PowLu/RuoYi-Vue3-FastAPI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: PowLu:v1.0.2
Branches Tags
PowLu:master PowLu:develop
PowLu:v1.6.2 PowLu:v1.6.1 PowLu:v1.6.0 PowLu:v1.5.1 PowLu:v1.5.0 PowLu:v1.4.0 PowLu:v1.3.3 PowLu:v1.3.2 PowLu:v1.3.1 PowLu:v1.3.0 PowLu:v1.2.2 PowLu:v1.2.1 PowLu:v1.2.0 PowLu:v1.1.3 PowLu:v1.1.2 PowLu:v1.1.1 PowLu:v1.1.0 PowLu:v1.0.3 PowLu:v1.0.2 PowLu:v1.0.1 PowLu:v1.0.0
..
compare: PowLu:v1.1.0
Branches Tags
PowLu:master PowLu:develop
PowLu:v1.6.2 PowLu:v1.6.1 PowLu:v1.6.0 PowLu:v1.5.1 PowLu:v1.5.0 PowLu:v1.4.0 PowLu:v1.3.3 PowLu:v1.3.2 PowLu:v1.3.1 PowLu:v1.3.0 PowLu:v1.2.2 PowLu:v1.2.1 PowLu:v1.2.0 PowLu:v1.1.3 PowLu:v1.1.2 PowLu:v1.1.1 PowLu:v1.1.0 PowLu:v1.0.3 PowLu:v1.0.2 PowLu:v1.0.1 PowLu:v1.0.0

14 Commits
v1.0.2 ... v1.1.0

Author SHA1 Message Date
insistence
2bade4d6c9 !7 RuoYi-Vue3-FastAPI v1.1.0 
Merge pull request !7 from insistence/develop
 2024-04-02 03:08:22 +00:00
insistence
a06c9f17d6 docs: 更新README文档 2024-04-02 10:47:48 +08:00
insistence
3654f4d88b chore: 升级版本至1.1.0 2024-04-02 10:45:44 +08:00
insistence
38aca38d4d feat: 后端配置文件新增账号同时登录开关配置 2024-04-02 10:42:07 +08:00
insistence
a57d737261 feat: 后端配置文件新增IP归属区域查询开关配置 2024-04-02 09:52:07 +08:00
insistence
84f56da523 feat: 后端配置文件新增sqlalchemy日志开关配置 2024-04-02 09:50:38 +08:00
insistence
f73a00e73c fix: 修复系统版本号或浏览器版本号无法获取时登录异常的问题 #I9CYNM 2024-04-01 09:56:22 +08:00
insistence
a84ad47de4 fix: 修复token本身过期时退出登录接口异常的问题 #I9CBWT 2024-03-29 11:08:00 +08:00
insistence
303612eed9 !6 RuoYi-Vue3-FastAPI v1.0.3 
Merge pull request !6 from insistence/develop
 2024-03-04 08:50:19 +00:00
insistence
dcb1f4d13c docs: 更新README文档 2024-03-04 15:50:48 +08:00
insistence
44ddc8c3a8 chore: 升级版本至1.0.3 2024-03-04 15:50:09 +08:00
insistence
70f6f8a471 fix: 修复添加和编辑菜单页面中是否缓存和是否外链字段回显异常的问题 #I95KBK 2024-03-04 15:49:45 +08:00
insistence
2a45df71cd fix: 修复外链菜单无法打开的问题 #I95KBK 2024-03-04 15:49:05 +08:00
insistence
eabeb705c4 feat: 账号密码登录新增IP黑名单校验 2024-03-04 15:47:13 +08:00
14 changed files with 187 additions and 141 deletions
Expand all files Collapse all files

