diff --git a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/interceptor/CorsInterceptor.java b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/interceptor/CorsInterceptor.java index 9bab5b6..2e2a95b 100644 --- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/interceptor/CorsInterceptor.java +++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/interceptor/CorsInterceptor.java @@ -24,13 +24,13 @@ public class CorsInterceptor implements HandlerInterceptor { response.setHeader("Access-Control-Allow-Headers", "Content-Type,Token"); response.setHeader("Access-Control-Allow-Credentials", "false"); - //test - Enumeration headerNames = request.getHeaderNames(); + //test: print request headers + /*Enumeration headerNames = request.getHeaderNames(); Iterator nameIter = headerNames.asIterator(); while (nameIter.hasNext()) { String name = nameIter.next(); System.out.printf("%s: %s%n", name, request.getHeader(name)); - } + }*/ // 如果是OPTIONS则结束请求 if (HttpMethod.OPTIONS.toString().equals(request.getMethod())) { diff --git a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/impl/StaffServiceImpl.java b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/impl/StaffServiceImpl.java index ff128d9..0927cf8 100644 --- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/impl/StaffServiceImpl.java +++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/service/impl/StaffServiceImpl.java @@ -53,7 +53,7 @@ public class StaffServiceImpl extends ServiceImpl implements int loginCount = (int) redisTemplate.opsForValue().get(requestIpAddressHex); if (loginCount >= LOGIN_MAX_TRY_COUNT) { - throw new ForbiddenException(String.format("还需要等待%s才能登录" + throw new ForbiddenException(String.format("还需要等待%s才能继续尝试登录" , TimeUtils.secondsFormat(redisTemplate.getExpire(requestIpAddressHex)))); } @@ -91,6 +91,9 @@ public class StaffServiceImpl extends ServiceImpl implements private BadRequestException loginException(String requestIpAddress, int loginCount) { redisTemplate.opsForValue().set(requestIpAddress, ++loginCount, LOGIN_TRY_COUNT_TIMEOUT, TimeUnit.MINUTES); + if (loginCount == LOGIN_MAX_TRY_COUNT) { + return new BadRequestException(String.format("登录失败,您需要等待%d分钟后才能继续尝试登录", LOGIN_TRY_COUNT_TIMEOUT)); + } return new BadRequestException(String.format("登录失败,%d分钟内还有%d次登录机会", LOGIN_TRY_COUNT_TIMEOUT, LOGIN_MAX_TRY_COUNT - loginCount)); } diff --git a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/utils/http/HttpUtils.java b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/utils/http/HttpUtils.java index da75e61..e86184a 100644 --- a/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/utils/http/HttpUtils.java +++ b/src/main/java/cn/edu/hfut/rmdjzz/projectmanagement/utils/http/HttpUtils.java @@ -10,16 +10,19 @@ import java.net.UnknownHostException; */ public class HttpUtils { public static String getRequestIpAddress(HttpServletRequest request) { - String ipAddress = null; + String ipAddress; try { ipAddress = request.getHeader("x-forwarded-for"); - if (ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) { + if (ipAddressAvailable(ipAddress)) { + ipAddress = request.getHeader("x-real-ip"); + } + if (ipAddressAvailable(ipAddress)) { ipAddress = request.getHeader("Proxy-Client-IP"); } - if (ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) { + if (ipAddressAvailable(ipAddress)) { ipAddress = request.getHeader("WL-Proxy-Client-IP"); } - if (ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) { + if (ipAddressAvailable(ipAddress)) { ipAddress = request.getRemoteAddr(); if (ipAddress.equals("127.0.0.1")) { // 根据网卡取本机配置的IP @@ -45,4 +48,8 @@ public class HttpUtils { // ipAddress = this.getRequest().getRemoteAddr(); return ipAddress; } + + private static boolean ipAddressAvailable(String ipAddress) { + return ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress); + } }