fix:ios登陆风控校验，feign调用接口聚合

yt-common/src/main/java/com/ytpm/app/param/LoginRiskYtDyzUserParam.java

@@ -0,0 +1,22 @@
+package com.ytpm.app.param;
+
+
+import lombok.Data;
+
+import java.io.Serializable;
+
+/**
+ * @author lih
+ * @date 2025-12-23 15:47
+ */
+@Data
+public class LoginRiskYtDyzUserParam implements Serializable {
+
+    private String appId;
+
+    private String iosId;
+
+    private String lastLoginIp;
+
+    private Integer limitHour;
+}

yt-common/src/main/java/com/ytpm/app/view/RiskYtDyzUserView.java

@@ -0,0 +1,23 @@
+package com.ytpm.app.view;
+
+
+import com.ytpm.app.model.YtDyzUser;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+
+import java.io.Serializable;
+import java.util.List;
+
+/**
+ * @author lih
+ * @date 2025-12-23 15:46
+ */
+@Data
+public class RiskYtDyzUserView implements Serializable {
+
+    @ApiModelProperty("相同设备ID用户数")
+    private List<YtDyzUser> userList;
+
+    @ApiModelProperty("同IP登陆数")
+    private Integer userCount;
+}

yt-ios-lemon/lemon-ios-feign/src/main/java/com/ytpm/lemonios/feign/base/BaseFeign.java

@@ -12,6 +12,7 @@ import com.ytpm.app.model.YtAppDefaultConfig;
 import com.ytpm.app.model.YtDyzAdRecord;
 import com.ytpm.app.model.YtDyzUser;
 import com.ytpm.app.param.*;
+import com.ytpm.app.view.RiskYtDyzUserView;
 import com.ytpm.app.view.WxDefaultConfig;
 import com.ytpm.app.view.YtAppUserListView;
 import com.ytpm.general.Result;
@@ -146,4 +147,8 @@ public interface BaseFeign {
     @GetMapping("/user/queryCountByIpTime")
     Result<Integer> queryCountByIpTime(@RequestParam("appId") String appId, @RequestParam("lastLoginIp") String lastLoginIp,
                                        @RequestParam("limitHour") Integer limitHour);
+
+    @PostMapping("/user/queryUserByParam")
+    RiskYtDyzUserView queryUserByParam(@RequestBody LoginRiskYtDyzUserParam param);
+
 }

yt-ios-lemon/lemon-ios-service/src/main/java/com/ytpm/lemonios/controller/UserController.java

@@ -3,6 +3,7 @@ package com.ytpm.lemonios.controller;
 import cn.hutool.core.collection.CollUtil;
 import cn.hutool.core.date.DateTime;
 import cn.hutool.core.util.StrUtil;
+import com.baomidou.mybatisplus.core.toolkit.StringUtils;
 import com.github.pagehelper.PageHelper;
 import com.github.pagehelper.PageInfo;
 import com.ytpm.advertise.enums.AdSourceTypeEnum;
@@ -20,8 +21,10 @@ import com.ytpm.app.param.AppQueryUserTodayTimeParam;
 import com.ytpm.app.param.AppUserParam;
 import com.ytpm.app.param.AppUserQueryParam;
 import com.ytpm.app.param.AppUserTodayBannedParam;
+import com.ytpm.app.param.LoginRiskYtDyzUserParam;
 import com.ytpm.app.param.YtAppUserListParam;
 import com.ytpm.app.view.HourCountView;
+import com.ytpm.app.view.RiskYtDyzUserView;
 import com.ytpm.app.view.YtAppUserListView;
 import com.ytpm.general.RepMessage;
 import com.ytpm.general.Result;
@@ -375,10 +378,30 @@ public class UserController {
         instance.add(Calendar.HOUR_OF_DAY, -limitHour);
         Date startTime = instance.getTime();
         //不校验渠道查询所有
-        Long userCount = appUserMapper.queryCountByIpTime(appId, lastLoginIp, startTime);
+        Long userCount = appUserMapper.queryCountByIpTime(lastLoginIp, startTime);
         return Result.resultObjOk(Math.toIntExact(userCount));
     }
 
