add login logs (#76)

* simplify crud method naming

* update get_user_list to get_select

* add sign in logs

* Perform pre-commit fix

* Encapsulated request ip address resolution

* Delete login log records for uncertain exceptions

* Add login log deletion interface

* Add login logging to background tasks

* update the user agent parse

Author: wu-clan

backend/app/api/routers.py

@@ -9,8 +9,9 @@
 from backend.app.api.v1.role import router as role_router
 from backend.app.api.v1.menu import router as menu_router
 from backend.app.api.v1.api import router as api_router
-from backend.app.api.v1.task_demo import router as task_demo_router
 from backend.app.api.v1.config import router as config_router
+from backend.app.api.v1.login_log import router as login_log_router
+from backend.app.api.v1.task_demo import router as task_demo_router
 
 v1 = APIRouter(prefix='/v1')
 
@@ -22,4 +23,5 @@
 v1.include_router(menu_router, prefix='/menus', tags=['菜单管理'])
 v1.include_router(api_router, prefix='/apis', tags=['API管理'])
 v1.include_router(config_router, prefix='/configs', tags=['系统配置'])
+v1.include_router(login_log_router, prefix='/login_logs', tags=['登录日志管理'])
 v1.include_router(task_demo_router, prefix='/tasks', tags=['任务管理'])

backend/app/api/v1/auth/auth.py

@@ -3,6 +3,7 @@
 from fastapi import APIRouter, Depends, Request
 from fastapi.security import OAuth2PasswordRequestForm
 from fastapi_limiter.depends import RateLimiter
+from starlette.background import BackgroundTasks
 
 from backend.app.common.jwt import DependsUser, get_token, jwt_decode, CurrentJwtAuth
 from backend.app.common.response.response_schema import response_base
@@ -15,7 +16,7 @@
 
 @router.post('/swagger_login', summary='swagger 表单登录', description='form 格式登录，仅用于 swagger 文档调试接口')
 async def swagger_user_login(form_data: OAuth2PasswordRequestForm = Depends()) -> SwaggerToken:
-    token, user = await UserService.swagger_login(form_data)
+    token, user = await UserService().swagger_login(form_data)
     return SwaggerToken(access_token=token, user=user)
 
 
@@ -25,8 +26,10 @@ async def swagger_user_login(form_data: OAuth2PasswordRequestForm = Depends()) -
     description='json 格式登录, 仅支持在第三方api工具调试接口, 例如: postman',
     dependencies=[Depends(RateLimiter(times=5, minutes=15))],
 )
-async def user_login(obj: Auth):
-    access_token, refresh_token, access_expire, refresh_expire, user = await UserService.login(obj)
+async def user_login(request: Request, obj: Auth, background_tasks: BackgroundTasks):
+    access_token, refresh_token, access_expire, refresh_expire, user = await UserService().login(
+        request=request, obj=obj, background_tasks=background_tasks
+    )
     data = LoginToken(
         access_token=access_token,
         refresh_token=refresh_token,
@@ -41,7 +44,7 @@ async def user_login(obj: Auth):
 async def get_refresh_token(request: Request, custom_time: RefreshTokenTime):
     token = get_token(request)
     user_id, _ = jwt_decode(token)
-    refresh_token, refresh_expire = await UserService.refresh_token(user_id, custom_time)
+    refresh_token, refresh_expire = await UserService.refresh_token(user_id=user_id, custom_time=custom_time)
     data = RefreshToken(refresh_token=refresh_token, refresh_token_expire_time=refresh_expire)
     return response_base.success(data=data)
 

