ip访问白名单

22127e88 · Leslie1w · 1ad32c7d · 22127e88 · 1ad32c7d · 1ad32c7d
Commit 22127e88 authored Jul 26, 2023 by Leslie1w
16 changed files
--- a/pom.xml
+++ b/pom.xml
@@ -70,6 +70,16 @@
 		<thymeleaf-layout-dialect.version>2.2.2</thymeleaf-layout-dialect.version>
 	</properties>
 	<dependencies>
+		<dependency>
+			<groupId>net.sourceforge.tess4j</groupId>
+			<artifactId>tess4j</artifactId>
+			<version>4.1.1</version>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-aop</artifactId>
+		</dependency>
 		<!-- 日志 -->
 		<dependency>
 			<groupId>org.slf4j</groupId>

--- a/src/main/java/com/founder/common/AuthConfigurer.java
+++ b/src/main/java/com/founder/common/AuthConfigurer.java
-package com.founder.common;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
-import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
-import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
-/**
- * @Projectname: hnxtbabootHaiNan
- * @Filename: AuthConfigurer
- * @Author: wcw
- * @Description: TODO
- * @since 2023/3/3 10:33
- */
-@Configuration
-public class AuthConfigurer implements WebMvcConfigurer {
-    @Autowired
-    RequestLimitInterceptor requestLimitInterceptor;
-    @Override
-    public void addInterceptors(InterceptorRegistry registry) {
-        registry.addInterceptor(requestLimitInterceptor);
-    }
-}
\ No newline at end of file
--- a/src/main/java/com/founder/common/CacheUtils.java
+++ b/src/main/java/com/founder/common/CacheUtils.java
-package com.founder.common;
-import java.util.Map;
-import java.util.concurrent.*;
-/**
- * @Projectname: hnxtbabootHaiNan
- * @Filename: CacheUtils
- * @Author: wcw
- * @Description: TODO
- * @since 2023/3/3 10:34
- */
-public class CacheUtils {
-    // 键值对集合
-    private final static Map<String, Entity> map = new ConcurrentHashMap<>();
-    // 定时器线程池, 用于清除过期缓存
-    private final static ScheduledExecutorService executor = Executors.newSingleThreadScheduledExecutor();
-    /**
-     * 添加缓存
-     */
-    public synchronized static void put(String key, Object data) {
-        CacheUtils.put(key, data, 0);
-    }
-    /**
-     * 添加缓存
-     * 过期时间: 单位毫秒, 0表示无限长
-     */
-    public synchronized static void put(String key, Object data, long expire) {
-        // 清除原键值对
-        CacheUtils.remove(key);
-        // 设置过期时间
-        if (expire > 0) {
-            Future future = executor.schedule(() -> {
-                // 过期后清除该键值对
-                synchronized (CacheUtils.class) {
-                    map.remove(key);
-                }
-            }, expire, TimeUnit.MILLISECONDS);
-            map.put(key, new Entity(data, future));
-        } else {
-            // 不设置过期时间
-            map.put(key, new Entity(data, null));
-        }
-    }
-    /**
-     * 读取缓存
-     */
-    public synchronized static Object get(String key) {
-        Entity entity = map.get(key);
-        return entity == null ? null : entity.getValue();
-    }
-    /**
-     * 读取缓存
-     * clazz 值类型
-     */
-    public synchronized static <T> T get(String key, Class<T> clazz) {
-        return clazz.cast(CacheUtils.get(key));
-    }
-    /**
-     * 清除指定缓存
-     * 返回值为指定key的value
-     */
-    public synchronized static Object remove(String key) {
-        // 清除指定缓存数据
-        Entity entity = map.remove(key);
-        if (entity == null)
-            return null;
-        // 清除指定键值对定时器
-        Future future = entity.getFuture();
-        if (future != null)
-            future.cancel(true);
-        return entity.getValue();
-    }
-    /**
-     * 清除所有缓存
-     */
-    public synchronized static void removeAll() {
-        map.clear();
-    }
-    /**
-     * 查询当前缓存的键值对数量
-     */
-    public synchronized static int size() {
-        return map.size();
-    }
-    /**
-     * 缓存实体类
-     */
-    private static class Entity {
-        // 键值对的value
-        private Object value;
-        // 定时器的future
-        private Future future;
-        /**
-         * 创建实体类
-         */
-        public Entity(Object value, Future future) {
-            this.value = value;
-            this.future = future;
-        }
-        /**
-         * 获取value值
-         */
-        public Object getValue() {
-            return value;
-        }
-        /**
-         * 获取future对象
-         */
-        public Future getFuture() {
-            return future;
-        }
-    }
-}
\ No newline at end of file
--- a/src/main/java/com/founder/common/IpRestriction.java
+++ b/src/main/java/com/founder/common/IpRestriction.java
+package com.founder.common;
+import java.lang.annotation.*;
+/**
+ * @Descrption 根据IP白名单，限制接口访问人
+ */
+@Target(value = ElementType.METHOD)
+@Retention(value = RetentionPolicy.RUNTIME)
+@Documented
+public @interface IpRestriction {
+}
--- a/src/main/java/com/founder/common/IpRestrictionAspect.java
+++ b/src/main/java/com/founder/common/IpRestrictionAspect.java
+package com.founder.common;
+import lombok.extern.slf4j.Slf4j;
+import org.aspectj.lang.ProceedingJoinPoint;
+import org.aspectj.lang.annotation.Around;
+import org.aspectj.lang.annotation.Aspect;
+import org.aspectj.lang.annotation.Pointcut;
+import org.aspectj.lang.reflect.MethodSignature;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Component;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+import javax.servlet.http.HttpServletRequest;
+import java.lang.reflect.Method;
+import java.net.InetAddress;
+@Aspect
+@Component
+@Slf4j
+public class IpRestrictionAspect {
+    @Value("${whiteIps}")
+    private String whiteIps;
+    @Pointcut(" (execution(* com.founder.controller.TbStRyController.*(..)))")
+    public void excudeService() {
+    }
+    @Around("excudeService()")
+    public Object doAround(ProceedingJoinPoint  joinPoint) {
+        MethodSignature methodSignature = (MethodSignature) joinPoint.getSignature();