+    @PostMapping("/queryUserByParam")
+    public RiskYtDyzUserView queryUserByParam(@RequestBody LoginRiskYtDyzUserParam param) {
+        RiskYtDyzUserView riskYtDyzUserView = new RiskYtDyzUserView();
+        // 查询指定时间内同ip登陆用户数
+        if (StringUtils.isNotEmpty(param.getLastLoginIp()) && param.getLimitHour() != null) {
+            Calendar instance = Calendar.getInstance();
+            instance.setTime(new Date());
+            instance.add(Calendar.HOUR_OF_DAY, -param.getLimitHour());
+            Date startTime = instance.getTime();
+            Long userCount = appUserMapper.queryCountByIpTime(param.getLastLoginIp(), startTime);
+            riskYtDyzUserView.setUserCount(Math.toIntExact(userCount));
+        }
+        // 查询同一设备的所有用户
+        if (StringUtils.isNotEmpty(param.getIosId())) {
+            List<YtDyzUser> dyzUsers = appUserMapper.queryByIosId(param.getIosId());
+            riskYtDyzUserView.setUserList(dyzUsers);
+        }
+        return riskYtDyzUserView;
+    }
+
     /**
      * 批量审核用户是否满足风控规则
      * 不满足风控规则的审核通过后直接封禁指定天数

yt-ios-lemon/lemon-ios-service/src/main/java/com/ytpm/lemonios/dao/AppUserMapper.java

@@ -236,6 +236,5 @@ public interface AppUserMapper {
 
     List<YtDyzUser> queryByIps(@Param("appid") String appId, @Param("ips") List<String> ips);
 
-    Long queryCountByIpTime(@Param("appid") String appId, @Param("lastLoginIp") String lastLoginIp,
-                            @Param("date") Date startTime);
+    Long queryCountByIpTime(@Param("lastLoginIp") String lastLoginIp, @Param("date") Date startTime);
 }

yt-risk/risk-manage/src/main/java/com/ytpm/service/impl/RiskServiceImpl.java

@@ -12,6 +12,7 @@ import cn.hutool.core.util.StrUtil;
 import com.alibaba.fastjson.JSON;
 import com.alibaba.fastjson.JSONArray;
 import com.alibaba.fastjson.JSONObject;
+import com.baomidou.mybatisplus.core.toolkit.StringUtils;
 import com.github.pagehelper.PageHelper;
 import com.github.pagehelper.PageInfo;
 import com.ytpm.advertise.enums.AdSourceTypeEnum;
@@ -27,6 +28,8 @@ import com.ytpm.app.enums.LoginType;
 import com.ytpm.app.model.YtDyzAdRecord;
 import com.ytpm.app.model.YtDyzLoginRecord;
 import com.ytpm.app.model.YtDyzUser;
+import com.ytpm.app.param.LoginRiskYtDyzUserParam;
+import com.ytpm.app.view.RiskYtDyzUserView;
 import com.ytpm.custom.CustomField;
 import com.ytpm.dao.AppMapper;
 import com.ytpm.dao.DictMapper;
@@ -407,15 +410,54 @@ public class RiskServiceImpl implements RiskService {
         if(1==view.getEnabled()){
             checkDefaultRiskConfig(dyzUser, view.getConfigList());
         }
-        checkRisk322(dyzUser);
-        // 风控
-        checkRisk334(dyzUser);
+        // 风控 尝试聚合查询
+        List<YtDyzUser> dyzUsers = null;
+        Integer userCount = null;
+        RiskTemplateView riskTempView334 = configMapper.getByCode(dyzUser.getAppId() + "-334");
+        RiskTemplateView riskTempView322 = configMapper.getByCode("322");
+        if (riskTempView334 != null && riskTempView334.getEnabled() == 1
+                || riskTempView322 != null && riskTempView322.getEnabled() == 1) {
+            YtApp ytApp = appMapper.selectRiskApp(dyzUser.getAppId());
+            YtPlatformUserApp userApp = appMapper.selectParentApp(ytApp.getSuperiorId());
+            if (ytApp.getAppType() == 2) {
+                LoginRiskYtDyzUserParam param = new LoginRiskYtDyzUserParam();
+                param.setIosId(dyzUser.getIosId());
+                param.setAppId(dyzUser.getAppId());
+                if (riskTempView334 != null && riskTempView334.getEnabled() == 1) {
+                    param.setLastLoginIp(dyzUser.getLastLoginIp());
+                    List<RiskConfigView> configList = riskTempView334.getConfigList();
+                    Map<String, String> configMap = configList.stream().collect(
+                            Collectors.toMap(RiskConfigView::getFieldName, RiskConfigView::getConfigVal));
+                    int limitHour = Integer.parseInt(configMap.get("limitHour"));
+                    param.setLimitHour(limitHour);
+                }
+                try {
+                    Object object = feignInvoker.invoke(userApp.getServiceName(), "queryUserByParam", param);
+                    if (object != null) {
+                        RiskYtDyzUserView riskYtDyzUserView = JSONObject.parseObject(JSON.toJSONString(object), RiskYtDyzUserView.class);
+                        dyzUsers = riskYtDyzUserView.getUserList();
+                        userCount = riskYtDyzUserView.getUserCount();
+                    }
+                } catch (Exception e) {
+                    log.warn(StringUtils.format("feign调用{}.queryUserByParam失败：{}",
+                            userApp.getServiceName(), e.getMessage()), e);
+                }
+
+            }
+        }
+
+        checkRisk322(dyzUser, dyzUsers);
+        checkRisk334(dyzUser, userCount);
         //查询用户所在app是否配置其他风控规则
 //        checkCustomRisk(dyzUser,EffectNodeEnum.LOGIN.getNode(),null);
         return Result.resultOk(RepMessage.QUERY_SUCCESS);
     }
 
