From 4525db077789d82f0e667d047863348a31e9b6b9 Mon Sep 17 00:00:00 2001
From: 13693261870 <252740454@qq.com>
Date: 星期一, 10 七月 2023 11:25:00 +0800
Subject: [PATCH] 代理过滤器添加用户、令牌、IP等验证功能
---
src/main/java/com/moon/server/interceptor/ProxyFilter.java | 103 +++++++++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 102 insertions(+), 1 deletions(-)
diff --git a/src/main/java/com/moon/server/interceptor/ProxyFilter.java b/src/main/java/com/moon/server/interceptor/ProxyFilter.java
index d620fc3..5b14606 100644
--- a/src/main/java/com/moon/server/interceptor/ProxyFilter.java
+++ b/src/main/java/com/moon/server/interceptor/ProxyFilter.java
@@ -1,7 +1,18 @@
package com.moon.server.interceptor;
+import com.moon.server.entity.all.StaticData;
+import com.moon.server.entity.sys.TokenEntity;
+import com.moon.server.entity.sys.UserEntity;
+import com.moon.server.helper.StringHelper;
+import com.moon.server.helper.WebHelper;
+import com.moon.server.service.all.SysService;
+
+import javax.annotation.Resource;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.util.List;
/**
* 浠g悊杩囨护鍣�
@@ -10,16 +21,106 @@
*/
@WebFilter(urlPatterns = {"/proxy/*"})
public class ProxyFilter implements Filter {
+ @Resource
+ private SysService sysService;
+
@Override
public void init(FilterConfig filterConfig) {
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) {
- //
+ HttpServletRequest req = (HttpServletRequest) request;
+ HttpServletResponse res = (HttpServletResponse) response;
+ if (!check(req, res)) {
+ return;
+ }
+
+ int i = 0;
}
@Override
public void destroy() {
}
+
+ private boolean check(HttpServletRequest req, HttpServletResponse res) {
+ // 2.鑾峰彇浠ょ墝
+ String token = WebHelper.getToken(req);
+ if (StringHelper.isNull(token)) {
+ return WebHelper.writeStr2Page(res, AuthInterceptor.NO_TOKEN);
+ }
+
+ // 3.鑾峰彇鐢ㄦ埛
+ UserEntity ue = sysService.tokenService.getCurrentUser(req);
+ if (ue == null) {
+ return WebHelper.writeStr2Page(res, AuthInterceptor.NO_LOGIN);
+ }
+
+ // 4.鑾峰彇IP
+ String ip = WebHelper.getIpAddress(req);
+ if (StringHelper.isEmpty(ip)) {
+ return WebHelper.writeStr2Page(res, AuthInterceptor.IP_NULL);
+ }
+
+ // 5.妫�鏌ラ粦鍚嶅崟
+ if (!checkBlackList(ip, req)) {
+ return WebHelper.writeStr2Page(res, AuthInterceptor.BLACK_LIST);
+ }
+
+ // 6.admin璺宠繃鏉冮檺妫�娴�
+ if (StaticData.ADMIN.equals(ue.getUid())) {
+ return true;
+ }
+
+ // 7.妫�鏌ョ櫧鍚嶅崟
+ if (!checkWhiteList(ip, req)) {
+ // 妫�鏌P涓�鑷存��
+ if (!checkIpSource(ip, token)) {
+ return WebHelper.writeStr2Page(res, AuthInterceptor.ILLEGAL_TOKEN);
+ }
+ }
+
+ // 8.妫�鏌ョ敤鎴稩D鏄惁绂佺敤
+ if (sysService.tokenService.isUidDisable(ue)) {
+ return WebHelper.writeStr2Page(res, AuthInterceptor.USER_LOCK);
+ }
+
+ return true;
+ }
+
+ /**
+ * 妫�鏌ラ粦鍚嶅崟
+ */
+ private boolean checkBlackList(String ip, HttpServletRequest request) {
+ List<String> blackList = sysService.blacklistService.selectIpList(1);
+ if (blackList == null || blackList.isEmpty()) {
+ return true;
+ }
+ if (blackList.contains(ip)) {
+ return false;
+ }
+
+ return true;
+ }
+
+ /**
+ * 妫�鏌ョ櫧鍚嶅崟
+ */
+ private boolean checkWhiteList(String ip, HttpServletRequest request) {
+ List<String> whiteList = sysService.blacklistService.selectIpList(2);
+ if (whiteList == null || whiteList.isEmpty()) {
+ return false;
+ }
+
+ return whiteList.contains(ip);
+ }
+
+ /**
+ * 妫�鏌P涓�鑷存��
+ */
+ private boolean checkIpSource(String ip, String token) {
+ TokenEntity te = sysService.tokenService.getEntityByToken(token);
+
+ return te.getIp().equals(ip);
+ }
}
--
Gitblit v1.9.3