rmdjz
/
ProjectManagement_backend
10
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

注释了用于检查请求头的代码,更改了登录banIP的响应文本,略微优化了获取IP方法的结构

master
ArgonarioD 2022-07-13 01:16:01 +08:00
parent 1641397260
commit 468fa90184
3 changed files with 18 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/interceptor/CorsInterceptor.java
View File

@ -24,13 +24,13 @@ public class CorsInterceptor implements HandlerInterceptor {
response.setHeader("Access-Control-Allow-Headers", "Content-Type,Token");
response.setHeader("Access-Control-Allow-Credentials", "false");
//test
Enumeration<String> headerNames = request.getHeaderNames();
//test: print request headers
/*Enumeration<String> headerNames = request.getHeaderNames();
Iterator<String> nameIter = headerNames.asIterator();
while (nameIter.hasNext()) {
String name = nameIter.next();
System.out.printf("%s: %s%n", name, request.getHeader(name));
}
}*/
// 如果是OPTIONS则结束请求
if (HttpMethod.OPTIONS.toString().equals(request.getMethod())) {

5
src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/impl/StaffServiceImpl.java
View File

@ -53,7 +53,7 @@ public class StaffServiceImpl extends ServiceImpl<StaffMapper, Staff> implements
int loginCount = (int) redisTemplate.opsForValue().get(requestIpAddressHex);
if (loginCount >= LOGIN_MAX_TRY_COUNT) {
throw new ForbiddenException(String.format("还需要等待%s才能登录"
throw new ForbiddenException(String.format("还需要等待%s才能继续尝试登录"
, TimeUtils.secondsFormat(redisTemplate.getExpire(requestIpAddressHex))));
}
@ -91,6 +91,9 @@ public class StaffServiceImpl extends ServiceImpl<StaffMapper, Staff> implements
private BadRequestException loginException(String requestIpAddress, int loginCount) {
redisTemplate.opsForValue().set(requestIpAddress, ++loginCount, LOGIN_TRY_COUNT_TIMEOUT, TimeUnit.MINUTES);
if (loginCount == LOGIN_MAX_TRY_COUNT) {
return new BadRequestException(String.format("登录失败,您需要等待%d分钟后才能继续尝试登录", LOGIN_TRY_COUNT_TIMEOUT));
}
return new BadRequestException(String.format("登录失败,%d分钟内还有%d次登录机会", LOGIN_TRY_COUNT_TIMEOUT, LOGIN_MAX_TRY_COUNT - loginCount));
}

15
src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/utils/http/HttpUtils.java
View File

@ -10,16 +10,19 @@ import java.net.UnknownHostException;
*/
public class HttpUtils {
public static String getRequestIpAddress(HttpServletRequest request) {
String ipAddress = null;
String ipAddress;
try {
ipAddress = request.getHeader("x-forwarded-for");
if (ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) {
if (ipAddressAvailable(ipAddress)) {
ipAddress = request.getHeader("x-real-ip");
}
if (ipAddressAvailable(ipAddress)) {
ipAddress = request.getHeader("Proxy-Client-IP");
}
if (ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) {
if (ipAddressAvailable(ipAddress)) {
ipAddress = request.getHeader("WL-Proxy-Client-IP");
}
if (ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) {
if (ipAddressAvailable(ipAddress)) {
ipAddress = request.getRemoteAddr();
if (ipAddress.equals("127.0.0.1")) {
// 根据网卡取本机配置的IP
@ -45,4 +48,8 @@ public class HttpUtils {
// ipAddress = this.getRequest().getRemoteAddr();
return ipAddress;
}
private static boolean ipAddressAvailable(String ipAddress) {
return ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress);
}
}