添加 ClientIpFilterAttribute 及相关依赖注入配置

在多个控制器中添加了 ClientIpFilterAttribute 特性以检查客户端 IP 是否在白名单中。更新了 StartupExtensions 以配置 ClientIpFilterAttribute 的依赖注入，并在 SettingConstants 中添加了 WhiteIp 常量。新增 ClientIpFilterAttribute.cs 文件定义该特性类。

src/Hotline.Api/Controllers/Bigscreen/DataScreenController.cs

@@ -1,4 +1,5 @@
 using DocumentFormat.OpenXml.Drawing;
+using Hotline.Api.Filter;
 using Hotline.Caching.Interfaces;
 using Hotline.Configurations;
 using Hotline.KnowledgeBase;
@@ -22,6 +23,7 @@ using XF.Domain.Repository;
 
 namespace Hotline.Api.Controllers.Bigscreen
 {
+    [ServiceFilter(typeof(ClientIpFilterAttribute))]
     public class DataScreenController : BaseController
     {
         private readonly IOrderRepository _orderRepository;

src/Hotline.Api/Controllers/Bigscreen/EnforcementScreenController.cs

@@ -1,4 +1,5 @@
-using Hotline.JudicialManagement;
+using Hotline.Api.Filter;
+using Hotline.JudicialManagement;
 using Hotline.Orders;
 using Hotline.Settings;
 using Hotline.Share.Dtos.JudicialManagement;
@@ -14,6 +15,7 @@ namespace Hotline.Api.Controllers.Bigscreen
     /// <summary>
     /// 司法行政监督管理大屏  
     /// </summary>
+    [ServiceFilter(typeof(ClientIpFilterAttribute))]
     public class EnforcementScreenController : BaseController
     {
         private readonly IMapper _mapper;

src/Hotline.Api/Controllers/Bigscreen/JudicialManagementScreenController.cs

@@ -1,4 +1,5 @@
-using Hotline.JudicialManagement;
+using Hotline.Api.Filter;
+using Hotline.JudicialManagement;
 using Hotline.Orders;
 using Hotline.Settings;
 using Hotline.Share.Dtos.JudicialManagement;
@@ -14,6 +15,7 @@ namespace Hotline.Api.Controllers.Bigscreen
     /// <summary>
     /// 司法行政监督管理大屏
     /// </summary>
+    [ServiceFilter(typeof(ClientIpFilterAttribute))]
     public class JudicialManagementScreenController : BaseController
     {
         private readonly IMapper _mapper;

src/Hotline.Api/Controllers/Bigscreen/SeatController.cs

@@ -1,4 +1,5 @@
-using Hotline.Application.Bigscreen;
+using Hotline.Api.Filter;
+using Hotline.Application.Bigscreen;
 using Hotline.Caching.Interfaces;
 using Hotline.CallCenter.Tels;
 using Hotline.CallCenter.Tels.CallTelDomain;
@@ -11,6 +12,7 @@ using Microsoft.AspNetCore.Mvc;
 
 namespace Hotline.Api.Controllers.Bigscreen
 {
+    [ServiceFilter(typeof(ClientIpFilterAttribute))]
     public class SeatController : BaseController
     {
         private readonly ISeatStateDataService _seatStateDataService;

src/Hotline.Api/Filter/ClientIpFilterAttribute.cs

@@ -0,0 +1,42 @@
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.Filters;
+
+namespace Hotline.Api.Filter
+{
+    public class ClientIpFilterAttribute : ActionFilterAttribute
+    {
+        private readonly List<string> _whiteIps;
+        private readonly ILogger _logger;
+
+        public ClientIpFilterAttribute(List<string> whiteIps, ILogger logger)
+        {
+            _whiteIps = whiteIps;
+            _logger = logger;
+        }
+
+        public override void OnActionExecuting(ActionExecutingContext context)
+        {
+            if(!_whiteIps.Any()) return;
+
+            //var ip = context.HttpContext.Connection.RemoteIpAddress?.ToString();
+            //if (ip != null)
+            //{
+            //    context.HttpContext.Items["ClientIp"] = ip;
+            //}
+            var ip = context.HttpContext.Request.Headers["X-Forwarded-For"].FirstOrDefault();
+            if (string.IsNullOrEmpty(ip))
+            {
+                _logger.LogWarning("Forbidden Request from IP: {RemoteIp}", ip);
+                context.Result = new StatusCodeResult(StatusCodes.Status403Forbidden);
+            }
+
+            if(!_whiteIps.Contains(ip))
+            {
+                _logger.LogWarning("Forbidden Request from IP: {RemoteIp}", ip);
+                context.Result = new StatusCodeResult(StatusCodes.Status403Forbidden);
+            }
+
+            base.OnActionExecuting(context);
+        }
+    }
+}

src/Hotline.Api/StartupExtensions.cs

@@ -40,6 +40,10 @@ using Hotline.XingTang;
 using Hotline.ThirdAccountDomainServices.Interfaces;
 using Hotline.Snapshot.IRepository;
 using Hotline.Validators;
+using Hotline.Api.Filter;
+using Hotline.Caching.Interfaces;
+using Hotline.Caching.Services;
+using Hotline.Settings;
 
 
 namespace Hotline.Api;
@@ -223,8 +227,16 @@ internal static class StartupExtensions
 
         services.AddScoped<IGuiderSystemService, TiqnQueService>();
 
-        //services.AddScoped<LogFilterAttribute>();
-        //ServiceLocator.Instance = services.BuildServiceProvider();
+        services.AddSingleton<ClientIpFilterAttribute>(sp =>
+        {
+            var loggerFactory = sp.GetRequiredService<ILoggerFactory>();
+            var logger = loggerFactory.CreateLogger<ClientIpFilterAttribute>();
+            var cacheManager = sp.GetRequiredService<ISystemSettingCacheManager>();
+            var whiteIps = cacheManager.GetSetting(SettingConstants.WhiteIp).SettingValue;
+
+            return new ClientIpFilterAttribute(whiteIps, logger);
+        });
+
         return builder.Build();
     }
 

src/Hotline.Api/StartupHelper.cs

@@ -2,8 +2,10 @@
 using System.IO.Compression;
 using System.Reflection;
 using System.Text;
+using Hotline.Api.Filter;
 using Hotline.Application;
 using Hotline.Application.Jobs;
+using Hotline.Caching.Interfaces;
 using Hotline.CallCenter.Configs;
 using Hotline.Configurations;
 using Hotline.DI;
@@ -11,6 +13,7 @@ using Hotline.EventBus;
 using Hotline.Identity;
 using Hotline.Repository.SqlSugar;
 using Hotline.Repository.SqlSugar.Ts;
+using Hotline.Settings;
 using Mapster;
 using MapsterMapper;
 using MediatR.Pipeline;

src/Hotline/Settings/SettingConstants.cs

@@ -785,5 +785,10 @@ namespace Hotline.Settings
         /// 高频预警许排除的工单标题
         /// </summary>
         public const string HighMatterWarningFilterTitle = "HighMatterWarningFilterTitle";
+
+        /// <summary>
+        /// ip白名单
+        /// </summary>
+        public const string WhiteIp = "WhiteIp";
     }
 }