8
README.md
View File

@@ -1,12 +1,12 @@
<p align="center"> <p align="center">
<img alt="logo" src="https://oscimg.oschina.net/oscnet/up-d3d0a9303e11d522a06cd263f3079027715.png"> <img alt="logo" src="https://oscimg.oschina.net/oscnet/up-d3d0a9303e11d522a06cd263f3079027715.png">
</p> </p>
<h1 align="center" style="margin: 30px 0 30px; font-weight: bold;">RuoYi-Vue3-FastAPI v1.0.2</h1> <h1 align="center" style="margin: 30px 0 30px; font-weight: bold;">RuoYi-Vue3-FastAPI v1.1.0</h1>
<h4 align="center">基于RuoYi-Vue3+FastAPI前后端分离的快速开发框架</h4> <h4 align="center">基于RuoYi-Vue3+FastAPI前后端分离的快速开发框架</h4>
<p align="center"> <p align="center">
<a href="https://gitee.com/insistence2022/RuoYi-Vue3-FastAPI/stargazers"><img src="https://gitee.com/insistence2022/RuoYi-Vue3-FastAPI/badge/star.svg?theme=dark"></a> <a href="https://gitee.com/insistence2022/RuoYi-Vue3-FastAPI/stargazers"><img src="https://gitee.com/insistence2022/RuoYi-Vue3-FastAPI/badge/star.svg?theme=dark"></a>
<a href="https://github.com/insistence/RuoYi-Vue3-FastAPI"><img src="https://img.shields.io/github/stars/insistence/RuoYi-Vue3-FastAPI?style=social"></a> <a href="https://github.com/insistence/RuoYi-Vue3-FastAPI"><img src="https://img.shields.io/github/stars/insistence/RuoYi-Vue3-FastAPI?style=social"></a>
<a href="https://gitee.com/insistence2022/RuoYi-Vue3-FastAPI"><img src="https://img.shields.io/badge/RuoYiVue3FastAPI-v1.0.2-brightgreen.svg"></a> <a href="https://gitee.com/insistence2022/RuoYi-Vue3-FastAPI"><img src="https://img.shields.io/badge/RuoYiVue3FastAPI-v1.1.0-brightgreen.svg"></a>
<a href="https://gitee.com/insistence2022/RuoYi-Vue3-FastAPI/blob/master/LICENSE"><img src="https://img.shields.io/github/license/mashape/apistatus.svg"></a> <a href="https://gitee.com/insistence2022/RuoYi-Vue3-FastAPI/blob/master/LICENSE"><img src="https://img.shields.io/github/license/mashape/apistatus.svg"></a>
<img src="https://img.shields.io/badge/python-≥3.8-blue"> <img src="https://img.shields.io/badge/python-≥3.8-blue">
<img src="https://img.shields.io/badge/MySQL-≥5.7-blue"> <img src="https://img.shields.io/badge/MySQL-≥5.7-blue">
@@ -14,9 +14,11 @@
## 平台简介 ## 平台简介
RuoYi-Vue-FastAPI是一套全部开源的快速开发平台毫无保留给个人及企业免费使用。 RuoYi-Vue3-FastAPI是一套全部开源的快速开发平台毫无保留给个人及企业免费使用。
* 前端采用Vue、Element Plus基于<u>[RuoYi-Vue3](https://github.com/yangzongzhuan/RuoYi-Vue3)</u>前端项目修改。 * 前端采用Vue、Element Plus基于<u>[RuoYi-Vue3](https://github.com/yangzongzhuan/RuoYi-Vue3)</u>前端项目修改。
* 后端采用FastAPI、sqlalchemy、MySQL、Redis、OAuth2 & Jwt。 * 后端采用FastAPI、sqlalchemy、MySQL、Redis、OAuth2 & Jwt。

