From 9dc84d7c15eb77fa474911ad68c20c2db96b81b0 Mon Sep 17 00:00:00 2001
From: insistence <3055204202@qq.com>
Date: Thu, 7 Mar 2024 10:17:17 +0800
Subject: [PATCH 1/4] =?UTF-8?q?feat:=20=E8=B4=A6=E5=8F=B7=E5=AF=86?=
 =?UTF-8?q?=E7=A0=81=E7=99=BB=E5=BD=95=E6=96=B0=E5=A2=9EIP=E9=BB=91?=
 =?UTF-8?q?=E5=90=8D=E5=8D=95=E6=A0=A1=E9=AA=8C?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../module_admin/service/login_service.py       | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/dash-fastapi-backend/module_admin/service/login_service.py b/dash-fastapi-backend/module_admin/service/login_service.py
index 53b133a..6439285 100644
--- a/dash-fastapi-backend/module_admin/service/login_service.py
+++ b/dash-fastapi-backend/module_admin/service/login_service.py
@@ -155,6 +155,22 @@ async def logout_services(request: Request, session_id: str):
     return True
 
 
+async def check_login_ip(request: Request, login_user: UserLogin):
+    """
+    校验用户登录ip是否在黑名单内
+    :param request: Request对象
+    :param login_user: 登录用户对象
+    :return: 校验结果
+    """
+    black_ip_value = await request.app.state.redis.get(
+        f"{RedisInitKeyConfig.SYS_CONFIG.get('key')}:sys.login.blackIPList")
+    black_ip_list = black_ip_value.split(',') if black_ip_value else []
+    if login_user.login_info.get('ipaddr') in black_ip_list:
+        logger.warning("当前IP禁止登录")
+        raise LoginException(data="", message="当前IP禁止登录")
+    return True
+
+
 async def check_login_captcha(request: Request, login_user: UserLogin):
     """
     校验用户登录验证码
@@ -180,6 +196,7 @@ async def authenticate_user(request: Request, query_db: Session, login_user: Use
     :param login_user: 登录用户对象
     :return: 校验结果
     """
+    await check_login_ip(request, login_user)
     account_lock = await request.app.state.redis.get(f"{RedisInitKeyConfig.ACCOUNT_LOCK.get('key')}:{login_user.user_name}")
     if login_user.user_name == account_lock:
         logger.warning("账号已锁定，请稍后再试")
-- 
Gitee


From 3149a9f5e8f8c9d9370ff142f05e086d537b300c Mon Sep 17 00:00:00 2001
From: insistence <3055204202@qq.com>
Date: Thu, 7 Mar 2024 10:31:20 +0800
Subject: [PATCH 2/4] =?UTF-8?q?chore:=20=E8=B0=83=E6=95=B4=E7=99=BB?=
 =?UTF-8?q?=E5=BD=95=E7=AD=96=E7=95=A5=EF=BC=8Cdev=E6=A8=A1=E5=BC=8F?=
 =?UTF-8?q?=E4=B8=8Bapi=E6=96=87=E6=A1=A3=E7=99=BB=E5=BD=95=E4=B8=8D?=
 =?UTF-8?q?=E6=A0=A1=E9=AA=8C=E9=AA=8C=E8=AF=81=E7=A0=81=E4=BB=A5=E9=80=82?=
 =?UTF-8?q?=E5=BA=94=E5=BC=80=E5=8F=91=E8=B0=83=E8=AF=95=E9=9C=80=E8=A6=81?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../module_admin/service/login_service.py             | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/dash-fastapi-backend/module_admin/service/login_service.py b/dash-fastapi-backend/module_admin/service/login_service.py
index 6439285..321ab55 100644
--- a/dash-fastapi-backend/module_admin/service/login_service.py
+++ b/dash-fastapi-backend/module_admin/service/login_service.py
@@ -11,7 +11,7 @@ from module_admin.entity.vo.login_vo import *
 from module_admin.dao.login_dao import *
 from module_admin.service.user_service import UserService
 from module_admin.dao.user_dao import *
-from config.env import JwtConfig, RedisInitKeyConfig
+from config.env import AppConfig, JwtConfig, RedisInitKeyConfig
 from utils.pwd_util import *
 from utils.response_util import *
 from utils.message_util import *
@@ -201,8 +201,13 @@ async def authenticate_user(request: Request, query_db: Session, login_user: Use
     if login_user.user_name == account_lock:
         logger.warning("账号已锁定，请稍后再试")
         raise LoginException(data="", message="账号已锁定，请稍后再试")
-    # 判断是否开启验证码，开启则验证，否则不验证
-    if login_user.captcha_enabled:
+    # 判断请求是否来自于api文档
+    request_from_swagger = request.headers.get('referer').endswith('docs') if request.headers.get('referer') else False
+    request_from_redoc = request.headers.get('referer').endswith('redoc') if request.headers.get('referer') else False
+    # 判断是否开启验证码，开启则验证，否则不验证（dev模式下来自API文档的登录请求不检验）
+    if not login_user.captcha_enabled or ((request_from_swagger or request_from_redoc) and AppConfig.app_env == 'dev'):
+        pass
+    else:
         await check_login_captcha(request, login_user)
     user = login_by_account(query_db, login_user.user_name)
     if not user:
-- 
Gitee


