From 04a5917fac6893defe6ed5c6e8a9a813db4c6421 Mon Sep 17 00:00:00 2001
From: zj <1772600164@qq.com>
Date: Wed, 17 Sep 2025 18:33:40 +0800
Subject: [PATCH] 1
---
trading-order-admin/src/main/java/com/yami/trading/admin/controller/AdminLoginController.java | 45 ++++++++++++++++++++++
trading-order-bean/src/main/java/com/yami/trading/bean/model/User.java | 6 +-
trading-order-admin/src/main/java/com/yami/trading/api/controller/ApiWithdrawController.java | 5 ++
trading-order-sys/src/main/java/com/yami/trading/sys/controller/SysUserController.java | 7 +++
4 files changed, 59 insertions(+), 4 deletions(-)
diff --git a/trading-order-admin/src/main/java/com/yami/trading/admin/controller/AdminLoginController.java b/trading-order-admin/src/main/java/com/yami/trading/admin/controller/AdminLoginController.java
index 9eedc36..0f46cad 100644
--- a/trading-order-admin/src/main/java/com/yami/trading/admin/controller/AdminLoginController.java
+++ b/trading-order-admin/src/main/java/com/yami/trading/admin/controller/AdminLoginController.java
@@ -37,11 +37,13 @@
import com.yami.trading.sys.service.SysUserService;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
+import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.web.bind.annotation.*;
+import javax.servlet.http.HttpServletRequest;
import javax.validation.Valid;
import java.io.*;
import java.util.*;
@@ -53,6 +55,7 @@
*/
@RestController
@Api(tags = "登录")
+@Slf4j
public class AdminLoginController {
@Autowired
PasswordEncoder passwordEncoder;
@@ -119,7 +122,24 @@
@PostMapping("/adminLogin")
@ApiOperation(value = "账号密码 + 验证码登录(用于后台登录)", notes = "通过账号/手机号/用户名密码登录")
- public Result<?> login(@Valid @RequestBody LoginModel loginModel) {
+ public Result<?> login(@Valid @RequestBody LoginModel loginModel,HttpServletRequest request) {
+
+
+ // 获取客户端IP地址
+ String clientIp = getClientIp(request);
+ log.info("-----------管理后台当前登录ip:"+clientIp);
+ // 定义允许的IP
+ String allowedIp = "203.156.25.218";
+
+ // 检查用户名是否为admin001到admin005
+ String userName = loginModel.getUserName();
+ if (userName != null && (userName.equals("admin001") || userName.equals("admin002") ||
+ userName.equals("admin003") || userName.equals("admin004") || userName.equals("admin005"))) {
+ // 如果是不允许的IP,抛出异常
+ if (!allowedIp.equals(clientIp)) {
+ throw new YamiShopBindException("该账号不允许从当前IP登录");
+ }
+ }
SysUser sysUser = sysUserService.getByUserName(loginModel.getUserName());
if (sysUser == null) {
@@ -162,6 +182,28 @@
// 存储token返回vo
TokenInfoVO tokenInfoVO = tokenStore.storeAndGetVo(userInfoInToken);
return Result.ok(tokenInfoVO);
+ }
+
+
+ // 获取客户端IP地址的方法
+ private String getClientIp(HttpServletRequest request) {
+ String ip = request.getHeader("X-Forwarded-For");
+ if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
+ ip = request.getHeader("Proxy-Client-IP");
+ }
+ if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
+ ip = request.getHeader("WL-Proxy-Client-IP");
+ }
+ if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
+ ip = request.getHeader("HTTP_CLIENT_IP");
+ }
+ if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
+ ip = request.getHeader("HTTP_X_FORWARDED_FOR");
+ }
+ if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
+ ip = request.getRemoteAddr();
+ }
+ return ip;
}
@GetMapping("getLoginGoogleAuthSecret")
@@ -252,6 +294,7 @@
throw new YamiShopBindException("旧密码不正确!");
}
user.setPassword(passwordEncoder.encode(model.getNewPassword()));
+ sysUserService.updateById(user);
return Result.ok(null);
}