10
ruoyi-fastapi-backend/.env.dev
View File

@@ -2,7 +2,7 @@
# 应用运行环境 # 应用运行环境
APP_ENV = 'dev' APP_ENV = 'dev'
# 应用名称 # 应用名称
APP_NAME = 'RuoYi-FasAPI' APP_NAME = 'RuoYi-FastAPI'
# 应用代理路径 # 应用代理路径
APP_ROOT_PATH = '/dev-api' APP_ROOT_PATH = '/dev-api'
# 应用主机 # 应用主机
@@ -10,9 +10,13 @@ APP_HOST = '0.0.0.0'
# 应用端口 # 应用端口
APP_PORT = 9099 APP_PORT = 9099
# 应用版本 # 应用版本
APP_VERSION= '1.0.2' APP_VERSION= '1.1.0'
# 应用是否开启热重载 # 应用是否开启热重载
APP_RELOAD = true APP_RELOAD = true
# 应用是否开启IP归属区域查询
APP_IP_LOCATION_QUERY = true
# 应用是否允许账号同时登录
APP_SAME_TIME_LOGIN = true
# -------- Jwt配置 -------- # -------- Jwt配置 --------
# Jwt秘钥 # Jwt秘钥
@@ -36,6 +40,8 @@ DB_USERNAME = 'root'
DB_PASSWORD = 'mysqlroot' DB_PASSWORD = 'mysqlroot'
# 数据库名称 # 数据库名称
DB_DATABASE = 'ruoyi-fastapi' DB_DATABASE = 'ruoyi-fastapi'
# 是否开启sqlalchemy日志
DB_ECHO = true
# -------- Redis配置 -------- # -------- Redis配置 --------
# Redis主机 # Redis主机

10
ruoyi-fastapi-backend/.env.prod
View File

@@ -2,7 +2,7 @@
# 应用运行环境 # 应用运行环境
APP_ENV = 'prod' APP_ENV = 'prod'
# 应用名称 # 应用名称
APP_NAME = 'RuoYi-FasAPI' APP_NAME = 'RuoYi-FastAPI'
# 应用代理路径 # 应用代理路径
APP_ROOT_PATH = '/prod-api' APP_ROOT_PATH = '/prod-api'
# 应用主机 # 应用主机
@@ -10,9 +10,13 @@ APP_HOST = '0.0.0.0'
# 应用端口 # 应用端口
APP_PORT = 9099 APP_PORT = 9099
# 应用版本 # 应用版本
APP_VERSION= '1.0.2' APP_VERSION= '1.1.0'
# 应用是否开启热重载 # 应用是否开启热重载
APP_RELOAD = false APP_RELOAD = false
# 应用是否开启IP归属区域查询
APP_IP_LOCATION_QUERY = true
# 应用是否允许账号同时登录
APP_SAMETIME_LOGIN = true
# -------- Jwt配置 -------- # -------- Jwt配置 --------
# Jwt秘钥 # Jwt秘钥
@@ -36,6 +40,8 @@ DB_USERNAME = 'root'
DB_PASSWORD = 'root' DB_PASSWORD = 'root'
# 数据库名称 # 数据库名称
DB_DATABASE = 'ruoyi-fastapi' DB_DATABASE = 'ruoyi-fastapi'
# 是否开启sqlalchemy日志
DB_ECHO = true
# -------- Redis配置 -------- # -------- Redis配置 --------
# Redis主机 # Redis主机

2
ruoyi-fastapi-backend/config/database.py
View File

@@ -8,7 +8,7 @@ SQLALCHEMY_DATABASE_URL = f"mysql+pymysql://{DataBaseConfig.db_username}:{quote_
f"{DataBaseConfig.db_host}:{DataBaseConfig.db_port}/{DataBaseConfig.db_database}" f"{DataBaseConfig.db_host}:{DataBaseConfig.db_port}/{DataBaseConfig.db_database}"
engine = create_engine( engine = create_engine(
SQLALCHEMY_DATABASE_URL, echo=True SQLALCHEMY_DATABASE_URL, echo=DataBaseConfig.db_echo
) )
SessionLocal = sessionmaker(autocommit=False, autoflush=False, bind=engine) SessionLocal = sessionmaker(autocommit=False, autoflush=False, bind=engine)
Base = declarative_base() Base = declarative_base()

3
ruoyi-fastapi-backend/config/env.py
View File

@@ -17,6 +17,8 @@ class AppSettings(BaseSettings):
app_port: int = 9099 app_port: int = 9099
app_version: str = '1.0.0' app_version: str = '1.0.0'
app_reload: bool = True app_reload: bool = True
app_ip_location_query: bool = True
app_same_time_login: bool = True
class JwtSettings(BaseSettings): class JwtSettings(BaseSettings):
@@ -38,6 +40,7 @@ class DataBaseSettings(BaseSettings):
db_username: str = 'root' db_username: str = 'root'
db_password: str = 'mysqlroot' db_password: str = 'mysqlroot'
db_database: str = 'ruoyi-fastapi' db_database: str = 'ruoyi-fastapi'
db_echo: bool = True
class RedisSettings(BaseSettings): class RedisSettings(BaseSettings):