+        Method method = methodSignature.getMethod();
+        String ip = "";
+        try {
+            IpRestriction oper = method.getAnnotation(IpRestriction.class);
+            if (oper != null) {
+//                addServiceLog(oper, joinPoint);
+                ip = getIp();
+                log.info("访问ip为：{}",ip);
+                String[] split = whiteIps.split(",");
+                for (int i = 0; i < split.length; i++) {
+                    if (split[i].equals(ip)){
+                        return joinPoint.proceed();
+                    }
+                }
+            }
+        } catch (SecurityException e) {
+            e.printStackTrace();
+        } catch (Exception e) {
+            e.printStackTrace();
+        } catch (Throwable throwable) {
+            throwable.printStackTrace();
+        }
+        return null;
+    }
+    public String getIp() throws Exception {
+        HttpServletRequest request = ((ServletRequestAttributes)
+                RequestContextHolder.getRequestAttributes()).getRequest();
+        String ip = request.getHeader("X-Forwarded-For");
+        if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
+            ip = request.getHeader("Proxy-Client-IP");
+        }
+        if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
+            ip = request.getHeader("WL-Proxy-Client-IP");
+        }
+        if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
+            ip = request.getHeader("HTTP_CLIENT_IP");
+        }
+        if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
+            ip = request.getHeader("HTTP_X_FORWARDED_FOR");
+        }
+        if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
+            ip = request.getHeader("X-Real-IP");
+        }
+        if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
+            ip = request.getRemoteAddr();
+        }
+        //有些网络通过多层代理，那么获取到的ip就会有多个，一般都是通过逗号（,）分割开来，并且第一个ip为客户端的真实IP
+        if (ip != null && ip.length() != 0) {
+            ip = ip.split(",")[0];
+        }
+        if ("127.0.0.1".equals(ip) || ip == "127.0.0.1" || "0:0:0:0:0:0:0:1".equals(ip)
+                || ip == "0:0:0:0:0:0:0:1") {
+            ip = InetAddress.getLocalHost().getHostAddress();
+        }
+        return ip;
+    }
+}
--- a/src/main/java/com/founder/common/RequestLimitException.java
+++ b/src/main/java/com/founder/common/RequestLimitException.java
-package com.founder.common;
-/**
- * @Projectname: hnxtbabootHaiNan
- * @Filename: RequestLimitException
- * @Author: wcw
- * @Description: TODO
- * @since 2023/3/3 10:36
- */
-public class RequestLimitException extends Exception {
-    private static final long serialVersionUID = 1364225358754654702L;
-    /**
-     * Instantiates a new Request limit exception.
-     */
-    public RequestLimitException() {
-        super("HTTP请求超出设定的限制");
-    }
-    /**
-     * Instantiates a new Request limit exception.
-     *
-     * @param message the message
-     */
-    public RequestLimitException(String message) {
-        super(message);
-    }
-}
\ No newline at end of file
--- a/src/main/java/com/founder/common/RequestLimitInterceptor.java
+++ b/src/main/java/com/founder/common/RequestLimitInterceptor.java
-package com.founder.common;
-import com.founder.utils.SysUitl;
-import lombok.extern.slf4j.Slf4j;
-import org.springframework.stereotype.Component;
-import org.springframework.web.servlet.HandlerInterceptor;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-@Slf4j
-@Component
-public class RequestLimitInterceptor implements HandlerInterceptor {
-    @Override
-    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object object) throws RequestLimitException {
-        try {
-            Integer limit_count = 25;
-            Integer limit_time = 1000 *60;
-             String ip = SysUitl.getIp(httpServletRequest);
-            String url = httpServletRequest.getRequestURL().toString();
-            String key = "req_limit_".concat(url).concat(ip);
-            String cache = (String)CacheUtils.get(key);
-            if (null == cache) {
-                String value = "1_" + System.currentTimeMillis();
-                CacheUtils.put(key,value,limit_time);
-            } else {
-                String value = (String) cache;
-                String[] s = value.split("_");
-                int count = Integer.parseInt(s[0]);
-                if (count > limit_count) {
-                    log.info("用户IP[{}], 访问地址[{}], 超过了限定的次数[{}]", ip, url, limit_count);
-                    throw new RequestLimitException();
-                }
-                value = (count + 1) + "_" + s[1];
-                long last = limit_time - (System.currentTimeMillis() - Long.parseLong(s[1]));
-                if (last > 0) {
-                    CacheUtils.put(key,value,limit_time);
-                }
-            }
-        } catch (RequestLimitException e) {
-            throw e;
-        } catch (Exception e) {
-            log.error("发生异常", e);
-        }
-        return  true;
-    }
-}
--- a/src/main/java/com/founder/config/DefaultViewConfig.java
+++ b/src/main/java/com/founder/config/DefaultViewConfig.java
@@ -14,7 +14,7 @@ public class DefaultViewConfig implements WebMvcConfigurer {
    @Override
    public void addViewControllers(ViewControllerRegistry registry) {
-        registry.addViewController("/toLogin").setViewName("login/login_hainan");
+        registry.addViewController("/toLogin").setViewName("login/login");
        registry.addViewController("/hncsLogin").setViewName("login/login_hncs");
        registry.addViewController("/hnzzLogin").setViewName("login/login_hnzz");
        registry.addViewController("/hnxtLogin").setViewName("login/login_hnxt");

