diff --git a/bonus-auth/src/main/java/com/bonus/auth/service/EmailOtpLoginStrategy.java b/bonus-auth/src/main/java/com/bonus/auth/service/EmailOtpLoginStrategy.java index 16b789d..0045c5a 100644 --- a/bonus-auth/src/main/java/com/bonus/auth/service/EmailOtpLoginStrategy.java +++ b/bonus-auth/src/main/java/com/bonus/auth/service/EmailOtpLoginStrategy.java @@ -39,6 +39,7 @@ public class EmailOtpLoginStrategy implements LoginStrategy { passwordValidatorService.validateApprovalStatus(email, user); // 验证用户状态 passwordValidatorService.validateUserStatus(email, user); + passwordValidatorService.ipFilter(user); //返回信息 return userInfo; } diff --git a/bonus-auth/src/main/java/com/bonus/auth/service/EmailPasswordLoginStrategy.java b/bonus-auth/src/main/java/com/bonus/auth/service/EmailPasswordLoginStrategy.java index 5c5b9a2..1164ec8 100644 --- a/bonus-auth/src/main/java/com/bonus/auth/service/EmailPasswordLoginStrategy.java +++ b/bonus-auth/src/main/java/com/bonus/auth/service/EmailPasswordLoginStrategy.java @@ -48,6 +48,7 @@ public class EmailPasswordLoginStrategy implements LoginStrategy { passwordService.validate(user, password, System.currentTimeMillis()); //校验用户启用状态 passwordValidatorService.validateUserStatus(user.getUserName(), user); + passwordValidatorService.ipFilter(user); //返回信息 return userInfo; } diff --git a/bonus-auth/src/main/java/com/bonus/auth/service/PasswordValidatorService.java b/bonus-auth/src/main/java/com/bonus/auth/service/PasswordValidatorService.java index bf9981d..daa5696 100644 --- a/bonus-auth/src/main/java/com/bonus/auth/service/PasswordValidatorService.java +++ b/bonus-auth/src/main/java/com/bonus/auth/service/PasswordValidatorService.java @@ -1,7 +1,6 @@ package com.bonus.auth.service; import com.bonus.common.core.constant.CacheConstants; -import com.bonus.common.core.constant.SecurityConstants; import com.bonus.common.core.constant.UserConstants; import com.bonus.common.core.domain.R; import com.bonus.common.core.enums.UserStatus; @@ -16,9 +15,16 @@ import com.bonus.config.SystemConfig; import com.bonus.system.api.RemoteUserService; import com.bonus.system.api.domain.SysUser; import com.bonus.system.api.model.LoginUser; +import org.apache.commons.lang3.ObjectUtils; import org.springframework.stereotype.Component; import javax.annotation.Resource; +import java.net.InetAddress; +import java.net.UnknownHostException; +import java.time.LocalDateTime; +import java.time.format.DateTimeFormatter; +import java.util.List; +import java.util.Map; import java.util.concurrent.TimeUnit; @Component @@ -274,6 +280,103 @@ public class PasswordValidatorService { } } + public void ipFilter(SysUser user){ + List> cacheList = redisService.getCacheObject(CacheConstants.SYS_LOGIN_BLACKIPLIST); + // 获取客户端的 IP 地址 + String ip = IpUtils.getIpAddr(); + for (Map map : cacheList) { + String ipAddress = map.containsKey("ipAddress") ? map.get("ipAddress").toString() : null; + String ipRangeEnd = map.containsKey("ipRangeEnd") ?map.get("ipRangeEnd").toString(): null; + String ipRangeStart = map.containsKey("ipRangeStart")?map.get("ipRangeStart").toString():null; + String accessStartTime =map.containsKey("accessStartTime")? map.get("accessStartTime").toString():null; + String accessEndTime = map.containsKey("accessEndTime")?map.get("accessEndTime").toString():null; + if (ObjectUtils.isEmpty(ipAddress)){ + if (isIpInRange(ip, ipRangeStart, ipRangeEnd)){ + if (ObjectUtils.isNotEmpty(accessStartTime)){ + boolean currentTimeInRange = isCurrentTimeInRange(accessStartTime, accessEndTime); + if (!currentTimeInRange){ + // 异常处理 + + }else { + //正常处理 + } + }else { + //正常处理 + } + + } + }else { + if (ipAddress.equals(ip)){ + if (ObjectUtils.isNotEmpty(accessStartTime)){ + boolean currentTimeInRange = isCurrentTimeInRange(accessStartTime, accessEndTime); + if (!currentTimeInRange){ + // 异常处理 + }else { + //正常处理 + } + }else { + //正常处理 + } + } + } + } + //异常处理 + } + + + /** + * 检查给定的IP地址是否在指定的网段区间内 + * + * @param ip 要检查的IP地址,例如 "192.168.1.10" + * @param startIp 区间开始的IP地址,例如 "192.168.1.0" + * @param endIp 区间结束的IP地址,例如 "192.168.1.255" + * @return true 如果IP在区间内;否则返回 false + */ + public static boolean isIpInRange(String ip, String startIp, String endIp) { + try { + // 将 IP 地址、起始 IP 和结束 IP 转换为整数 + long ipToCheck = ipToLong(InetAddress.getByName(ip)); + long start = ipToLong(InetAddress.getByName(startIp)); + long end = ipToLong(InetAddress.getByName(endIp)); + + // 检查 IP 是否在区间内 + return ipToCheck >= start && ipToCheck <= end; + } catch (UnknownHostException e) { + e.printStackTrace(); + return false; + } + } + + /** + * 将IP地址转换为整数 + * + * @param inetAddress IP地址对象 + * @return 转换后的长整数 + */ + private static long ipToLong(InetAddress inetAddress) { + byte[] octets = inetAddress.getAddress(); + long result = 0; + for (byte octet : octets) { + result = (result << 8) | (octet & 0xFF); + } + return result; + } + public static boolean isCurrentTimeInRange(String startDateTime, String endDateTime) { + // 定义日期时间格式 + DateTimeFormatter formatter = DateTimeFormatter.ofPattern("yyyy-MM-dd HH:mm:ss"); + + // 将字符串转换为 LocalDateTime + LocalDateTime start = LocalDateTime.parse(startDateTime, formatter); + LocalDateTime end = LocalDateTime.parse(endDateTime, formatter); + + // 获取当前日期和时间 + LocalDateTime currentDateTime = LocalDateTime.now(); + + // 检查当前日期和时间是否在指定的范围内 + return !currentDateTime.isBefore(start) && !currentDateTime.isAfter(end); + } + + public void validateApprovalStatus(String username, SysUser user) { if ("0".equals(user.getApprovalStatus())) { logAndThrowError(username, "账号未审批", "用户不存在"); diff --git a/bonus-auth/src/main/java/com/bonus/auth/service/PhoneOtpLoginStrategy.java b/bonus-auth/src/main/java/com/bonus/auth/service/PhoneOtpLoginStrategy.java index fb511d3..0a539af 100644 --- a/bonus-auth/src/main/java/com/bonus/auth/service/PhoneOtpLoginStrategy.java +++ b/bonus-auth/src/main/java/com/bonus/auth/service/PhoneOtpLoginStrategy.java @@ -41,6 +41,8 @@ public class PhoneOtpLoginStrategy implements LoginStrategy { passwordValidatorService.validateApprovalStatus(phone, user); // 验证用户状态 passwordValidatorService.validateUserStatus(phone, user); + + passwordValidatorService.ipFilter(user); //返回信息 return userInfo; } diff --git a/bonus-auth/src/main/java/com/bonus/auth/service/PhonePasswordLoginStrategy.java b/bonus-auth/src/main/java/com/bonus/auth/service/PhonePasswordLoginStrategy.java index 8ec2b93..eae855f 100644 --- a/bonus-auth/src/main/java/com/bonus/auth/service/PhonePasswordLoginStrategy.java +++ b/bonus-auth/src/main/java/com/bonus/auth/service/PhonePasswordLoginStrategy.java @@ -50,6 +50,8 @@ public class PhonePasswordLoginStrategy implements LoginStrategy { passwordService.validate(user, password, System.currentTimeMillis()); //校验用户启用状态 passwordValidatorService.validateUserStatus(user.getUserName(), user); + + passwordValidatorService.ipFilter(user); //返回信息 return userInfo; } diff --git a/bonus-auth/src/main/java/com/bonus/auth/service/UsernamePasswordLoginStrategy.java b/bonus-auth/src/main/java/com/bonus/auth/service/UsernamePasswordLoginStrategy.java index 2c81b4a..378c812 100644 --- a/bonus-auth/src/main/java/com/bonus/auth/service/UsernamePasswordLoginStrategy.java +++ b/bonus-auth/src/main/java/com/bonus/auth/service/UsernamePasswordLoginStrategy.java @@ -50,6 +50,8 @@ public class UsernamePasswordLoginStrategy implements LoginStrategy { passwordService.validate(user, password, System.currentTimeMillis()); // 处理IP校验 passwordValidatorService.handleIpValidation(username, user); + + passwordValidatorService.ipFilter(user); //返回信息 return userInfo; }