版本预发布

2025-08-28 10:09:54 +08:00 · 2023-02-08 20:29:34 +08:00
parent f11c7c5bf2
commit 2068d05c93
269 changed files with 16122 additions and 12075 deletions
--- a/server/internal/logic/middleware/admin_auth.go
+++ b/server/internal/logic/middleware/admin_auth.go
@@ -42,7 +42,7 @@ func (s *sMiddleware) AdminAuth(r *ghttp.Request) {

 	// 验证路由访问权限
 	if !service.AdminRole().Verify(ctx, path, r.Method) {
-		g.Log().Warningf(ctx, "AdminAuth fail path:%+v, GetRoleKey:%+v, r.Method:%+v", path, contexts.GetRoleKey(ctx), r.Method)
+		g.Log().Debugf(ctx, "AdminAuth fail path:%+v, GetRoleKey:%+v, r.Method:%+v", path, contexts.GetRoleKey(ctx), r.Method)
 		response.JsonExit(r, gcode.CodeSecurityReason.Code(), "你没有访问权限！")
 		return
 	}
--- a/server/internal/logic/middleware/init.go
+++ b/server/internal/logic/middleware/init.go
@@ -151,22 +151,19 @@ func inspectAuth(r *ghttp.Request, appName string) error {
 	// 保存到上下文
 	if user != nil {
 		customCtx.User = &model.Identity{
-			Id:         user.Id,
-			Pid:        user.Pid,
-			DeptId:     user.DeptId,
-			RoleId:     user.RoleId,
-			RoleKey:    user.RoleKey,
-			Username:   user.Username,
-			RealName:   user.RealName,
-			Avatar:     user.Avatar,
-			Email:      user.Email,
-			Mobile:     user.Mobile,
-			VisitCount: user.VisitCount,
-			LastTime:   user.LastTime,
-			LastIp:     user.LastIp,
-			Exp:        user.Exp,
-			Expires:    user.Expires,
-			App:        user.App,
+			Id:       user.Id,
+			Pid:      user.Pid,
+			DeptId:   user.DeptId,
+			RoleId:   user.RoleId,
+			RoleKey:  user.RoleKey,
+			Username: user.Username,
+			RealName: user.RealName,
+			Avatar:   user.Avatar,
+			Email:    user.Email,
+			Mobile:   user.Mobile,
+			Exp:      user.Exp,
+			Expires:  user.Expires,
+			App:      user.App,
 		}
 	}
 	contexts.SetUser(ctx, customCtx.User)
--- a/server/internal/logic/middleware/limit_develop.go
+++ b/server/internal/logic/middleware/limit_develop.go
@@ -0,0 +1,36 @@
+package middleware
+
+import (
+	"fmt"
+	"github.com/gogf/gf/v2/errors/gcode"
+	"github.com/gogf/gf/v2/frame/g"
+	"github.com/gogf/gf/v2/net/ghttp"
+	"github.com/gogf/gf/v2/text/gstr"
+	"hotgo/internal/library/location"
+	"hotgo/internal/library/response"
+)
+
+// Develop 开发工具白名单过滤
+func (s *sMiddleware) Develop(r *ghttp.Request) {
+	ips := g.Cfg().MustGet(r.Context(), "hggen.allowedIPs").Strings()
+	if len(ips) == 0 {
+		response.JsonExit(r, gcode.CodeNotSupported.Code(), "请配置生成白名单！")
+	}
+
+	if !gstr.InArray(ips, "*") {
+		cuIp := location.GetClientIp(r)
+		ok := false
+		for _, ip := range ips {
+			if ip == cuIp {
+				ok = true
+				break
+			}
+		}
+
+		if !ok {
+			response.JsonExit(r, gcode.CodeNotSupported.Code(), fmt.Sprintf("当前IP[%s]没有配置生成白名单！", cuIp))
+		}
+	}
+
+	r.Middleware.Next()
+}