From 826a3a4e428cb7e96e2e1ccfe16099057d8b58a4 Mon Sep 17 00:00:00 2001
From: insistence <3055204202@qq.com>
Date: Thu, 7 Mar 2024 10:31:42 +0800
Subject: [PATCH 3/4] =?UTF-8?q?chore:=20=E5=8D=87=E7=BA=A7=E7=89=88?=
 =?UTF-8?q?=E6=9C=AC=E8=87=B31.3.1?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 dash-fastapi-backend/.env.dev  | 2 +-
 dash-fastapi-backend/.env.prod | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/dash-fastapi-backend/.env.dev b/dash-fastapi-backend/.env.dev
index 993f83b..71ea2f6 100644
--- a/dash-fastapi-backend/.env.dev
+++ b/dash-fastapi-backend/.env.dev
@@ -10,7 +10,7 @@ APP_HOST = '0.0.0.0'
 # 应用端口
 APP_PORT = 9099
 # 应用版本
-APP_VERSION= '1.3.0'
+APP_VERSION= '1.3.1'
 # 应用是否开启热重载
 APP_RELOAD = true
 
diff --git a/dash-fastapi-backend/.env.prod b/dash-fastapi-backend/.env.prod
index 3ec163c..0857b79 100644
--- a/dash-fastapi-backend/.env.prod
+++ b/dash-fastapi-backend/.env.prod
@@ -2,7 +2,7 @@
 # 应用运行环境
 APP_ENV = 'prod'
 # 应用名称
-APP_NAME = 'Dash-FasAPI'
+APP_NAME = 'Dash-FasAPI-Admin'
 # 应用代理路径
 APP_ROOT_PATH = '/prod-api'
 # 应用主机
@@ -10,7 +10,7 @@ APP_HOST = '0.0.0.0'
 # 应用端口
 APP_PORT = 9099
 # 应用版本
-APP_VERSION= '1.3.0'
+APP_VERSION= '1.3.1'
 # 应用是否开启热重载
 APP_RELOAD = false
 
-- 
Gitee


From f14d342c71fffcb3a8493515f61d7e594cfb54f5 Mon Sep 17 00:00:00 2001
From: insistence <3055204202@qq.com>
Date: Thu, 7 Mar 2024 10:33:43 +0800
Subject: [PATCH 4/4] =?UTF-8?q?docs:=20=E6=9B=B4=E6=96=B0README=E6=96=87?=
 =?UTF-8?q?=E6=A1=A3?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 README.md | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 5fdcafd..dd25877 100644
--- a/README.md
+++ b/README.md
@@ -1,12 +1,12 @@
 <p align="center">
 	<img alt="logo" src="https://oscimg.oschina.net/oscnet/up-d3d0a9303e11d522a06cd263f3079027715.png">
 </p>
-<h1 align="center" style="margin: 30px 0 30px; font-weight: bold;">Dash-FastAPI-Admin v1.3.0</h1>
+<h1 align="center" style="margin: 30px 0 30px; font-weight: bold;">Dash-FastAPI-Admin v1.3.1</h1>
 <h4 align="center">基于Dash+FastAPI前后端分离的纯Python快速开发框架</h4>
 <p align="center">
 	<a href="https://gitee.com/insistence2022/dash-fastapi-admin/stargazers"><img src="https://gitee.com/insistence2022/dash-fastapi-admin/badge/star.svg?theme=dark"></a>
     <a href="https://github.com/insistence/Dash-FastAPI-Admin"><img src="https://img.shields.io/github/stars/insistence/Dash-FastAPI-Admin?style=social"></a>
-	<a href="https://gitee.com/insistence2022/dash-fastapi-admin"><img src="https://img.shields.io/badge/DashFastAPIAdmin-v1.3.0-brightgreen.svg"></a>
+	<a href="https://gitee.com/insistence2022/dash-fastapi-admin"><img src="https://img.shields.io/badge/DashFastAPIAdmin-v1.3.1-brightgreen.svg"></a>
 	<a href="https://gitee.com/insistence2022/dash-fastapi-admin/blob/master/LICENSE"><img src="https://img.shields.io/github/license/mashape/apistatus.svg"></a>
     <img src="https://img.shields.io/badge/python-3.8 | 3.9-blue">
     <img src="https://img.shields.io/badge/MySQL-≥5.7-blue">
@@ -15,6 +15,7 @@
 
 
 
+
 ## 平台简介
 
 Dash-FastAPI-Admin是一套全部开源的快速开发平台，毫无保留给个人及企业免费使用。
-- 
Gitee