feat: 增加登录限流和跨进程退出机制

This commit is contained in:
2026-07-10 11:47:28 +08:00
parent 5aca872129
commit aedecb3aab
7 changed files with 180 additions and 16 deletions

View File

@@ -1,6 +1,6 @@
from __future__ import annotations
from fastapi import APIRouter, Depends
from fastapi import APIRouter, Depends, Request
from sqlalchemy.orm import Session
from app.core.database import get_db
@@ -9,16 +9,25 @@ from app.core.responses import api_success
from app.models.admin import Admin
from app.schemas.admin import AdminLoginRequest, AdminLoginResponse, AdminRead
from app.services.admin_service import AdminAuthService
from app.services.auth_service import AuthService
from app.services.security_state_service import client_ip
from app.core.dependencies import get_current_token_payload
router = APIRouter()
@router.post("/login")
def login(payload: AdminLoginRequest, db: Session = Depends(get_db)) -> dict:
result = AdminAuthService.login(db, payload.username, payload.password)
def login(payload: AdminLoginRequest, request: Request, db: Session = Depends(get_db)) -> dict:
result = AdminAuthService.login(db, payload.username, payload.password, client_ip(request))
return api_success(AdminLoginResponse.model_validate(result).model_dump(mode="json"))
@router.get("/profile")
def profile(current_admin: Admin = Depends(get_current_admin)) -> dict:
return api_success(AdminRead.model_validate(current_admin).model_dump())
@router.post("/logout")
def logout(token_payload: dict = Depends(get_current_token_payload)) -> dict:
AuthService.logout(token_payload)
return api_success()

View File

@@ -1,6 +1,6 @@
from __future__ import annotations
from fastapi import APIRouter, Depends
from fastapi import APIRouter, Depends, Request
from sqlalchemy.orm import Session
from app.core.database import get_db
@@ -9,6 +9,7 @@ from app.core.responses import api_success
from app.schemas.auth import CaptchaResponse, LoginRequest, LoginResponse, SendSmsRequest
from app.services.auth_service import AuthService
from app.services.captcha_service import CaptchaService
from app.services.security_state_service import client_ip
router = APIRouter()
@@ -19,8 +20,8 @@ def captcha() -> dict:
@router.post("/sms/send")
def send_sms(payload: SendSmsRequest, db: Session = Depends(get_db)) -> dict:
AuthService.send_sms_code(db, payload.phone, payload.captchaId, payload.captchaCode)
def send_sms(payload: SendSmsRequest, request: Request, db: Session = Depends(get_db)) -> dict:
AuthService.send_sms_code(db, payload.phone, payload.captchaId, payload.captchaCode, client_ip(request))
return api_success(message="发送成功")