update 优化对登录也租户列表接口进行限流防止盗刷

2025-09-22 19:26:39 +08:00 · 2025-07-17 15:15:28 +08:00 · 2025-07-17 15:15:28 +08:00 · de61899eed
commit de61899eed
parent 3a9bdb36f1
1 changed files with 3 additions and 0 deletions
--- a/ruoyi-admin/src/main/java/org/dromara/web/controller/AuthController.java
+++ b/ruoyi-admin/src/main/java/org/dromara/web/controller/AuthController.java
@ -21,6 +21,8 @@ import org.dromara.common.core.domain.model.SocialLoginBody;
 import org.dromara.common.core.utils.*;
 import org.dromara.common.encrypt.annotation.ApiEncrypt;
 import org.dromara.common.json.utils.JsonUtils;
+import org.dromara.common.ratelimiter.annotation.RateLimiter;
+import org.dromara.common.ratelimiter.enums.LimitType;
 import org.dromara.common.satoken.utils.LoginHelper;
 import org.dromara.common.social.config.properties.SocialLoginConfigProperties;
 import org.dromara.common.social.config.properties.SocialProperties;
@ -198,6 +200,7 @@ public class AuthController {
     *
     * @return 租户列表
     */
+    @RateLimiter(time = 60, count = 20, limitType = LimitType.IP)
    @GetMapping("/tenant/list")
    public R<LoginTenantVo> tenantList(HttpServletRequest request) throws Exception {
        // 返回对象