221
ruoyi-fastapi-backend/module_admin/annotation/log_annotation.py
View File

@@ -12,6 +12,7 @@ from typing import Optional
from module_admin.service.login_service import LoginService from module_admin.service.login_service import LoginService
from module_admin.service.log_service import OperationLogService, LoginLogService from module_admin.service.log_service import OperationLogService, LoginLogService
from module_admin.entity.vo.log_vo import OperLogModel, LogininforModel from module_admin.entity.vo.log_vo import OperLogModel, LogininforModel
from config.env import AppConfig
def log_decorator(title: str, business_type: int, log_type: Optional[str] = 'operation'): def log_decorator(title: str, business_type: int, log_type: Optional[str] = 'operation'):
@@ -50,122 +51,126 @@ def log_decorator(title: str, business_type: int, log_type: Optional[str] = 'ope
# 获取请求的ip及ip归属区域 # 获取请求的ip及ip归属区域
oper_ip = request.headers.get("X-Forwarded-For") oper_ip = request.headers.get("X-Forwarded-For")
oper_location = '内网IP' oper_location = '内网IP'
try: if AppConfig.app_ip_location_query:
if oper_ip != '127.0.0.1' and oper_ip != 'localhost': try:
ip_result = requests.get(f'https://qifu-api.baidubce.com/ip/geo/v1/district?ip={oper_ip}') if oper_ip != '127.0.0.1' and oper_ip != 'localhost':
if ip_result.status_code == 200: ip_result = requests.get(f'https://qifu-api.baidubce.com/ip/geo/v1/district?ip={oper_ip}')
prov = ip_result.json().get('data').get('prov') if ip_result.status_code == 200:
city = ip_result.json().get('data').get('city') prov = ip_result.json().get('data').get('prov')
if prov or city: city = ip_result.json().get('data').get('city')
oper_location = f'{prov}-{city}' if prov or city:
oper_location = f'{prov}-{city}'
else:
oper_location = '未知'
else: else:
oper_location = '未知' oper_location = '未知'
else: except Exception as e:
oper_location = '未知' oper_location = '未知'
except Exception as e: print(e)
oper_location = '未知' # 根据不同的请求类型使用不同的方法获取请求参数
print(e) content_type = request.headers.get("Content-Type")
finally: if content_type and ("multipart/form-data" in content_type or 'application/x-www-form-urlencoded' in content_type):
# 根据不同的请求类型使用不同的方法获取请求参数 payload = await request.form()
content_type = request.headers.get("Content-Type") oper_param = "\n".join([f"{key}: {value}" for key, value in payload.items()])
if content_type and ("multipart/form-data" in content_type or 'application/x-www-form-urlencoded' in content_type): else:
payload = await request.form() payload = await request.body()
oper_param = "\n".join([f"{key}: {value}" for key, value in payload.items()]) # 通过 request.path_params 直接访问路径参数
else: path_params = request.path_params
payload = await request.body() oper_param = {}
# 通过 request.path_params 直接访问路径参数 if payload:
path_params = request.path_params oper_param.update(json.loads(str(payload, 'utf-8')))
oper_param = {} if path_params:
if payload: oper_param.update(path_params)
oper_param.update(json.loads(str(payload, 'utf-8'))) oper_param = json.dumps(oper_param, ensure_ascii=False)
if path_params: # 日志表请求参数字段长度最大为2000因此在此处判断长度
oper_param.update(path_params) if len(oper_param) > 2000:
oper_param = json.dumps(oper_param, ensure_ascii=False) oper_param = '请求参数过长'
# 日志表请求参数字段长度最大为2000因此在此处判断长度
if len(oper_param) > 2000:
oper_param = '请求参数过长'
# 获取操作时间 # 获取操作时间
oper_time = datetime.now() oper_time = datetime.now()
# 此处在登录之前向原始函数传递一些登录信息,用于监测在线用户的相关信息 # 此处在登录之前向原始函数传递一些登录信息,用于监测在线用户的相关信息
login_log = {} login_log = {}
if log_type == 'login': if log_type == 'login':
user_agent_info = parse(user_agent) user_agent_info = parse(user_agent)
browser = f'{user_agent_info.browser.family} {user_agent_info.browser.version[0]}' browser = f'{user_agent_info.browser.family}'
system_os = f'{user_agent_info.os.family} {user_agent_info.os.version[0]}' system_os = f'{user_agent_info.os.family}'
login_log = dict( if user_agent_info.browser.version != ():
ipaddr=oper_ip, browser += f' {user_agent_info.browser.version[0]}'
loginLocation=oper_location, if user_agent_info.os.version != ():
browser=browser, system_os += f' {user_agent_info.os.version[0]}'
os=system_os, login_log = dict(
loginTime=oper_time.strftime('%Y-%m-%d %H:%M:%S') ipaddr=oper_ip,
) loginLocation=oper_location,
kwargs['form_data'].login_info = login_log browser=browser,
