diff --git a/ruoyi-auth/pom.xml b/ruoyi-auth/pom.xml
index b4f8b202..a09df551 100644
--- a/ruoyi-auth/pom.xml
+++ b/ruoyi-auth/pom.xml
@@ -65,6 +65,11 @@
ruoyi-common-web
+
+ org.dromara
+ ruoyi-common-ratelimiter
+
+
org.dromara
ruoyi-common-encrypt
diff --git a/ruoyi-auth/src/main/java/org/dromara/auth/controller/CaptchaController.java b/ruoyi-auth/src/main/java/org/dromara/auth/controller/CaptchaController.java
index 9a381553..63d002cf 100644
--- a/ruoyi-auth/src/main/java/org/dromara/auth/controller/CaptchaController.java
+++ b/ruoyi-auth/src/main/java/org/dromara/auth/controller/CaptchaController.java
@@ -15,6 +15,8 @@ import org.dromara.common.core.domain.R;
import org.dromara.common.core.utils.SpringUtils;
import org.dromara.common.core.utils.StringUtils;
import org.dromara.common.core.utils.reflect.ReflectUtils;
+import org.dromara.common.ratelimiter.annotation.RateLimiter;
+import org.dromara.common.ratelimiter.enums.LimitType;
import org.dromara.common.redis.utils.RedisUtils;
import org.springframework.expression.Expression;
import org.springframework.expression.ExpressionParser;
@@ -42,6 +44,7 @@ public class CaptchaController {
/**
* 生成验证码
*/
+ @RateLimiter(time = 60, count = 10, limitType = LimitType.IP)
@GetMapping("/code")
public R getCode() {
CaptchaVo captchaVo = new CaptchaVo();
diff --git a/ruoyi-modules/ruoyi-resource/pom.xml b/ruoyi-modules/ruoyi-resource/pom.xml
index 14caecfb..61455862 100644
--- a/ruoyi-modules/ruoyi-resource/pom.xml
+++ b/ruoyi-modules/ruoyi-resource/pom.xml
@@ -64,6 +64,11 @@
ruoyi-common-oss
+
+ org.dromara
+ ruoyi-common-ratelimiter
+
+
org.dromara
ruoyi-common-mail
diff --git a/ruoyi-modules/ruoyi-resource/src/main/java/org/dromara/resource/controller/SysEmailController.java b/ruoyi-modules/ruoyi-resource/src/main/java/org/dromara/resource/controller/SysEmailController.java
index b7183502..19da5ba6 100644
--- a/ruoyi-modules/ruoyi-resource/src/main/java/org/dromara/resource/controller/SysEmailController.java
+++ b/ruoyi-modules/ruoyi-resource/src/main/java/org/dromara/resource/controller/SysEmailController.java
@@ -7,6 +7,7 @@ import lombok.extern.slf4j.Slf4j;
import org.dromara.common.core.constant.Constants;
import org.dromara.common.core.constant.GlobalConstants;
import org.dromara.common.core.domain.R;
+import org.dromara.common.ratelimiter.annotation.RateLimiter;
import org.dromara.common.web.core.BaseController;
import org.dromara.common.mail.config.properties.MailProperties;
import org.dromara.common.mail.utils.MailUtils;
@@ -38,6 +39,7 @@ public class SysEmailController extends BaseController {
*
* @param email 邮箱
*/
+ @RateLimiter(key = "#email", time = 60, count = 1)
@GetMapping("/code")
public R emailCode(@NotBlank(message = "{user.email.not.blank}") String email) {
if (!mailProperties.getEnabled()) {
diff --git a/ruoyi-modules/ruoyi-resource/src/main/java/org/dromara/resource/controller/SysSmsController.java b/ruoyi-modules/ruoyi-resource/src/main/java/org/dromara/resource/controller/SysSmsController.java
index 21c2afd1..10339427 100644
--- a/ruoyi-modules/ruoyi-resource/src/main/java/org/dromara/resource/controller/SysSmsController.java
+++ b/ruoyi-modules/ruoyi-resource/src/main/java/org/dromara/resource/controller/SysSmsController.java
@@ -8,6 +8,7 @@ import lombok.extern.slf4j.Slf4j;
import org.dromara.common.core.constant.Constants;
import org.dromara.common.core.constant.GlobalConstants;
import org.dromara.common.core.domain.R;
+import org.dromara.common.ratelimiter.annotation.RateLimiter;
import org.dromara.common.redis.utils.RedisUtils;
import org.dromara.common.web.core.BaseController;
import org.dromara.sms4j.api.SmsBlend;
@@ -39,6 +40,7 @@ public class SysSmsController extends BaseController {
*
* @param phonenumber 用户手机号
*/
+ @RateLimiter(key = "#phonenumber", time = 60, count = 1)
@GetMapping("/code")
public R smsCaptcha(@NotBlank(message = "{user.phonenumber.not.blank}") String phonenumber) {
String key = GlobalConstants.CAPTCHA_CODE_KEY + phonenumber;