v0.6测试

2026-04-14 20:42:18 +08:00
parent a60ba8352f
commit d17a63d4cd
13 changed files with 680 additions and 473 deletions
--- a/backend/services/auth_service.py
+++ b/backend/services/auth_service.py
@@ -15,6 +15,7 @@ from datetime import datetime
 from models.user import UserModel
 from models.student import StudentModel
 from models.admin_role import AdminRoleModel
+from services.log_service import LogService
 from utils.security import security
 from utils.jwt_handler import jwt_handler
 from utils.redis_client import RedisClient
@@ -28,13 +29,14 @@ class AuthService:
    """认证服务"""
    
    @staticmethod
-    async def login(username: str, password: str, ip: str) -> Dict[str, Any]:
+    async def login(username: str, password: str, ip: str, user_agent: str = None) -> Dict[str, Any]:
        """
        用户登录
        """
        # 检查登录失败次数
        attempts = await RedisClient.get(f"login_attempts:{username}")
        if attempts and int(attempts) >= 5:
+            await LogService.write_login_log(username, 0, ip, user_agent, "登录失败次数过多")
            return {"success": False, "message": "登录失败次数过多，请15分钟后重试"}
        
        # 获取用户信息
@@ -42,15 +44,18 @@ class AuthService:
        
        if not user:
            await RedisClient.set_login_attempts(username)
+            await LogService.write_login_log(username, 0, ip, user_agent, "用户名或密码错误")
            return {"success": False, "message": "用户名或密码错误"}
        
        # 验证密码
        if not security.verify_password(password, user["password_hash"]):
            await RedisClient.set_login_attempts(username)
+            await LogService.write_login_log(username, 0, ip, user_agent, "用户名或密码错误")
            return {"success": False, "message": "用户名或密码错误"}
        
        # 检查账号状态
        if user["status"] != 1:
+            await LogService.write_login_log(username, 0, ip, user_agent, "账号已被禁用")
            return {"success": False, "message": "账号已被禁用"}
        
        # 清除登录失败记录
@@ -80,6 +85,8 @@ class AuthService:
        # 确定跳转路径
        redirect = AuthService._get_redirect_path(user["user_type"], role)
        
+        await LogService.write_login_log(username, 1, ip, user_agent)
+        
        return {
            "success": True,
            "token": token,