From 7409d1622d4749b72c26184d3dfa012c241a3778 Mon Sep 17 00:00:00 2001
From: tone <tonesc@qq.com>
Date: Fri, 19 Dec 2025 19:38:20 +0800
Subject: [PATCH] =?UTF-8?q?refactor:=20=E4=BC=98=E5=8C=96=E5=8D=9A?=
 =?UTF-8?q?=E5=AE=A2=E8=AF=84=E8=AE=BA=E7=9A=84=E7=99=BB=E9=99=86=E7=94=A8?=
 =?UTF-8?q?=E6=88=B7=E8=8E=B7=E5=8F=96=E6=96=B9=E5=BC=8F=EF=BC=8C=E9=A1=BA?=
 =?UTF-8?q?=E6=89=8B=E6=8A=8A=E6=8E=A5=E5=8F=A3=E6=AF=8F=E5=88=86=E9=92=9F?=
 =?UTF-8?q?=E6=94=B9=E6=88=9020?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 apps/backend/src/blog/blog.controller.ts | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/apps/backend/src/blog/blog.controller.ts b/apps/backend/src/blog/blog.controller.ts
index fd26674..2e50610 100644
--- a/apps/backend/src/blog/blog.controller.ts
+++ b/apps/backend/src/blog/blog.controller.ts
@@ -16,6 +16,8 @@ import { createBlogCommentDto } from './dto/create.blogcomment.dto';
 import { Throttle, ThrottlerGuard } from '@nestjs/throttler';
 import { BlogPermission } from './blog.permission.enum';
 import { OptionalAuthGuard } from 'src/auth/guards/optional-auth.guard';
+import { AuthUser, CurrentUser } from 'src/auth/decorator/current-user.decorator';
+import { Request } from 'express';
 
 @Controller('blog')
 export class BlogController {
@@ -85,14 +87,15 @@ export class BlogController {
 
   // 该接口允许匿名评论，但仍需验证userId合法性
   @UseGuards(ThrottlerGuard, OptionalAuthGuard)
-  @Throttle({ default: { limit: 5, ttl: 60000 } })
+  @Throttle({ default: { limit: 20, ttl: 60000 } })
   @Post(':id/comment')
   async createBlogComment(
     @Param('id', new ParseUUIDPipe({ version: '4' })) id: string,
     @Body() commentData: createBlogCommentDto,
-    @Req() req,
+    @Req() req: Request,
+    @CurrentUser() authUser: AuthUser,
   ) {
-    const { userId } = req.user || {};
+    const { userId } = (authUser ?? {}) as { userId: string | undefined };
     const blog = await this.blogService.findById(id);
     if (!blog) throw new BadRequestException('文章不存在');
 
@@ -102,7 +105,7 @@ export class BlogController {
 
     const user = userId ? await this.userService.findOne({ userId }) : null;
 
-    const ip = req.headers['x-forwarded-for'] || req.ip;
+    const ip = `${req.headers['x-forwarded-for'] || req.ip}`;
     // 获取IP归属地
     let address = '未知';
     if (!['::1'].includes(ip)) {