--- a/src/main/java/com/founder/controller/SystemController.java
+++ b/src/main/java/com/founder/controller/SystemController.java
@@ -40,6 +40,7 @@ import org.hyperic.sigar.OperatingSystem;
 import org.hyperic.sigar.Sigar;
 import org.hyperic.sigar.SigarException;
 import org.hyperic.sigar.Swap;
+import org.springframework.web.bind.annotation.RestController;
 import org.springframework.web.context.request.RequestContextHolder;
 import org.springframework.web.context.request.ServletRequestAttributes;
@@ -61,7 +62,7 @@ public class SystemController {
     * 服务器信息
     */
    @RequestMapping(value = "getSystem")
-    public void serverInfo(HttpServletResponse response) {
+    public Object serverInfo(HttpServletResponse response) {
        Properties props = System.getProperties();
        Map<String, String> map = System.getenv();
        JSONObject jsonObject = new JSONObject();
@@ -79,6 +80,7 @@ public class SystemController {
            log.error(e.getMessage());
        }
        response2Client(response, jsonObject.toString());
+        return null;
    }
    /**
@@ -86,7 +88,6 @@ public class SystemController {
      */
    @RequestMapping(value = "cpuUsage")
    @Scheduled(cron = "0 0/30 * * * ?")//三十分钟一次
-    @ResponseBody
    public void regularlyCheckServerUsage(){
        PropertiesUtil p = new PropertiesUtil("application.properties");
        String ifopen = p.getValue("ifopen");
@@ -140,7 +141,7 @@ public class SystemController {
     * 系统信息
     */
    @RequestMapping(value = "/system")
-    public void systemInfo(HttpServletResponse response) {
+    public Object systemInfo(HttpServletResponse response) {
        OperatingSystem OS = OperatingSystem.getInstance();
        JSONObject jsonObject = new JSONObject();
        jsonObject.put("osname", OS.getVendorName()); //操作系统名称
@@ -148,6 +149,7 @@ public class SystemController {
        jsonObject.put("osdescription", OS.getDescription()); //操作系统的描述
        jsonObject.put("osversion", OS.getVersion()); //操作系统的版本号
        response2Client(response, jsonObject.toString());
+        return null;
    }
@@ -200,7 +202,7 @@ public JSONObject cpu() throws SigarException {
     * @throws UnknownHostException
     */
    @RequestMapping(value = "/jvm")
-    public void jvmInfo(HttpServletResponse response) throws UnknownHostException {
+    public Object jvmInfo(HttpServletResponse response) throws UnknownHostException {
        Runtime r = Runtime.getRuntime();
        Properties props = System.getProperties();
        JSONObject jsonObject = new JSONObject();
@@ -216,6 +218,7 @@ public JSONObject cpu() throws SigarException {
        jsonObject.put("jvmjavaiotmpdir", props.getProperty("java.io.tmpdir")); //默认的临时文件路径
        jsonObject.put("jvmjavaextdirs", props.getProperty("java.ext.dirs")); //扩展目录的路径
        response2Client(response, jsonObject.toString());
+        return null;
    }