# 调用原始函数 os=system_os,
result = await func(*args, **kwargs) loginTime=oper_time.strftime('%Y-%m-%d %H:%M:%S')
# 获取请求耗时 )
cost_time = float(time.time() - start_time) * 100 kwargs['form_data'].login_info = login_log
# 判断请求是否来自api文档 # 调用原始函数
request_from_swagger = request.headers.get('referer').endswith('docs') if request.headers.get('referer') else False result = await func(*args, **kwargs)
request_from_redoc = request.headers.get('referer').endswith('redoc') if request.headers.get('referer') else False # 获取请求耗时
# 根据响应结果的类型使用不同的方法获取响应结果参数 cost_time = float(time.time() - start_time) * 100
if isinstance(result, JSONResponse) or isinstance(result, ORJSONResponse) or isinstance(result, UJSONResponse): # 判断请求是否来自api文档
result_dict = json.loads(str(result.body, 'utf-8')) request_from_swagger = request.headers.get('referer').endswith('docs') if request.headers.get('referer') else False
request_from_redoc = request.headers.get('referer').endswith('redoc') if request.headers.get('referer') else False
# 根据响应结果的类型使用不同的方法获取响应结果参数
if isinstance(result, JSONResponse) or isinstance(result, ORJSONResponse) or isinstance(result, UJSONResponse):
result_dict = json.loads(str(result.body, 'utf-8'))
else:
if request_from_swagger or request_from_redoc:
result_dict = {}
else: else:
if request_from_swagger or request_from_redoc: if result.status_code == 200:
result_dict = {} result_dict = {'code': result.status_code, 'message': '获取成功'}
else: else:
if result.status_code == 200: result_dict = {'code': result.status_code, 'message': '获取失败'}
result_dict = {'code': result.status_code, 'message': '获取成功'} json_result = json.dumps(result_dict, ensure_ascii=False)
else: # 根据响应结果获取响应状态及异常信息
result_dict = {'code': result.status_code, 'message': '获取失败'} status = 1
json_result = json.dumps(result_dict, ensure_ascii=False) error_msg = ''
# 根据响应结果获取响应状态及异常信息 if result_dict.get('code') == 200:
status = 1 status = 0
error_msg = '' else:
if result_dict.get('code') == 200: error_msg = result_dict.get('msg')
status = 0 # 根据日志类型向对应的日志表插入数据
if log_type == 'login':
# 登录请求来自于api文档时不记录登录日志其余情况则记录
if request_from_swagger or request_from_redoc:
pass
else: else:
error_msg = result_dict.get('msg') user = kwargs.get('form_data')
# 根据日志类型向对应的日志表插入数据 user_name = user.username
if log_type == 'login': login_log['loginTime'] = oper_time
# 登录请求来自于api文档时不记录登录日志其余情况则记录 login_log['userName'] = user_name
if request_from_swagger or request_from_redoc: login_log['status'] = str(status)
pass login_log['msg'] = result_dict.get('msg')
else:
user = kwargs.get('form_data')
user_name = user.username
login_log['loginTime'] = oper_time
login_log['userName'] = user_name
login_log['status'] = str(status)
login_log['msg'] = result_dict.get('msg')
LoginLogService.add_login_log_services(query_db, LogininforModel(**login_log)) LoginLogService.add_login_log_services(query_db, LogininforModel(**login_log))
else: else:
current_user = await LoginService.get_current_user(request, token, query_db) current_user = await LoginService.get_current_user(request, token, query_db)
oper_name = current_user.user.user_name oper_name = current_user.user.user_name
dept_name = current_user.user.dept.dept_name if current_user.user.dept else None dept_name = current_user.user.dept.dept_name if current_user.user.dept else None
operation_log = OperLogModel( operation_log = OperLogModel(
title=title, title=title,
businessType=business_type, businessType=business_type,
method=func_path, method=func_path,
requestMethod=request_method, requestMethod=request_method,
operatorType=operator_type, operatorType=operator_type,
operName=oper_name, operName=oper_name,
deptName=dept_name, deptName=dept_name,
operUrl=oper_url, operUrl=oper_url,
operIp=oper_ip, operIp=oper_ip,
operLocation=oper_location, operLocation=oper_location,
operParam=oper_param, operParam=oper_param,
jsonResult=json_result, jsonResult=json_result,
status=status, status=status,
errorMsg=error_msg, errorMsg=error_msg,
operTime=oper_time, operTime=oper_time,
costTime=int(cost_time) costTime=int(cost_time)
) )
OperationLogService.add_operation_log_services(query_db, operation_log) OperationLogService.add_operation_log_services(query_db, operation_log)
return result return result
return wrapper return wrapper