-    private void checkRisk334(YtDyzUser dyzUser) {
+    private void checkRisk334(YtDyzUser dyzUser, Integer userCount) {
+        // 白名单放行
+        if (checkDyzUserIp(dyzUser)) {
+            return;
+        }
         RiskTemplateView riskTempView = configMapper.getByCode(dyzUser.getAppId() + "-334");
         if (riskTempView == null || riskTempView.getEnabled() != 1) {
             return;
@@ -426,10 +468,6 @@ public class RiskServiceImpl implements RiskService {
         if (ytApp.getAppType() != 2) {
             return;
         }
-        // 白名单放行
-        if (checkDyzUserIp(dyzUser)) {
-            return;
-        }
         // 已通过的用户放行
         String passkey = StrUtil.format("riskPass:334:{}:{}", userApp.getAppId(), dyzUser.getLastLoginIp());
         if (redisService.hasKey(passkey) && StrUtil.equals(dyzUser.getUserId(), redisService.getStr(passkey))) {
@@ -440,11 +478,14 @@ public class RiskServiceImpl implements RiskService {
                 Collectors.toMap(RiskConfigView::getFieldName, RiskConfigView::getConfigVal));
         int limitCount = Integer.parseInt(configMap.get("limitCount"));
         int limitHour = Integer.parseInt(configMap.get("limitHour"));
-        int userCount = 0;
-        Object object = feignInvoker.invoke(userApp.getServiceName(), "queryCountByIpTime", dyzUser.getAppId(), lastLoginIp, limitHour);
-        JSONObject jsonObject = object == null ? null : JSON.parseObject(JSON.toJSONString(object));
-        if (jsonObject != null && jsonObject.get("data") != null) {
-            userCount = Integer.parseInt(jsonObject.get("data").toString());
+        if (userCount == null) {
+            userCount = 0;
+            Object object = feignInvoker.invoke(userApp.getServiceName(), "queryCountByIpTime",
+                    dyzUser.getAppId(), lastLoginIp, limitHour);
+            JSONObject jsonObject = object == null ? null : JSON.parseObject(JSON.toJSONString(object));
+            if (jsonObject != null && jsonObject.get("data") != null) {
+                userCount = Integer.parseInt(jsonObject.get("data").toString());
+            }
         }
         if (redisService.hasKey(passkey) && limitCount <= userCount) {
             log.warn(StrUtil.format("[risk 334] superiorId:{} appId:{} userId:{} limitCount:{}",
@@ -465,23 +506,24 @@ public class RiskServiceImpl implements RiskService {
     /**
      * 校验风控规则322
      */
-    private void checkRisk322(YtDyzUser dyzUser) {
+    private void checkRisk322(YtDyzUser dyzUser, List<YtDyzUser> dyzUsers) {
         // ip白名单用户直接放行
         if (checkDyzUserIp(dyzUser)) {
             return;
         }
         RiskTemplateView view = configMapper.getByCode("322");
         //根据用户所属应用查询该应用母包openid查询用户信息
-        YtApp ytApp = appMapper.selectRiskApp(dyzUser.getAppId());
-        YtPlatformUserApp userApp = appMapper.selectParentApp(ytApp.getSuperiorId());
-        Object o;
-        if (dyzUser.getIosId() != null) {
-            o = feignInvoker.invoke(userApp.getServiceName(),"queryByIosId",dyzUser.getIosId());
-        } else {
-            o = feignInvoker.invoke(userApp.getServiceName(),"queryByOpenid",dyzUser.getWxOpenId());
+        if (dyzUsers == null) {
+            YtApp ytApp = appMapper.selectRiskApp(dyzUser.getAppId());
+            YtPlatformUserApp userApp = appMapper.selectParentApp(ytApp.getSuperiorId());
+            Object o;
+            if (dyzUser.getIosId() != null) {
+                o = feignInvoker.invoke(userApp.getServiceName(),"queryByIosId",dyzUser.getIosId());
+            } else {
+                o = feignInvoker.invoke(userApp.getServiceName(),"queryByOpenid",dyzUser.getWxOpenId());
+            }
+            dyzUsers = JSONArray.parseArray(JSON.toJSONString(o), YtDyzUser.class);
         }
-        List<YtDyzUser> dyzUsers = JSONArray.parseArray(JSON.toJSONString(o), YtDyzUser.class);
-
         List<RiskConfigView> configList = view.getConfigList();
         Map<String, String> configMap = configList.stream().collect(
                 Collectors.toMap(RiskConfigView::getFieldName, RiskConfigView::getConfigVal));