backend/app/api/v1/login_log.py

@@ -0,0 +1,38 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+from typing import Annotated
+
+from fastapi import APIRouter, Query
+
+from backend.app.common.casbin_rbac import DependsRBAC
+from backend.app.common.jwt import DependsUser
+from backend.app.common.pagination import paging_data, PageDepends
+from backend.app.common.response.response_schema import response_base
+from backend.app.database.db_mysql import CurrentSession
+from backend.app.schemas.login_log import GetAllLoginLog
+from backend.app.services.login_log_service import LoginLogService
+
+router = APIRouter()
+
+
+@router.get('', summary='获取所有登录日志', dependencies=[DependsUser, PageDepends])
+async def get_all_login_logs(db: CurrentSession):
+    log_select = await LoginLogService.get_select()
+    page_data = await paging_data(db, log_select, GetAllLoginLog)
+    return response_base.success(data=page_data)
+
+
+@router.delete('', summary='（批量）删除登录日志', dependencies=[DependsRBAC])
+async def delete_login_log(pk: Annotated[list[int], Query(...)]):
+    count = await LoginLogService.delete(pk)
+    if count > 0:
+        return response_base.success()
+    return response_base.fail()
+
+
+@router.delete('/all', summary='清空登录日志', dependencies=[DependsRBAC])
+async def delete_all_login_logs():
+    count = await LoginLogService.delete_all()
+    if count > 0:
+        return response_base.success()
+    return response_base.fail()

backend/app/api/v1/user.py

@@ -6,7 +6,7 @@
 from backend.app.common.pagination import paging_data, PageDepends
 from backend.app.common.response.response_schema import response_base
 from backend.app.database.db_mysql import CurrentSession
-from backend.app.schemas.user import CreateUser, GetUserInfo, ResetPassword, UpdateUser, Avatar
+from backend.app.schemas.user import CreateUser, GetAllUserInfo, ResetPassword, UpdateUser, Avatar
 from backend.app.services.user_service import UserService
 from backend.app.utils.serializers import select_to_json
 
@@ -21,14 +21,16 @@ async def user_register(obj: CreateUser):
 
 @router.post('/password/reset', summary='密码重置')
 async def password_reset(obj: ResetPassword):
-    await UserService.pwd_reset(obj)
-    return response_base.success()
+    count = await UserService.pwd_reset(obj)
+    if count > 0:
+        return response_base.success()
+    return response_base.fail()
 
 
 @router.get('/{username}', summary='查看用户信息', dependencies=[DependsUser])
 async def userinfo(username: str):
     current_user = await UserService.get_userinfo(username)
-    data = GetUserInfo(**select_to_json(current_user))
+    data = GetAllUserInfo(**select_to_json(current_user))
     return response_base.success(data=data)
 
 
@@ -51,7 +53,7 @@ async def update_avatar(username: str, avatar: Avatar, current_user: CurrentUser
 @router.get('', summary='获取所有用户', dependencies=[DependsUser, PageDepends])
 async def get_all_users(db: CurrentSession):
     user_select = await UserService.get_select()
-    page_data = await paging_data(db, user_select, GetUserInfo)
+    page_data = await paging_data(db, user_select, GetAllUserInfo)
     return response_base.success(data=page_data)
 
 

backend/app/common/exception/exception_handler.py

@@ -109,6 +109,6 @@ def all_exception_handler(request: Request, exc: Exception):
             return JSONResponse(
                 status_code=500,
                 content=response_base.fail(code=500, msg=str(exc))
-                if settings.UVICORN_RELOAD
+                if settings.ENVIRONMENT != 'pro'
                 else response_base.fail(code=500, msg='Internal Server Error'),
             )

backend/app/core/conf.py

@@ -54,6 +54,9 @@ def validator_api_url(cls, values):
     # Static Server
     STATIC_FILES: bool = False
 
+    # Location Parse
+    LOCATION_PARSE: bool = True  # 将会导致登录延时，建议关闭，有条件自行使用第三方离线数据库
+
     # MySQL
     DB_ECHO: bool = False
     DB_DATABASE: str = 'fba'