14
ruoyi-fastapi-backend/module_admin/controller/login_controller.py
View File

@@ -41,11 +41,13 @@ async def login(request: Request, form_data: CustomOAuth2PasswordRequestForm = D
}, },
expires_delta=access_token_expires expires_delta=access_token_expires
) )
await request.app.state.redis.set(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{session_id}", access_token, if AppConfig.app_same_time_login:
ex=timedelta(minutes=JwtConfig.jwt_redis_expire_minutes)) await request.app.state.redis.set(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{session_id}", access_token,
# 此方法可实现同一账号同一时间只能登录一次 ex=timedelta(minutes=JwtConfig.jwt_redis_expire_minutes))
# await request.app.state.redis.set(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{result[0].user_id}", access_token, else:
# ex=timedelta(minutes=JwtConfig.jwt_redis_expire_minutes)) # 此方法可实现同一账号同一时间只能登录一次
await request.app.state.redis.set(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{result[0].user_id}", access_token,
ex=timedelta(minutes=JwtConfig.jwt_redis_expire_minutes))
UserService.edit_user_services(query_db, EditUserModel(userId=result[0].user_id, loginDate=datetime.now(), type='status')) UserService.edit_user_services(query_db, EditUserModel(userId=result[0].user_id, loginDate=datetime.now(), type='status'))
logger.info('登录成功') logger.info('登录成功')
# 判断请求是否来自于api文档如果是返回指定格式的结果用于修复api文档认证成功后token显示undefined的bug # 判断请求是否来自于api文档如果是返回指定格式的结果用于修复api文档认证成功后token显示undefined的bug
@@ -131,7 +133,7 @@ async def register_user(request: Request, user_register: UserRegister, query_db:
@loginController.post("/logout") @loginController.post("/logout")
async def logout(request: Request, token: Optional[str] = Depends(oauth2_scheme)): async def logout(request: Request, token: Optional[str] = Depends(oauth2_scheme)):
try: try:
payload = jwt.decode(token, JwtConfig.jwt_secret_key, algorithms=[JwtConfig.jwt_algorithm]) payload = jwt.decode(token, JwtConfig.jwt_secret_key, algorithms=[JwtConfig.jwt_algorithm], options={'verify_exp': False})
session_id: str = payload.get("session_id") session_id: str = payload.get("session_id")
await LoginService.logout_services(request, session_id) await LoginService.logout_services(request, session_id)
logger.info('退出成功') logger.info('退出成功')

