78 lines
2.0 KiB
Go
78 lines
2.0 KiB
Go
package midware
|
|
|
|
import (
|
|
"encoding/json"
|
|
"net/http"
|
|
"strings"
|
|
"time"
|
|
|
|
"ems.agt/lib/dborm"
|
|
"ems.agt/lib/services"
|
|
)
|
|
|
|
// 登录策略限制登录时间和访问ip范围
|
|
func ArrowIPAddr(next http.Handler) http.Handler {
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
ipAddr := strings.Split(r.RemoteAddr, ":")[0]
|
|
|
|
// 读取配置信息 登录策略设置
|
|
result, err := dborm.XormGetConfig("Security", "loginSecurity")
|
|
if err != nil {
|
|
next.ServeHTTP(w, r)
|
|
return
|
|
}
|
|
data := make(map[string]any)
|
|
err = json.Unmarshal([]byte(result["value_json"].(string)), &data)
|
|
if err != nil {
|
|
next.ServeHTTP(w, r)
|
|
return
|
|
}
|
|
|
|
// 开关
|
|
switchStr := data["switch"].(string)
|
|
if switchStr == "0" {
|
|
next.ServeHTTP(w, r)
|
|
return
|
|
}
|
|
|
|
ipRange := data["ipRange"].(string)
|
|
logintimeRange := data["logintime_range"].(string)
|
|
|
|
// 检查ip
|
|
ips := strings.Split(ipRange, "/")
|
|
hasIP := false
|
|
for _, ip := range ips {
|
|
if ipAddr == ip {
|
|
hasIP = true
|
|
}
|
|
}
|
|
if !hasIP {
|
|
services.ResponseErrorWithJson(w, 502, "网关登录策略-IP限制: "+ipAddr)
|
|
return
|
|
}
|
|
|
|
// 检查开放时间
|
|
logintimeRangeArr := strings.Split(logintimeRange, " - ")
|
|
|
|
// 加载中国时区
|
|
loc, _ := time.LoadLocation("Asia/Shanghai")
|
|
// 获取当前时间
|
|
currentTime := time.Now().In(loc)
|
|
|
|
// 获取当前日期
|
|
currentDate := time.Date(currentTime.Year(), currentTime.Month(), currentTime.Day(), 0, 0, 0, 0, currentTime.Location())
|
|
ymd := currentDate.Format("2006-01-02")
|
|
|
|
// 定义开始时间和结束时间
|
|
startTime, _ := time.ParseInLocation("2006-01-02 15:04:05", ymd+" "+logintimeRangeArr[0], loc)
|
|
endTime, _ := time.ParseInLocation("2006-01-02 15:04:05", ymd+" "+logintimeRangeArr[1], loc)
|
|
|
|
// 判断当前时间是否在范围内
|
|
if currentTime.After(startTime) && currentTime.Before(endTime) {
|
|
next.ServeHTTP(w, r)
|
|
} else {
|
|
services.ResponseErrorWithJson(w, 502, "网关登录策略-不在开放时间范围内")
|
|
}
|
|
})
|
|
}
|