backend/app/crud/crud_login_log.py

@@ -0,0 +1,30 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+from typing import NoReturn
+
+from sqlalchemy import Select, select, desc, delete
+from sqlalchemy.ext.asyncio import AsyncSession
+
+from backend.app.crud.base import CRUDBase
+from backend.app.models import LoginLog
+from backend.app.schemas.login_log import CreateLoginLog, UpdateLoginLog
+
+
+class CRUDLoginLog(CRUDBase[LoginLog, CreateLoginLog, UpdateLoginLog]):
+    async def get_all(self) -> Select:
+        return select(self.model).order_by(desc(self.model.create_time))
+
+    async def create(self, db: AsyncSession, obj_in: CreateLoginLog) -> NoReturn:
+        await self.create_(db, obj_in)
+        await db.commit()
+
+    async def delete(self, db: AsyncSession, pk: list[int]) -> int:
+        logs = await db.execute(delete(self.model).where(self.model.id.in_(pk)))
+        return logs.rowcount
+
+    async def delete_all(self, db: AsyncSession) -> int:
+        logs = await db.execute(delete(self.model))
+        return logs.rowcount
+
+
+LoginLogDao: CRUDLoginLog = CRUDLoginLog(LoginLog)

backend/app/crud/crud_user.py

@@ -1,8 +1,9 @@
 #!/usr/bin/env python3
 # -*- coding: utf-8 -*-
+from datetime import datetime
 from typing import NoReturn
 
-from sqlalchemy import func, select, update, desc
+from sqlalchemy import select, update, desc
 from sqlalchemy.ext.asyncio import AsyncSession
 from sqlalchemy.orm import selectinload
 from sqlalchemy.sql import Select
@@ -21,8 +22,8 @@ async def get_by_username(self, db: AsyncSession, username: str) -> User | None:
         user = await db.execute(select(self.model).where(self.model.username == username))
         return user.scalars().first()
 
-    async def update_login_time(self, db: AsyncSession, username: str) -> int:
-        user = await db.execute(update(self.model).where(self.model.username == username).values(last_login=func.now()))
+    async def update_login_time(self, db: AsyncSession, username: str, login_time: datetime) -> int:
+        user = await db.execute(update(self.model).where(self.model.username == username).values(last_login=login_time))
         return user.rowcount
 
     async def create(self, db: AsyncSession, create: CreateUser) -> NoReturn:
@@ -53,7 +54,7 @@ async def update_avatar(self, db: AsyncSession, current_user: User, avatar: Avat
         return user.rowcount
 
     async def delete(self, db: AsyncSession, user_id: int) -> int:
-        return await super().delete_(db, user_id)
+        return await self.delete_(db, user_id)
 
     async def check_email(self, db: AsyncSession, email: str) -> User | None:
         mail = await db.execute(select(self.model).where(self.model.email == email))

backend/app/models/__init__.py

@@ -11,3 +11,4 @@
 from backend.app.models.sys_menu import Menu
 from backend.app.models.sys_role import Role
 from backend.app.models.sys_user import User
+from backend.app.models.sys_login_log import LoginLog

backend/app/models/sys_login_log.py

@@ -0,0 +1,26 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+from datetime import datetime
+
+from sqlalchemy import String, func
+from sqlalchemy.orm import Mapped, mapped_column
+
+from backend.app.database.base_class import DataClassBase, id_key
+
+
+class LoginLog(DataClassBase):
+    """登录日志表"""
+
+    __tablename__ = 'sys_login_log'
+
+    id: Mapped[id_key] = mapped_column(init=False)
+    user_uuid: Mapped[str] = mapped_column(String(50), nullable=False, comment='用户UUID')
+    username: Mapped[str] = mapped_column(String(20), nullable=False, comment='用户名')
+    status: Mapped[int] = mapped_column(insert_default=0, comment='登录状态(0失败 1成功)')
+    ipaddr: Mapped[str] = mapped_column(String(50), nullable=False, comment='登录IP地址')
+    location: Mapped[str] = mapped_column(String(255), nullable=False, comment='归属地')
+    browser: Mapped[str] = mapped_column(String(255), nullable=False, comment='浏览器')
+    os: Mapped[str] = mapped_column(String(255), nullable=False, comment='操作系统')
+    msg: Mapped[str] = mapped_column(String(255), nullable=False, comment='提示消息')
+    login_time: Mapped[datetime] = mapped_column(nullable=False, comment='登录时间')
+    create_time: Mapped[datetime] = mapped_column(init=False, default=func.now(), comment='创建时间')