feat: add daily request limit and refactor access control (#759)

- Add daily request limit per IP in blacklist settings (1-1,000,000/day) - Refactor access control logic: merge blacklist and rate limit checks - Remove RATE_LIMIT_API_DAILY_REQUESTS env var, use database config instead - Move x-custom-auth check earlier in middleware chain - Add comprehensive English documentation (31 new guide pages) - Improve code structure and error handling 🤖 Generated with [Claude Code](https://claude.ai/code) Co-authored-by: Claude <noreply@anthropic.com>
2026-06-07 00:19:56 +08:00 · 2025-11-08 12:46:30 +08:00
parent eaeac8ebec
commit b337a44e62
44 changed files with 1983 additions and 154 deletions
--- a/frontend/src/views/admin/IpBlacklistSettings.vue
+++ b/frontend/src/views/admin/IpBlacklistSettings.vue
@@ -26,6 +26,12 @@ const { t } = useI18n({
            tip_ip: 'IP Blacklist: Supports text matching (e.g., "192.168.1") or regex (e.g., "^10\\.0\\.0\\.5$").',
            tip_asn: 'ASN Organization: Block by ISP/provider. Case-insensitive text matching or regex.',
            tip_fingerprint: 'Browser Fingerprint: Block by browser fingerprint. Supports exact matching or regex patterns.',
+            tip_daily_limit: 'Daily Limit: Restrict the maximum number of requests per IP address per day (1-1000000).',
+            tip_scope: 'Applies to: Create Address, Send Mail, External Send Mail API, User Registration, Verify Code',
+            enable_daily_limit: 'Enable Daily Request Limit',
+            enable_daily_limit_tip: 'Limit the number of API requests per IP address per day',
+            daily_request_limit: 'Daily Request Limit',
+            daily_request_limit_placeholder: 'Enter limit (e.g., 1000)',
        },
        zh: {
            title: 'IP 黑名单设置',
@@ -43,6 +49,12 @@ const { t } = useI18n({
            tip_ip: 'IP 黑名单：支持文本匹配（如 "192.168.1"）或正则表达式（如 "^10\\.0\\.0\\.5$"）。',
            tip_asn: 'ASN 组织：根据运营商/ISP 拉黑。支持不区分大小写的文本匹配或正则表达式。',
            tip_fingerprint: '浏览器指纹：根据浏览器指纹拉黑。支持完全匹配或正则表达式。',
+            tip_daily_limit: '每日限流：限制单个 IP 地址每天最多请求次数（1-1000000）。',
+            tip_scope: '作用范围：创建邮箱地址、发送邮件、外部发送邮件 API、用户注册、验证码验证',
+            enable_daily_limit: '启用每日请求限流',
+            enable_daily_limit_tip: '限制每个 IP 地址每天的 API 请求次数',
+            daily_request_limit: '每日请求次数上限',
+            daily_request_limit_placeholder: '输入限制次数（例如：1000）',
        }
    }
 });
@@ -51,6 +63,8 @@ const enabled = ref(false)
 const ipBlacklist = ref([])
 const asnBlacklist = ref([])
 const fingerprintBlacklist = ref([])
+const enableDailyLimit = ref(false)
+const dailyRequestLimit = ref(1000)

 const fetchData = async () => {
    try {
@@ -60,6 +74,8 @@ const fetchData = async () => {
        ipBlacklist.value = res.blacklist || []
        asnBlacklist.value = res.asnBlacklist || []
        fingerprintBlacklist.value = res.fingerprintBlacklist || []
+        enableDailyLimit.value = res.enableDailyLimit || false
+        dailyRequestLimit.value = res.dailyRequestLimit || 1000
    } catch (error) {
        message.error(error.message || "error");
    } finally {
@@ -77,6 +93,8 @@ const save = async () => {
                blacklist: ipBlacklist.value || [],
                asnBlacklist: asnBlacklist.value || [],
                fingerprintBlacklist: fingerprintBlacklist.value || [],
+                enableDailyLimit: enableDailyLimit.value,
+                dailyRequestLimit: dailyRequestLimit.value
            })
        })
        message.success(t('successTip'))
@@ -104,9 +122,11 @@ onMounted(async () => {
            <n-space vertical :size="20">
                <n-alert :show-icon="false" :bordered="false" type="info">
                    <div style="line-height: 1.8;">
+                        <div><strong>{{ t("tip_scope") }}</strong></div>
                        <div>• {{ t("tip_ip") }}</div>
                        <div>• {{ t("tip_asn") }}</div>
                        <div>• {{ t("tip_fingerprint") }}</div>
+                        <div>• {{ t("tip_daily_limit") }}</div>
                    </div>
                </n-alert>

@@ -164,6 +184,26 @@ onMounted(async () => {
                        </template>
                    </n-select>
                </n-form-item-row>
+
+                <n-divider />
+
+                <n-form-item-row :label="t('enable_daily_limit')">
+                    <n-switch v-model:value="enableDailyLimit" :round="false" />
+                    <n-text depth="3" style="margin-left: 10px; font-size: 12px;">
+                        {{ t('enable_daily_limit_tip') }}
+                    </n-text>
+                </n-form-item-row>
+
+                <n-form-item-row :label="t('daily_request_limit')">
+                    <n-input-number
+                        v-model:value="dailyRequestLimit"
+                        :min="1"
+                        :max="1000000"
+                        :placeholder="t('daily_request_limit_placeholder')"
+                        :disabled="!enableDailyLimit"
+                        style="width: 100%;"
+                    />
+                </n-form-item-row>
            </n-space>
        </n-card>
    </div>