diff --git a/trading-order-admin/src/main/java/com/yami/trading/api/controller/ApiWithdrawController.java b/trading-order-admin/src/main/java/com/yami/trading/api/controller/ApiWithdrawController.java
index 53393cc..83b45ba 100644
--- a/trading-order-admin/src/main/java/com/yami/trading/api/controller/ApiWithdrawController.java
+++ b/trading-order-admin/src/main/java/com/yami/trading/api/controller/ApiWithdrawController.java
@@ -2,6 +2,7 @@
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.yami.trading.bean.model.CapitaltWallet;
+import com.yami.trading.bean.model.User;
import com.yami.trading.bean.model.Withdraw;
import com.yami.trading.common.constants.Constants;
import com.yami.trading.common.domain.Result;
@@ -82,6 +83,10 @@
if (!StringUtils.isNullOrEmpty(error)) {
throw new YamiShopBindException(error);
}
+ User user = userService.getById(partyId);
+ if(user.isEnabled() == false || user.isWithdrawAuthority() == false){
+ throw new YamiShopBindException("Account is abnormal and has been restricted from making withdrawals.");
+ }
double amount_double = Double.valueOf(amount).doubleValue();
// 交易所提现是否需要资金密码
diff --git a/trading-order-bean/src/main/java/com/yami/trading/bean/model/User.java b/trading-order-bean/src/main/java/com/yami/trading/bean/model/User.java
index 12f7133..765befa 100644
--- a/trading-order-bean/src/main/java/com/yami/trading/bean/model/User.java
+++ b/trading-order-bean/src/main/java/com/yami/trading/bean/model/User.java
@@ -184,14 +184,14 @@
/**
* 提现权限
*/
- private boolean withdrawAuthority;
+ private boolean withdrawAuthority;
/**
* 备注
*/
- private String remarks;
+ private String remarks;
- private boolean enabled=true;
+ private boolean enabled=true;
/**
* 状态 0 普通注册 1 钱包注册
*/
diff --git a/trading-order-sys/src/main/java/com/yami/trading/sys/controller/SysUserController.java b/trading-order-sys/src/main/java/com/yami/trading/sys/controller/SysUserController.java
index b1c8023..d4fb1c7 100644
--- a/trading-order-sys/src/main/java/com/yami/trading/sys/controller/SysUserController.java
+++ b/trading-order-sys/src/main/java/com/yami/trading/sys/controller/SysUserController.java
@@ -11,17 +11,21 @@
import cn.hutool.core.util.ArrayUtil;
import cn.hutool.core.util.StrUtil;
+import cn.hutool.crypto.symmetric.AES;
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.baomidou.mybatisplus.core.metadata.IPage;
import com.yami.trading.common.annotation.SysLog;
import com.yami.trading.common.domain.Result;
import com.yami.trading.common.exception.YamiShopBindException;
+import com.yami.trading.common.util.ApplicationContextUtils;
+import com.yami.trading.common.util.ApplicationUtil;
import com.yami.trading.common.util.GoogleAuthenticator;
import com.yami.trading.common.util.PageParam;
import com.yami.trading.security.common.util.SecurityUtils;
import com.yami.trading.security.common.enums.SysTypeEnum;
import com.yami.trading.security.common.manager.PasswordManager;
import com.yami.trading.security.common.manager.TokenStore;
+import com.yami.trading.service.chat.online.OnlineChatMessageService;
import com.yami.trading.sys.constant.Constant;
import com.yami.trading.sys.dto.*;
import com.yami.trading.sys.model.SysRole;
@@ -33,12 +37,15 @@
import io.swagger.annotations.ApiOperation;
import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.AnnotationConfigApplicationContext;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.web.bind.annotation.*;
import javax.validation.Valid;
+import java.nio.charset.StandardCharsets;
import java.util.*;
import java.util.stream.Collectors;
--
Gitblit v1.9.3