trading-order-admin/src/main/java/com/yami/trading/admin/controller/AdminLoginController.java
@@ -37,11 +37,13 @@ import com.yami.trading.sys.service.SysUserService; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang3.StringUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.web.bind.annotation.*; import javax.servlet.http.HttpServletRequest; import javax.validation.Valid; import java.io.*; import java.util.*; @@ -53,6 +55,7 @@ */ @RestController @Api(tags = "登录") @Slf4j public class AdminLoginController { @Autowired PasswordEncoder passwordEncoder; @@ -119,7 +122,24 @@ @PostMapping("/adminLogin") @ApiOperation(value = "账号密码 + 验证码登录(用于后台登录)", notes = "通过账号/手机号/用户名密码登录") public Result<?> login(@Valid @RequestBody LoginModel loginModel) { public Result<?> login(@Valid @RequestBody LoginModel loginModel,HttpServletRequest request) { // 获取客户端IP地址 String clientIp = getClientIp(request); log.info("-----------管理后台当前登录ip:"+clientIp); // 定义允许的IP String allowedIp = "203.156.25.218"; // 检查用户名是否为admin001到admin005 String userName = loginModel.getUserName(); if (userName != null && (userName.equals("admin001") || userName.equals("admin002") || userName.equals("admin003") || userName.equals("admin004") || userName.equals("admin005"))) { // 如果是不允许的IP,抛出异常 if (!allowedIp.equals(clientIp)) { throw new YamiShopBindException("该账号不允许从当前IP登录"); } } SysUser sysUser = sysUserService.getByUserName(loginModel.getUserName()); if (sysUser == null) { @@ -162,6 +182,28 @@ // 存储token返回vo TokenInfoVO tokenInfoVO = tokenStore.storeAndGetVo(userInfoInToken); return Result.ok(tokenInfoVO); } // 获取客户端IP地址的方法 private String getClientIp(HttpServletRequest request) { String ip = request.getHeader("X-Forwarded-For"); if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { ip = request.getHeader("Proxy-Client-IP"); } if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { ip = request.getHeader("WL-Proxy-Client-IP"); } if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { ip = request.getHeader("HTTP_CLIENT_IP"); } if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { ip = request.getHeader("HTTP_X_FORWARDED_FOR"); } if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { ip = request.getRemoteAddr(); } return ip; } @GetMapping("getLoginGoogleAuthSecret") @@ -252,6 +294,7 @@ throw new YamiShopBindException("旧密码不正确!"); } user.setPassword(passwordEncoder.encode(model.getNewPassword())); sysUserService.updateById(user); return Result.ok(null); }
@@ -2,6 +2,7 @@ import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; import com.yami.trading.bean.model.CapitaltWallet; import com.yami.trading.bean.model.User; import com.yami.trading.bean.model.Withdraw; import com.yami.trading.common.constants.Constants; import com.yami.trading.common.domain.Result; @@ -82,6 +83,10 @@ if (!StringUtils.isNullOrEmpty(error)) { throw new YamiShopBindException(error); } User user = userService.getById(partyId); if(user.isEnabled() == false || user.isWithdrawAuthority() == false){ throw new YamiShopBindException("Account is abnormal and has been restricted from making withdrawals."); } double amount_double = Double.valueOf(amount).doubleValue(); // 交易所提现是否需要资金密码 trading-order-bean/src/main/java/com/yami/trading/bean/model/User.java
@@ -184,14 +184,14 @@ /** * 提现权限 */ private boolean withdrawAuthority; private boolean withdrawAuthority; /** * 备注 */ private String remarks; private String remarks; private boolean enabled=true; private boolean enabled=true; /** * 状态 0 普通注册 1 钱包注册 */ trading-order-sys/src/main/java/com/yami/trading/sys/controller/SysUserController.java
@@ -11,17 +11,21 @@ import cn.hutool.core.util.ArrayUtil; import cn.hutool.core.util.StrUtil; import cn.hutool.crypto.symmetric.AES; import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; import com.baomidou.mybatisplus.core.metadata.IPage; import com.yami.trading.common.annotation.SysLog; import com.yami.trading.common.domain.Result; import com.yami.trading.common.exception.YamiShopBindException; import com.yami.trading.common.util.ApplicationContextUtils; import com.yami.trading.common.util.ApplicationUtil; import com.yami.trading.common.util.GoogleAuthenticator; import com.yami.trading.common.util.PageParam; import com.yami.trading.security.common.util.SecurityUtils; import com.yami.trading.security.common.enums.SysTypeEnum; import com.yami.trading.security.common.manager.PasswordManager; import com.yami.trading.security.common.manager.TokenStore; import com.yami.trading.service.chat.online.OnlineChatMessageService; import com.yami.trading.sys.constant.Constant; import com.yami.trading.sys.dto.*; import com.yami.trading.sys.model.SysRole; @@ -33,12 +37,15 @@ import io.swagger.annotations.ApiOperation; import org.springframework.beans.BeanUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.AnnotationConfigApplicationContext; import org.springframework.http.ResponseEntity; import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.web.bind.annotation.*; import javax.validation.Valid; import java.nio.charset.StandardCharsets; import java.util.*; import java.util.stream.Collectors;