40
ruoyi-fastapi-backend/module_admin/service/login_service.py
View File

@@ -56,6 +56,7 @@ class LoginService:
:param login_user: 登录用户对象 :param login_user: 登录用户对象
:return: 校验结果 :return: 校验结果
""" """
await cls.__check_login_ip(request)
account_lock = await request.app.state.redis.get( account_lock = await request.app.state.redis.get(
f"{RedisInitKeyConfig.ACCOUNT_LOCK.get('key')}:{login_user.user_name}") f"{RedisInitKeyConfig.ACCOUNT_LOCK.get('key')}:{login_user.user_name}")
if login_user.user_name == account_lock: if login_user.user_name == account_lock:
@@ -100,6 +101,21 @@ class LoginService:
f"{RedisInitKeyConfig.PASSWORD_ERROR_COUNT.get('key')}:{login_user.user_name}") f"{RedisInitKeyConfig.PASSWORD_ERROR_COUNT.get('key')}:{login_user.user_name}")
return user return user
@classmethod
async def __check_login_ip(cls, request: Request):
"""
校验用户登录ip是否在黑名单内
:param request: Request对象
:return: 校验结果
"""
black_ip_value = await request.app.state.redis.get(
f"{RedisInitKeyConfig.SYS_CONFIG.get('key')}:sys.login.blackIPList")
black_ip_list = black_ip_value.split(',') if black_ip_value else []
if request.headers.get('X-Forwarded-For') in black_ip_list:
logger.warning("当前IP禁止登录")
raise LoginException(data="", message="当前IP禁止登录")
return True
@classmethod @classmethod
async def __check_login_captcha(cls, request: Request, login_user: UserLogin): async def __check_login_captcha(cls, request: Request, login_user: UserLogin):
""" """
@@ -166,14 +182,18 @@ class LoginService:
if query_user.get('user_basic_info') is None: if query_user.get('user_basic_info') is None:
logger.warning("用户token不合法") logger.warning("用户token不合法")
raise AuthException(data="", message="用户token不合法") raise AuthException(data="", message="用户token不合法")
redis_token = await request.app.state.redis.get(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{session_id}") if AppConfig.app_same_time_login:
# 此方法可实现同一账号同一时间只能登录一次 redis_token = await request.app.state.redis.get(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{session_id}")
# redis_token = await request.app.state.redis.get(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{user.user_basic_info.user_id}") else:
# 此方法可实现同一账号同一时间只能登录一次
redis_token = await request.app.state.redis.get(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{query_user.get('user_basic_info').user_id}")
if token == redis_token: if token == redis_token:
await request.app.state.redis.set(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{session_id}", redis_token, if AppConfig.app_same_time_login:
ex=timedelta(minutes=JwtConfig.jwt_redis_expire_minutes)) await request.app.state.redis.set(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{session_id}", redis_token,
# await request.app.state.redis.set(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{user.user_basic_info.user_id}", redis_token, ex=timedelta(minutes=JwtConfig.jwt_redis_expire_minutes))
# ex=timedelta(minutes=JwtConfig.jwt_redis_expire_minutes)) else:
await request.app.state.redis.set(f"{RedisInitKeyConfig.ACCESS_TOKEN.get('key')}:{query_user.get('user_basic_info').user_id}", redis_token,
ex=timedelta(minutes=JwtConfig.jwt_redis_expire_minutes))
role_id_list = [item.role_id for item in query_user.get('user_role_info')] role_id_list = [item.role_id for item in query_user.get('user_role_info')]
if 1 in role_id_list: if 1 in role_id_list:
@@ -229,14 +249,16 @@ class LoginService:
if permission.menu_type == 'M': if permission.menu_type == 'M':
router_list_data['name'] = permission.path.capitalize() router_list_data['name'] = permission.path.capitalize()
router_list_data['hidden'] = False if permission.visible == '0' else True router_list_data['hidden'] = False if permission.visible == '0' else True
if permission.is_frame == 1:
router_list_data['redirect'] = 'noRedirect'
if permission.parent_id == 0: if permission.parent_id == 0:
router_list_data['component'] = 'Layout' router_list_data['component'] = 'Layout'
router_list_data['path'] = f'/{permission.path}' router_list_data['path'] = f'/{permission.path}'
else: else:
router_list_data['component'] = 'ParentView' router_list_data['component'] = 'ParentView'
router_list_data['path'] = permission.path router_list_data['path'] = permission.path
if permission.is_frame == 1:
router_list_data['redirect'] = 'noRedirect'
else:
router_list_data['path'] = permission.path
if children: if children:
router_list_data['alwaysShow'] = True router_list_data['alwaysShow'] = True
router_list_data['children'] = children router_list_data['children'] = children

