From afbc6e46578c4f2c42cf213b354ab0a0b545fc07 Mon Sep 17 00:00:00 2001
From: 13693261870 <252740454@qq.com>
Date: 星期二, 11 七月 2023 09:43:57 +0800
Subject: [PATCH] 1
---
src/main/java/com/moon/server/interceptor/ProxyFilter.java | 257 +++++++++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 256 insertions(+), 1 deletions(-)
diff --git a/src/main/java/com/moon/server/interceptor/ProxyFilter.java b/src/main/java/com/moon/server/interceptor/ProxyFilter.java
index d620fc3..1e729db 100644
--- a/src/main/java/com/moon/server/interceptor/ProxyFilter.java
+++ b/src/main/java/com/moon/server/interceptor/ProxyFilter.java
@@ -1,7 +1,30 @@
package com.moon.server.interceptor;
+import com.alibaba.fastjson.JSON;
+import com.moon.server.entity.all.HttpStatus;
+import com.moon.server.entity.all.ResponseMsg;
+import com.moon.server.entity.all.StaticData;
+import com.moon.server.entity.sys.ResEntity;
+import com.moon.server.entity.sys.ResLogEntity;
+import com.moon.server.entity.sys.TokenEntity;
+import com.moon.server.entity.sys.UserEntity;
+import com.moon.server.helper.AsyncHelper;
+import com.moon.server.helper.HttpHelper;
+import com.moon.server.helper.StringHelper;
+import com.moon.server.helper.WebHelper;
+import com.moon.server.service.all.PermsService;
+import com.moon.server.service.all.SysService;
+import com.moon.server.service.sys.ResLogService;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+import javax.annotation.Resource;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.util.List;
+import java.util.TimerTask;
/**
* 浠g悊杩囨护鍣�
@@ -10,16 +33,248 @@
*/
@WebFilter(urlPatterns = {"/proxy/*"})
public class ProxyFilter implements Filter {
+ @Resource
+ private SysService sysService;
+
+ @Resource
+ private PermsService permsService;
+
+ @Resource
+ private ResLogService resLogService;
+
+ private final static int LEN = "/proxy/".length();
+
+ private static final Log log = LogFactory.getLog(ProxyFilter.class);
+
+ public static final String ILLEGAL_RESOURCE = JSON.toJSONString(new ResponseMsg<String>(HttpStatus.UNAUTHORIZED, "娌℃湁璧勬簮璁块棶鏉冮檺"));
+
@Override
public void init(FilterConfig filterConfig) {
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) {
- //
+ try {
+ HttpServletRequest req = (HttpServletRequest) request;
+ HttpServletResponse res = (HttpServletResponse) response;
+
+ // 2.鑾峰彇浠ょ墝
+ String token = getToken(req);
+
+ // 3.鑾峰彇鐢ㄦ埛
+ UserEntity ue = getUser(res, token);
+ if (null == ue) {
+ return;
+ }
+
+ int resId = getResId(req.getRequestURI(), LEN + token.length() + 1);
+ if (!check(req, res, ue, token)) {
+ return;
+ }
+
+ // 9.鑾峰彇璧勬簮瀹炰綋
+ ResEntity entity = getResEntity(ue, resId);
+ if (null == entity) {
+ WebHelper.writeStr2Page(res, ILLEGAL_RESOURCE);
+ return;
+ }
+
+ insertLog(req, ue, resId);
+ String url = getSourceUrl(req, entity);
+ proxy(req, res, url);
+ } catch (Exception ex) {
+ log.error(ex.getMessage(), ex);
+ }
}
@Override
public void destroy() {
}
+
+ /**
+ * 鑾峰彇浠ょ墝
+ */
+ private String getToken(HttpServletRequest req) {
+ return req.getRequestURI().substring(LEN, req.getRequestURI().indexOf("/", LEN));
+ }
+
+ /**
+ * 鑾峰彇鐢ㄦ埛
+ */
+ private UserEntity getUser(HttpServletResponse res, String token) {
+ UserEntity ue = sysService.tokenService.getUserByToken(token);
+ if (ue == null) {
+ WebHelper.writeStr2Page(res, AuthInterceptor.NO_LOGIN);
+ return null;
+ }
+
+ return ue;
+ }
+
+ /**
+ * 鑾峰彇璧勬簮ID
+ */
+ private int getResId(String uri, int start) {
+ int end = uri.indexOf("/", start);
+ String str = -1 == end ? uri.substring(start) : uri.substring(start, end);
