V 1.0.8

添加获取公钥登录注册的IP限速每分钟五次
2025-04-08 21:02:12 +08:00 · 2025-04-08 21:02:12 +08:00 · 0a2ba8bb1a
commit 0a2ba8bb1a
parent 61c4e0f977
3 changed files with 47 additions and 1 deletions
--- a/LMS.service/LMS.service.csproj
+++ b/LMS.service/LMS.service.csproj
@ -10,6 +10,7 @@
  </PropertyGroup>

  <ItemGroup>
+    <PackageReference Include="AspNetCoreRateLimit" Version="5.0.0" />
    <PackageReference Include="AutoMapper" Version="14.0.0" />
    <PackageReference Include="Betalgo.Ranul.OpenAI" Version="8.9.0" />
    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="8.0.8" />
--- a/LMS.service/Program.cs
+++ b/LMS.service/Program.cs
@ -1,3 +1,4 @@
+using AspNetCoreRateLimit;
 using Lai_server.Configuration;
 using LMS.DAO;
 using LMS.Repository.Models.DB;
@ -44,6 +45,20 @@ builder.Services.AddDbContext<ApplicationDbContext>(options =>
    options.UseMySql(connectionString, ServerVersion.Parse("8.0.18-mysql"));
 });

+// 添加内存缓存（用于存储速率限制计数器）
+builder.Services.AddMemoryCache();
+
+// 加载通用配置（从appsettings.json）
+builder.Services.Configure<IpRateLimitOptions>(builder.Configuration.GetSection("IpRateLimiting"));
+
+// 注入计数器和规则存储
+builder.Services.AddSingleton<IIpPolicyStore, MemoryCacheIpPolicyStore>();
+builder.Services.AddSingleton<IRateLimitCounterStore, MemoryCacheRateLimitCounterStore>();
+builder.Services.AddSingleton<IRateLimitConfiguration, RateLimitConfiguration>();
+builder.Services.AddSingleton<IProcessingStrategy, AsyncKeyLockProcessingStrategy>();
+
+
+
 builder.Services.AddIdentityCore<User>(options =>
 {
    options.SignIn.RequireConfirmedAccount = true; //已有账号才能登录
@ -102,6 +117,9 @@ app.UseAuthentication();
 app.UseAuthorization();
 app.MapControllers();

+// 在管道中使用IP速率限制中间件
+app.UseIpRateLimiting();
+
 app.UseMiddleware<DynamicPermissionMiddleware>();
 app.UseEndpoints(endpoints =>
 {
--- a/LMS.service/appsettings.json
+++ b/LMS.service/appsettings.json
@ -26,6 +26,33 @@
    ],
    "Enrich": [ "FromLogContext" ]
  },
-  "Version": "1.0.7",
+  "IpRateLimiting": {
+    "EnableEndpointRateLimiting": true,
+    "StackBlockedRequests": false,
+    "RealIpHeader": "X-Real-IP",
+    "ClientIdHeader": "X-ClientId",
+    "HttpStatusCode": 429,
+    "IpWhitelist": [],
+    "EndpointWhitelist": [ "get:/api/status", "*:/api/health" ],
+    "ClientWhitelist": [ "dev-client-1", "dev-client-2" ],
+    "GeneralRules": [
+      {
+        "Endpoint": "get:/lms/User/GetPublicKey",
+        "Period": "1m",
+        "Limit": 5
+      },
+      {
+        "Endpoint": "post:/lms/User/Login*",
+        "Period": "1m",
+        "Limit": 5
+      },
+      {
+        "Endpoint": "post:/lms/User/Register",
+        "Period": "1m",
+        "Limit": 10
+      }
+    ]
+  },
+  "Version": "1.0.8",
  "AllowedHosts": "*"
 }