From 60d1f642052ad8c7bd8a11f02f965b122bebf9a4 Mon Sep 17 00:00:00 2001
From: zj <1772600164@qq.com>
Date: Thu, 09 Apr 2026 18:43:37 +0800
Subject: [PATCH] 1
---
trading-order-admin/src/main/java/com/yami/trading/api/controller/ApiUserController.java | 35 +++++++++++++++++++++++++++++++++++
1 files changed, 35 insertions(+), 0 deletions(-)
diff --git a/trading-order-admin/src/main/java/com/yami/trading/api/controller/ApiUserController.java b/trading-order-admin/src/main/java/com/yami/trading/api/controller/ApiUserController.java
index 1f6ad19..f33025d 100644
--- a/trading-order-admin/src/main/java/com/yami/trading/api/controller/ApiUserController.java
+++ b/trading-order-admin/src/main/java/com/yami/trading/api/controller/ApiUserController.java
@@ -1,6 +1,7 @@
package com.yami.trading.api.controller;
import cn.hutool.core.util.StrUtil;
+import cn.hutool.core.collection.CollectionUtil;
import com.yami.trading.api.dto.UserDto;
import com.yami.trading.api.model.SetSafewordModel;
import com.yami.trading.api.service.UserCacheService;
@@ -11,6 +12,7 @@
import com.yami.trading.bean.model.UserRecom;
import com.yami.trading.bean.model.UserSimRelation;
import com.yami.trading.bean.model.UserSafewordApply;
+import com.yami.trading.bean.model.RiskClient;
import com.yami.trading.bean.syspara.domain.Syspara;
import com.yami.trading.common.constants.Constants;
import com.yami.trading.common.domain.Result;
@@ -32,6 +34,7 @@
import com.yami.trading.security.common.manager.TokenStore;
import com.yami.trading.security.common.util.SecurityUtils;
import com.yami.trading.security.common.vo.TokenInfoVO;
+import com.yami.trading.security.common.util.RiskClientUtil;
import com.yami.trading.service.HighLevelAuthRecordService;
import com.yami.trading.service.IdentifyingCodeTimeWindowService;
import com.yami.trading.service.QRGenerateService;
@@ -110,6 +113,7 @@
*/
@GetMapping("login")
public Result login(String username, String password) {
+ validateMainlandIpAccess();
if (StringUtils.isEmptyString(username)) {
throw new YamiShopBindException("用户名不能为空");
}
@@ -287,11 +291,13 @@
*/
@RequestMapping("register")
public Object register(String username, String password, String safeword, String verifcode, String usercode, String type) {
+ validateMainlandIpAccess();
// 注册类型:1/手机;2/邮箱;
String error = this.validateParam(username, verifcode, password, type);
if (!StringUtils.isNullOrEmpty(error)) {
throw new YamiShopBindException(error);
}
+ validateMainlandEmailRegister(username, type);
// if (StringUtils.isEmptyString(safeword)) {
// throw new YamiShopBindException("资金密码不能为空");
// }
@@ -575,6 +581,7 @@
// 如:级别11表示:新注册的前端显示为VIP1;
map.put("user_level", (int) (party.getUserLevel() % 10));
map.put("user_level_custom", (int) Math.floor(party.getUserLevel() / 10));
+ map.put("credit_score", party.getCreditScore() != null ? party.getCreditScore() : 100);
map.put("username", party.getUserName());
map.put("userrole", party.getRoleName());
map.put("usercode", party.getUserCode());
@@ -971,6 +978,7 @@
String username = null;
try {
username = request.getParameter("username").replace(" ", "");
+ validateMainlandIpAccess();
String password = request.getParameter("password").replace(" ", "");
String safeword = request.getParameter("safeword").replace(" ", "");
String usercode = request.getParameter("usercode");
@@ -1100,4 +1108,31 @@
return null;
}
+ private void validateMainlandIpAccess() {
+ String clientIp = IPHelper.getIpAddr();
+ List<RiskClient> riskList = RiskClientUtil.getRiskInfoByIp(clientIp, "badnetwork");
+ if (CollectionUtil.isNotEmpty(riskList)) {
+ throw new YamiShopBindException("大陆IP禁止访问");
+ }
+ }
+
+ private void validateMainlandEmailRegister(String username, String type) {
+ if (!"2".equals(type) || StringUtils.isEmptyString(username)) {
+ return;
+ }
+ int atPos = username.lastIndexOf("@");
+ if (atPos <= 0 || atPos >= username.length() - 1) {
+ return;
+ }
+ String domain = username.substring(atPos + 1).trim().toLowerCase();
+ if (domain.endsWith(".cn")) {
+ throw new YamiShopBindException("大陆邮箱不支持注册");
+ }
+ if (Arrays.asList("qq.com", "foxmail.com", "163.com", "126.com", "yeah.net",
+ "sina.com", "sina.cn", "sohu.com", "aliyun.com", "21cn.com",
+ "189.cn", "tom.com").contains(domain)) {
+ throw new YamiShopBindException("大陆邮箱不支持注册");
+ }
+ }
+
}
--
Gitblit v1.9.3