From 8b857f9980ef09efe5af1625077d7780bf68945d Mon Sep 17 00:00:00 2001 From: skiffer-git <44203734@qq.com> Date: Mon, 15 Aug 2022 17:52:45 +0800 Subject: [PATCH 1/3] Restrict user login with IP --- cmd/open_im_demo/main.go | 3 + internal/demo/register/ip_limit.go | 74 +++++++++++++++---- .../db/mysql_model/im_mysql_model/ip_model.go | 21 +++++- 3 files changed, 83 insertions(+), 15 deletions(-) diff --git a/cmd/open_im_demo/main.go b/cmd/open_im_demo/main.go index 90d225fa0..b482f6c66 100644 --- a/cmd/open_im_demo/main.go +++ b/cmd/open_im_demo/main.go @@ -45,6 +45,9 @@ func main() { cmsRouterGroup.POST("/generate_invitation_code", register.GenerateInvitationCode) cmsRouterGroup.POST("/query_invitation_code", register.QueryInvitationCode) cmsRouterGroup.POST("/get_invitation_codes", register.GetInvitationCodes) + cmsRouterGroup.POST("/query_user_ip_limit_login", register.QueryUserIPLimitLogin) + cmsRouterGroup.POST("/add_user_ip_limit_login", register.AddUserIPLimitLogin) + cmsRouterGroup.POST("/remove_user_ip_limit_login", register.RemoveUserIPLimitLogin) } defaultPorts := config.Config.Demo.Port ginPort := flag.Int("port", defaultPorts[0], "get ginServerPort from cmd,default 10004 as port") diff --git a/internal/demo/register/ip_limit.go b/internal/demo/register/ip_limit.go index 9e4e42eee..bcd84d489 100644 --- a/internal/demo/register/ip_limit.go +++ b/internal/demo/register/ip_limit.go @@ -101,37 +101,83 @@ func RemoveIPLimit(c *gin.Context) { } -// ===========================================sk 写 +// ===========================================sk ========================== -type QueryUserIDIPLimitReq struct { - UserID string `json:"userID" binding:"required"` +type QueryUserIDIPLimitLoginReq struct { + UserID string `json:"userID" binding:"required"` + OperationID string `json:"operationID" binding:"required"` } -type QueryUserIDIPLimitResp struct { +//type QueryUserIDIPLimitLoginResp struct { +// UserIpLimit []db.UserIpLimit `json:"userIpLimit"` +//} + +func QueryUserIPLimitLogin(c *gin.Context) { + req := QueryUserIDIPLimitLoginReq{} + if err := c.BindJSON(&req); err != nil { + c.JSON(http.StatusBadRequest, gin.H{"errCode": constant.FormattingError, "errMsg": err.Error()}) + return + } + log.NewInfo(req.OperationID, utils.GetSelfFuncName(), "req:", req) + resp, err := imdb.GetIpLimitsLoginByUserID(req.UserID) + if err != nil { + log.NewError(req.OperationID, utils.GetSelfFuncName(), err.Error(), req.UserID) + c.JSON(http.StatusInternalServerError, gin.H{"errCode": constant.ErrDB, "errMsg": "GetIpLimitsByUserID error!"}) + return + } + log.NewInfo(req.OperationID, utils.GetSelfFuncName(), "resp:", resp) + c.JSON(http.StatusOK, gin.H{"errCode": 0, "errMsg": "", "data": resp}) } -func QueryUserIDIPLimit(c *gin.Context) { - +type AddUserIPLimitLoginReq struct { + UserID string `json:"userID" binding:"required"` + OperationID string `json:"operationID" binding:"required"` + IP string `json:"ip"` } -type AddUserIPLimitReq struct { -} - -type AddUserIPLimitResp struct { +type AddUserIPLimitLoginResp struct { } // 添加ip 特定用户才能登录 user_ip_limits 表 -func AddUserIPLimit(c *gin.Context) { - +func AddUserIPLimitLogin(c *gin.Context) { + req := AddUserIPLimitLoginReq{} + if err := c.BindJSON(&req); err != nil { + c.JSON(http.StatusBadRequest, gin.H{"errCode": constant.FormattingError, "errMsg": err.Error()}) + return + } + log.NewInfo(req.OperationID, utils.GetSelfFuncName(), "req:", req) + userIp := db.UserIpLimit{UserID: req.UserID, Ip: req.IP} + err := imdb.InsertUserIpLimitsLogin(&userIp) + if err != nil { + log.NewError(req.OperationID, utils.GetSelfFuncName(), err.Error(), req.UserID) + c.JSON(http.StatusInternalServerError, gin.H{"errCode": constant.ErrDB, "errMsg": "InsertUserIpLimitsLogin error!"