+
+ return Integer.parseInt(str);
+ }
+
+ /**
+ * 妫�鏌�
+ */
+ private boolean check(HttpServletRequest req, HttpServletResponse res, UserEntity ue, String token) {
+ // 4.鑾峰彇IP
+ String ip = WebHelper.getIpAddress(req);
+ if (StringHelper.isEmpty(ip)) {
+ return WebHelper.writeStr2Page(res, AuthInterceptor.IP_NULL);
+ }
+
+ // 5.妫�鏌ラ粦鍚嶅崟
+ if (!checkBlackList(ip, req)) {
+ return WebHelper.writeStr2Page(res, AuthInterceptor.BLACK_LIST);
+ }
+
+ // 6.admin璺宠繃鏉冮檺妫�娴�
+ if (StaticData.ADMIN.equals(ue.getUid())) {
+ return true;
+ }
+
+ // 7.妫�鏌ョ櫧鍚嶅崟
+ if (!checkWhiteList(ip, req)) {
+ // 妫�鏌P涓�鑷存��
+ if (!checkIpSource(ip, token)) {
+ return WebHelper.writeStr2Page(res, AuthInterceptor.ILLEGAL_TOKEN);
+ }
+ }
+
+ // 8.妫�鏌ョ敤鎴稩D鏄惁绂佺敤
+ if (sysService.tokenService.isUidDisable(ue)) {
+ return WebHelper.writeStr2Page(res, AuthInterceptor.USER_LOCK);
+ }
+
+ return true;
+ }
+
+ /**
+ * 妫�鏌ラ粦鍚嶅崟
+ */
+ private boolean checkBlackList(String ip, HttpServletRequest request) {
+ List<String> blackList = sysService.blacklistService.selectIpList(1);
+ if (blackList == null || blackList.isEmpty()) {
+ return true;
+ }
+ if (blackList.contains(ip)) {
+ return false;
+ }
+
+ return true;
+ }
+
+ /**
+ * 妫�鏌ョ櫧鍚嶅崟
+ */
+ private boolean checkWhiteList(String ip, HttpServletRequest request) {
+ List<String> whiteList = sysService.blacklistService.selectIpList(2);
+ if (whiteList == null || whiteList.isEmpty()) {
+ return false;
+ }
+
+ return whiteList.contains(ip);
+ }
+
+ /**
+ * 妫�鏌P涓�鑷存��
+ */
+ private boolean checkIpSource(String ip, String token) {
+ TokenEntity te = sysService.tokenService.getEntityByToken(token);
+
+ return te.getIp().equals(ip);
+ }
+
+ /**
+ * 妫�鏌ヨ祫婧愭潈闄�
+ */
+ private ResEntity getResEntity(UserEntity ue, int resId) {
+ String uid = StaticData.ADMIN.equals(ue.getUid()) ? null : ue.getUid();
+ List<ResEntity> rs = permsService.selectResList(uid);
+ if (null == rs || rs.isEmpty()) {
+ return null;
+ }
+
+ // List<ResEntity> list = rs.stream().filter(resEntity -> resEntity.getId() == resId).collect(Collectors.toList());
+ for (ResEntity entity : rs) {
+ if (resId == entity.getId()) {
+ return entity;
+ }
+ }
+
+ return null;
+ }
+
+ /**
+ * 鎻掑叆鏃ュ織
+ */
+ private void insertLog(HttpServletRequest req, UserEntity ue, int resId) {
+ AsyncHelper helper = new AsyncHelper();
+ helper.execute(new TimerTask() {
+ @Override
+ public void run() {
+ String ip = WebHelper.getIpAddress(req);
+
+ ResLogEntity entity = new ResLogEntity();
+ entity.setResid(resId);
+ entity.setType(getRequestType(req.getMethod()));
+ entity.setIp(ip);
+ entity.setUrl(req.getRequestURL().toString());
+ entity.setCreateUser(ue.getId());
+
+ resLogService.insert(entity);
+ }
+ });
+ }
+
+ /**
+ * 鑾峰彇璇锋眰绫诲埆
+ */
+ private int getRequestType(String method) {
+ // 璇锋眰绫伙細1-GET锛�2-POST锛�3-PUT锛�4-DELETE锛�5-TRACE锛�6-HEAD锛�7-OPTIONS锛�8-CONNECT';
+ switch (method) {
+ case "GET":
+ return 1;
+ case "POST":
+ return 2;
+ case "PUT":
+ return 3;
+ case "DELETE":
+ return 4;
+ case "TRACE":
+ return 5;
+ case "HEAD":
+ return 6;
+ case "OPTIONS":
+ return 7;
+ case "CONNECT":
+ return 8;
+ default:
+ return -1;
+ }
+ }
+
+ /**
+ * 鑾峰彇鍘熷Url
+ */
+ private String getSourceUrl(HttpServletRequest req, ResEntity entity) {
+
+ return "";
+ }
+
+ /**
+ * 浠g悊鏈嶅姟
+ */
+ private void proxy(HttpServletRequest request, HttpServletResponse response, String url) throws Exception {
+ HttpHelper httpHelper = new HttpHelper();
+ httpHelper.service(request, response, url, null);
+ }
}
--
Gitblit v1.9.3