2
ruoyi-fastapi-frontend/.env.development
View File

@@ -4,5 +4,5 @@ VITE_APP_TITLE = vfadmin管理系统
# 开发环境配置 # 开发环境配置
VITE_APP_ENV = 'development' VITE_APP_ENV = 'development'
# 若依管理系统/开发环境 # vfadmin管理系统/开发环境
VITE_APP_BASE_API = '/dev-api' VITE_APP_BASE_API = '/dev-api'

2
ruoyi-fastapi-frontend/.env.production
View File

@@ -4,7 +4,7 @@ VITE_APP_TITLE = vfadmin管理系统
# 生产环境配置 # 生产环境配置
VITE_APP_ENV = 'production' VITE_APP_ENV = 'production'
# 若依管理系统/生产环境 # vfadmin管理系统/生产环境
VITE_APP_BASE_API = '/prod-api' VITE_APP_BASE_API = '/prod-api'
# 是否在打包时开启压缩,支持 gzip 和 brotli # 是否在打包时开启压缩,支持 gzip 和 brotli

4
ruoyi-fastapi-frontend/.env.staging
View File

@@ -1,10 +1,10 @@
# 页面标题 # 页面标题
VITE_APP_TITLE = 若依管理系统 VITE_APP_TITLE = vfadmin管理系统
# 生产环境配置 # 生产环境配置
VITE_APP_ENV = 'staging' VITE_APP_ENV = 'staging'
# 若依管理系统/生产环境 # vfadmin管理系统/生产环境
VITE_APP_BASE_API = '/stage-api' VITE_APP_BASE_API = '/stage-api'
# 是否在打包时开启压缩,支持 gzip 和 brotli # 是否在打包时开启压缩,支持 gzip 和 brotli

2
ruoyi-fastapi-frontend/index.html
View File

@@ -7,7 +7,7 @@
<meta name="renderer" content="webkit"> <meta name="renderer" content="webkit">
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no"> <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no">
<link rel="icon" href="/favicon.ico"> <link rel="icon" href="/favicon.ico">
<title>若依管理系统</title> <title>vfadmin管理系统</title>
<!--[if lt IE 11]><script>window.location.href='/html/ie.html';</script><![endif]--> <!--[if lt IE 11]><script>window.location.href='/html/ie.html';</script><![endif]-->
<style> <style>
html, html,

2
ruoyi-fastapi-frontend/package.json
View File

@@ -1,6 +1,6 @@
{ {
"name": "vfadmin", "name": "vfadmin",
"version": "1.0.2", "version": "1.1.0",
"description": "vfadmin管理系统", "description": "vfadmin管理系统",
"author": "insistence", "author": "insistence",
"license": "MIT", "license": "MIT",

8
ruoyi-fastapi-frontend/src/views/system/menu/index.vue
View File

@@ -152,8 +152,8 @@
</span> </span>
</template> </template>
<el-radio-group v-model="form.isFrame"> <el-radio-group v-model="form.isFrame">
<el-radio label="0"></el-radio> <el-radio :label="0"></el-radio>
<el-radio label="1"></el-radio> <el-radio :label="1"></el-radio>
</el-radio-group> </el-radio-group>
</el-form-item> </el-form-item>
</el-col> </el-col>
@@ -220,8 +220,8 @@
</span> </span>
</template> </template>
<el-radio-group v-model="form.isCache"> <el-radio-group v-model="form.isCache">
<el-radio label="0">缓存</el-radio> <el-radio :label="0">缓存</el-radio>
<el-radio label="1">不缓存</el-radio> <el-radio :label="1">不缓存</el-radio>
</el-radio-group> </el-radio-group>
</el-form-item> </el-form-item>
</el-col> </el-col>