}) + return + } + c.JSON(http.StatusOK, gin.H{"errCode": 0, "errMsg": ""}) } type RemoveUserIPLimitReq struct { + UserID string `json:"userID" binding:"required"` + OperationID string `json:"operationID" binding:"required"` + IP string `json:"ip"` } type RemoveUserIPLimitResp struct { } // 删除ip 特定用户才能登录 user_ip_limits 表 -func RemoveUserIPLimit(c *gin.Context) { - +func RemoveUserIPLimitLogin(c *gin.Context) { + req := RemoveUserIPLimitReq{} + if err := c.BindJSON(&req); err != nil { + c.JSON(http.StatusBadRequest, gin.H{"errCode": constant.FormattingError, "errMsg": err.Error()}) + return + } + log.NewInfo(req.OperationID, utils.GetSelfFuncName(), "req:", req) + err := imdb.DeleteUserIpLimitsLogin(req.UserID, req.IP) + if err != nil { + log.NewError(req.OperationID, utils.GetSelfFuncName(), err.Error(), req.UserID) + c.JSON(http.StatusInternalServerError, gin.H{"errCode": constant.ErrDB, "errMsg": "DeleteUserIpLimitsLogin error!"}) + return + } + c.JSON(http.StatusOK, gin.H{"errCode": 0, "errMsg": ""}) } diff --git a/pkg/common/db/mysql_model/im_mysql_model/ip_model.go b/pkg/common/db/mysql_model/im_mysql_model/ip_model.go index e5a09f238..5bb1636f4 100644 --- a/pkg/common/db/mysql_model/im_mysql_model/ip_model.go +++ b/pkg/common/db/mysql_model/im_mysql_model/ip_model.go @@ -1,6 +1,9 @@ package im_mysql_model -import "Open_IM/pkg/common/db" +import ( + "Open_IM/pkg/common/db" + "time" +) func IsLimitRegisterIp(RegisterIp string) (bool, error) { //如果已经存在则限制 @@ -38,3 +41,19 @@ func QueryUserIPLimits(ip string) ([]db.UserIpLimit, error) { func InsertOneIntoIpLimits(ipLimits db.IpLimit) error { return db.DB.MysqlDB.DefaultGormDB().Model(&db.IpLimit{}).Create(ipLimits).Error } + +func GetIpLimitsLoginByUserID(userID string) ([]db.UserIpLimit, error) { + var ips []db.UserIpLimit + err := db.DB.MysqlDB.DefaultGormDB().Model(&db.UserIpLimit{}).Where("user_id=?", userID).Take(&ips).Error + return ips, err +} + +func InsertUserIpLimitsLogin(userIp *db.UserIpLimit) error { + userIp.CreateTime = time.Now() + return db.DB.MysqlDB.DefaultGormDB().Model(&db.UserIpLimit{}).Create(userIp).Error +} + +func DeleteUserIpLimitsLogin(userID, ip string) error { + userIp := db.UserIpLimit{UserID: userID, Ip: ip} + return db.DB.MysqlDB.DefaultGormDB().Model(&db.UserIpLimit{}).Delete(&userIp).Error +} From 24e7076423fcff0134ab346bff5d328d4a5284e5 Mon Sep 17 00:00:00 2001 From: skiffer-git <44203734@qq.com> Date: Mon, 15 Aug 2022 18:28:04 +0800 Subject: [PATCH 2/3] Restrict user login with IP --- internal/demo/register/set_password.go | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/internal/demo/register/set_password.go b/internal/demo/register/set_password.go index 79c74a261..632254383 100644 --- a/internal/demo/register/set_password.go +++ b/internal/demo/register/set_password.go @@ -8,7 +8,6 @@ import ( imdb "Open_IM/pkg/common/db/mysql_model/im_mysql_model" http2 "Open_IM/pkg/common/http" "Open_IM/pkg/common/log" - pbAuth "Open_IM/pkg/proto/auth" pbFriend "Open_IM/pkg/proto/friend" "Open_IM/pkg/utils" "encoding/json" @@ -47,10 +46,10 @@ func SetPassword(c *gin.Context) { Limited, LimitError := imdb.IsLimitRegisterIp(ip) if LimitError != nil { log.Error(params.OperationID, utils.GetSelfFuncName(), LimitError, ip) - c.JSON(http.StatusBadRequest, gin.H{"errCode": constant.FormattingError, "errMsg": err.Error()}) + c.JSON(http.StatusBadRequest, gin.H{"errCode": constant.FormattingError, "errMsg": LimitError.Error()}) } if Limited { - c.JSON(http.StatusBadRequest, gin.H{"errCode": constant.FormattingError, "errMsg": err.Error()}) + c.JSON(http.StatusBadRequest, gin.H{"errCode": constant.FormattingError, "errMsg": "limited"}) } var account string From 44e4c59493c233f11f3685c69f0b50dbbc49c3fb Mon Sep 17 00:00:00 2001 From: skiffer-git <44203734@qq.com> Date: Mon, 15 Aug 2022 18:34:03 +0800 Subject: [PATCH 3/3] Restrict user login with IP --- internal/demo/register/ip_limit.go | 6 +++--- internal/demo/register/set_password.go | 2 ++ 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/internal/demo/register/ip_limit.go b/internal/demo/register/ip_limit.go index bcd84d489..c2bdd6d07 100644 --- a/internal/demo/register/ip_limit.go +++ b/internal/demo/register/ip_limit.go @@ -34,7 +34,7 @@ func QueryIP(c *gin.Context) { ips, err := imdb.QueryUserIPLimits(req.IP) if err != nil { log.NewError(req.OperationID, "GetInvitationCode failed", req.IP) - c.JSON(http.StatusInternalServerError, gin.H{"errCode": constant.ErrDB, "errMsg": "QueryUserIPLimits error!"}) + c.JSON(http.StatusInternalServerError, gin.H{"errCode": constant.ErrDB.ErrCode, "errMsg": "QueryUserIPLimits error!"}) return } resp.IP = req.IP @@ -85,7 +85,7 @@ func AddIPLimit(c *gin.Context) { LimitTime: time.Time{}, }); err != nil { log.NewError(req.OperationID, utils.GetSelfFuncName(), err.Error(), req.IP, req.LimitTime) - c.JSON(http.StatusInternalServerError, gin.H{"errCode": constant.ErrDB, "errMsg": "InsertOneIntoIpLimits error!"}) + c.JSON(http.StatusInternalServerError, gin.H{"errCode": constant.ErrDB.ErrCode, "errMsg": "InsertOneIntoIpLimits error!"}) return } c.JSON(http.StatusOK, gin.H{"errCode": 0, "errMsg": ""}) @@ -122,7 +122,7 @@ func QueryUserIPLimitLogin(c *gin.Context) { resp, err := imdb.GetIpLimitsLoginByUserID(req.UserID) if err != nil { log.NewError(req.OperationID, utils.GetSelfFuncName(), err.Error(), req.UserID) - c.JSON(http.StatusInternalServerError, gin.H{"errCode": constant.ErrDB, "errMsg": "GetIpLimitsByUserID error!"}) + c.JSON(http.StatusInternalServerError, gin.H{"errCode": constant.ErrDB.ErrCode, "errMsg": "GetIpLimitsByUserID error!"}) return } log.NewInfo(req.OperationID, utils.GetSelfFuncName(), "resp:", resp) diff --git a/internal/demo/register/set_password.go b/internal/demo/register/set_password.go index 632254383..def5b8c16 100644 --- a/internal/demo/register/set_password.go +++ b/internal/demo/register/set_password.go @@ -47,9 +47,11 @@ func SetPassword(c *gin.Context) { if LimitError != nil { log.Error(params.OperationID, utils.GetSelfFuncName(), LimitError, ip) c.JSON(http.StatusBadRequest, gin.H{"errCode": constant.FormattingError, "errMsg": LimitError.Error()}) + return } if Limited { c.JSON(http.StatusBadRequest, gin.H{"errCode": constant.FormattingError, "errMsg": "limited"}) + return } var account string