feat: 可查看全局被限制的ip 并且可以解锁 (#11394)

Co-authored-by: feng <1304903146@qq.com>
2025-09-06 01:40:52 +00:00 · 2023-08-30 17:31:59 +08:00
parent 24194b4e4d
commit 266a360a97
4 changed files with 69 additions and 0 deletions
--- a/apps/settings/api/security.py
+++ b/apps/settings/api/security.py
@@ -0,0 +1,60 @@
+from uuid import uuid4
+
+from django.conf import settings
+from django.core.cache import cache
+from rest_framework.generics import ListAPIView, CreateAPIView
+from rest_framework.views import Response
+
+from users.utils import LoginIpBlockUtil
+from ..serializers import SecurityBlockIPSerializer
+
+
+class BlockIPSecurityAPI(ListAPIView):
+    serializer_class = SecurityBlockIPSerializer
+    rbac_perms = {
+        'GET': 'settings.change_security',
+        'unlock': 'settings.change_security',
+    }
+
+    @staticmethod
+    def get_ips():
+        ips = []
+        prefix = LoginIpBlockUtil.BLOCK_KEY_TMPL.replace('{}', '')
+        keys = cache.keys(f'{prefix}*')
+        for key in keys:
+            ips.append(key.replace(prefix, ''))
+
+        white_list = settings.SECURITY_LOGIN_IP_WHITE_LIST
+        ips = list(set(ips) - set(white_list))
+        ips = settings.SECURITY_LOGIN_IP_BLACK_LIST
+        ips = [ip for ip in ips if ip != '*']
+        return ips
+
+    def get_page_offset_and_limit(self):
+        get_params = self.request.GET
+        offset = get_params.get('offset', 0)
+        limit = get_params.get('limit', 15)
+        return int(offset), int(limit)
+
+    def list(self, request, *args, **kwargs):
+        ips = self.get_ips()
+        offset, limit = self.get_page_offset_and_limit()
+        slice_ips = ips[offset:offset + limit]
+        data = [{'id': str(uuid4()), 'ip': ip} for ip in slice_ips]
+        ser = self.get_serializer(data, many=True)
+        data = {'count': len(ips), 'results': ser.data}
+        return Response(data=data, status=200)
+
+
+class UnlockIPSecurityAPI(CreateAPIView):
+    serializer_class = SecurityBlockIPSerializer
+    rbac_perms = {
+        'POST': 'settings.change_security',
+    }
+
+    def create(self, request, *args, **kwargs):
+        ips = request.data.get('ips')
+        prefix = LoginIpBlockUtil.BLOCK_KEY_TMPL.replace('{}', '')
+        for ip in ips:
+            LoginIpBlockUtil(f'{prefix}{ip}').clean_block_if_need()
+        return Response(status=200)