== -type QueryUserIDIPLimitReq struct { - UserID string `json:"userID" binding:"required"` +type QueryUserIDIPLimitLoginReq struct { + UserID string `json:"userID" binding:"required"` + OperationID string `json:"operationID" binding:"required"` } -type QueryUserIDIPLimitResp struct { +//type QueryUserIDIPLimitLoginResp struct { +// UserIpLimit []db.UserIpLimit `json:"userIpLimit"` +//} + +func QueryUserIPLimitLogin(c *gin.Context) { + req := QueryUserIDIPLimitLoginReq{} + if err := c.BindJSON(&req); err != nil { + c.JSON(http.StatusBadRequest, gin.H{"errCode": constant.FormattingError, "errMsg": err.Error()}) + return + } + log.NewInfo(req.OperationID, utils.GetSelfFuncName(), "req:", req) + resp, err := imdb.GetIpLimitsLoginByUserID(req.UserID) + if err != nil { + log.NewError(req.OperationID, utils.GetSelfFuncName(), err.Error(), req.UserID) + c.JSON(http.StatusInternalServerError, gin.H{"errCode": constant.ErrDB, "errMsg": "GetIpLimitsByUserID error!"}) + return + } + log.NewInfo(req.OperationID, utils.GetSelfFuncName(), "resp:", resp) + c.JSON(http.StatusOK, gin.H{"errCode": 0, "errMsg": "", "data": resp}) } -func QueryUserIDIPLimit(c *gin.Context) { - +type AddUserIPLimitLoginReq struct { + UserID string `json:"userID" binding:"required"` + OperationID string `json:"operationID" binding:"required"` + IP string `json:"ip"` } -type AddUserIPLimitReq struct { -} - -type AddUserIPLimitResp struct { +type AddUserIPLimitLoginResp struct { } // 添加ip 特定用户才能登录 user_ip_limits 表 -func AddUserIPLimit(c *gin.Context) { - +func AddUserIPLimitLogin(c *gin.Context) { + req := AddUserIPLimitLoginReq{} + if err := c.BindJSON(&req); err != nil { + c.JSON(http.StatusBadRequest, gin.H{"errCode": constant.FormattingError, "errMsg": err.Error()}) + return + } + log.NewInfo(req.OperationID, utils.GetSelfFuncName(), "req:", req) + userIp := db.UserIpLimit{UserID: req.UserID, Ip: req.IP} + err := imdb.InsertUserIpLimitsLogin(&userIp) + if err != nil { + log.NewError(req.OperationID, utils.GetSelfFuncName(), err.Error(), req.UserID) + c.JSON(http.StatusInternalServerError, gin.H{"errCode": constant.ErrDB, "errMsg": "InsertUserIpLimitsLogin error!"}) + return + } + c.JSON(http.StatusOK, gin.H{"errCode": 0, "errMsg": ""}) } type RemoveUserIPLimitReq struct { + UserID string `json:"userID" binding:"required"` + OperationID string `json:"operationID" binding:"required"` + IP string `json:"ip"` } type RemoveUserIPLimitResp struct { } // 删除ip 特定用户才能登录 user_ip_limits 表 -func RemoveUserIPLimit(c *gin.Context) { - +func RemoveUserIPLimitLogin(c *gin.Context) { + req := RemoveUserIPLimitReq{} + if err := c.BindJSON(&req); err != nil { + c.JSON(http.StatusBadRequest, gin.H{"errCode": constant.FormattingError, "errMsg": err.Error()}) + return + } + log.NewInfo(req.OperationID, utils.GetSelfFuncName(), "req:", req) + err := imdb.DeleteUserIpLimitsLogin(req.UserID, req.IP) + if err != nil { + log.NewError(req.OperationID, utils.GetSelfFuncName(), err.Error(), req.UserID) + c.JSON(http.StatusInternalServerError, gin.H{"errCode": constant.ErrDB, "errMsg": "DeleteUserIpLimitsLogin error!"}) + return + } + c.JSON(http.StatusOK, gin.H{"errCode": 0, "errMsg": ""}) } diff --git a/pkg/common/db/mysql_model/im_mysql_model/ip_model.go b/pkg/common/db/mysql_model/im_mysql_model/ip_model.go index e5a09f238..5bb1636f4 100644 --- a/pkg/common/db/mysql_model/im_mysql_model/ip_model.go +++ b/pkg/common/db/mysql_model/im_mysql_model/ip_model.go @@ -1,6 +1,9 @@ package im_mysql_model -import "Open_IM/pkg/common/db" +import ( + "Open_IM/pkg/common/db" + "time" +) func IsLimitRegisterIp(RegisterIp string) (bool, error) { //如果已经存在则限制 @@ -38,3 +41,19 @@ func QueryUserIPLimits(ip string) ([]db.UserIpLimit, error) { func InsertOneIntoIpLimits(ipLimits db.IpLimit) error { return db.DB.MysqlDB.DefaultGormDB().Model(&db.IpLimit{}).Create(ipLimits).Error } + +func GetIpLimitsLoginByUserID(userID string) ([]db.UserIpLimit, error) { + var ips []db.UserIpLimit + err := db.DB.MysqlDB.DefaultGormDB().Model(&db.UserIpLimit{}).Where("user_id=?", userID).Take(&ips).Error + return ips, err +} + +func InsertUserIpLimitsLogin(userIp *db.UserIpLimit) error { + userIp.CreateTime = time.Now() + return db.DB.MysqlDB.DefaultGormDB().Model(&db.UserIpLimit{}).Create(userIp).Error +} + +func DeleteUserIpLimitsLogin(userID, ip string) error { + userIp := db.UserIpLimit{UserID: userID, Ip: ip} + return db.DB.MysqlDB.DefaultGormDB().Model(&db.UserIpLimit{}).Delete(&userIp).Error +}