ruochen/ez-api
1
0
Fork 0
mirror of https://github.com/EZ-Api/ez-api.git synced 2026-01-13 17:47:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat(model): add IPBan entity for global IP blocking

Browse Source 
Introduces the IPBan model to support global IP/CIDR ban rules enforced by the data plane. Includes fields for CIDR, status, expiration, and hit counts, and registers the model for auto-migration in the server startup.
This commit is contained in:
zenfun
2026-01-04 00:55:00 +08:00
parent f4d6f64068
commit ae2f4d7819
2 changed files with 40 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
cmd/server/main.go
View File

@@ -146,7 +146,7 @@ func main() {
// Auto Migrate // Auto Migrate
if logDB != db { if logDB != db {
if err := db.AutoMigrate(&model.Master{}, &model.Key{}, &model.ProviderGroup{}, &model.APIKey{}, &model.Model{}, &model.Binding{}, &model.Namespace{}, &model.OperationLog{}, &model.SyncOutbox{}, &model.Alert{}, &model.AlertThresholdConfig{}); err != nil { if err := db.AutoMigrate(&model.Master{}, &model.Key{}, &model.ProviderGroup{}, &model.APIKey{}, &model.Model{}, &model.Binding{}, &model.Namespace{}, &model.OperationLog{}, &model.SyncOutbox{}, &model.Alert{}, &model.AlertThresholdConfig{}, &model.IPBan{}); err != nil {
fatal(logger, "failed to auto migrate", "err", err) fatal(logger, "failed to auto migrate", "err", err)
} }
if err := logDB.AutoMigrate(&model.LogRecord{}); err != nil { if err := logDB.AutoMigrate(&model.LogRecord{}); err != nil {
@@ -156,7 +156,7 @@ func main() {
fatal(logger, "failed to ensure log indexes", "err", err) fatal(logger, "failed to ensure log indexes", "err", err)
} }
} else { } else {
if err := db.AutoMigrate(&model.Master{}, &model.Key{}, &model.ProviderGroup{}, &model.APIKey{}, &model.Model{}, &model.Binding{}, &model.Namespace{}, &model.OperationLog{}, &model.LogRecord{}, &model.SyncOutbox{}, &model.Alert{}, &model.AlertThresholdConfig{}); err != nil { if err := db.AutoMigrate(&model.Master{}, &model.Key{}, &model.ProviderGroup{}, &model.APIKey{}, &model.Model{}, &model.Binding{}, &model.Namespace{}, &model.OperationLog{}, &model.LogRecord{}, &model.SyncOutbox{}, &model.Alert{}, &model.AlertThresholdConfig{}, &model.IPBan{}); err != nil {
fatal(logger, "failed to auto migrate", "err", err) fatal(logger, "failed to auto migrate", "err", err)
} }
if err := service.EnsureLogIndexes(db); err != nil { if err := service.EnsureLogIndexes(db); err != nil {

38
internal/model/ip_ban.go Normal file
View File

@@ -0,0 +1,38 @@
package model
import (
"time"
"gorm.io/gorm"
)
// IPBan represents a global IP/CIDR ban rule.
// IP bans are enforced by the data plane (balancer) before token validation.
type IPBan struct {
gorm.Model
CIDR string `gorm:"size:64;uniqueIndex;not null" json:"cidr"` // Normalized CIDR (IPv4 /32, IPv6 /128)
Status string `gorm:"size:20;default:'active';index" json:"status"` // active, expired
Reason string `gorm:"size:512" json:"reason,omitempty"` // Optional ban reason
ExpiresAt *int64 `gorm:"index" json:"expires_at,omitempty"` // Unix timestamp, nil = permanent
HitCount int64 `gorm:"default:0" json:"hit_count"` // Number of blocked requests (synced from Redis)
CreatedBy string `gorm:"size:128" json:"created_by,omitempty"` // Creator identifier
}
// IPBanStatus constants
const (
IPBanStatusActive = "active"
IPBanStatusExpired = "expired"
)
// IsExpired returns true if the ban has expired.
func (b *IPBan) IsExpired() bool {
if b.ExpiresAt == nil {
return false // permanent ban
}
return time.Now().Unix() >= *b.ExpiresAt
}
// TableName returns the table name for IPBan.
func (IPBan) TableName() string {
return "ip_bans"
}