--- a/src/main/java/com/founder/controller/TbStRyController.java
+++ b/src/main/java/com/founder/controller/TbStRyController.java
 package com.founder.controller;
+import com.founder.common.IpRestriction;
 import com.founder.dao.TbXwRycjDao;
 import com.founder.model.AutoTbStRy;
 import com.founder.model.User;
@@ -57,6 +58,7 @@ public class TbStRyController {
     * @return
     */
    @PostMapping("/getRyxx")
+    @IpRestriction
    public XzResult ryxxsb(@RequestBody Jsythcjsj jsythcjsj) {
        if (StringUtils.isEmpty(jsythcjsj.getSfhm())) {
            return XzResult.error("查询失败").data("code", JZWFW_CODE_FAIL).data("info", "身份号码不能为空！");

--- a/src/main/java/com/founder/controller/ZlccController.java
+++ b/src/main/java/com/founder/controller/ZlccController.java
@@ -837,12 +837,13 @@ public class ZlccController {
    }
    @RequestMapping("/toZlccList")
-    public String toZlccList(Model model, HttpServletRequest request, String rwbh, String flg) {
+    public String toZlccList(Model model, HttpServletRequest request, String rwbh, String flg, String ccdw) {
        User user = (User) request.getSession().getAttribute("User");
        model.addAttribute("username", user.getUsername());
        model.addAttribute("ccbh", rwbh);
        model.addAttribute("ccrw", afisQualityCcrwService.getAfisQualityCcrw(rwbh));
        model.addAttribute("flg", flg);
+        model.addAttribute("ccdw", ccdw);
        if ("1".equals(flg)) {
            return "zlcc/zlcc";
        } else {

--- a/src/main/resources/application-dev.properties
+++ b/src/main/resources/application-dev.properties
 #正式环境配置
-server.port=9200
+server.port=9222
 tomcat.uri-encoding: utf-8
 logging.path=E:/log
 logging.level.com.founder = debug

--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -72,3 +72,6 @@ FTP_PORT=8822
 FTP_USERNAME=43000000
 FTP_PASSWORD=0
 sfscftp=1
+whiteIps=74.6.54.205,65.28.26.63,192.168.197.2
--- a/src/main/resources/templates/cjqx/sbjkglform.html
+++ b/src/main/resources/templates/cjqx/sbjkglform.html
--- a/src/main/resources/templates/ryfk/ryfk.html
+++ b/src/main/resources/templates/ryfk/ryfk.html
@@ -254,7 +254,7 @@
        formData.append("file",files);
        $.ajax({
            type: "POST",
-            url: "http://65.65.100.192:8006/getRyxxRxbdjg?rybh="+rybh+"&xxdjryXm="+$("#xxdjryXm").val()+"&xxdjryGmsfhm="+$("#xxdjryGmsfhm").val()+"&xxdjdwGajgjgdm="+$("#xxdjdwGajgjgdm").val()+"&xxdjdwGajgmc="+$("#xxdjdwGajgmc").val()+"&xxdjryLxdh="+$("#xxdjryLxdh").val()+"&fjmc="+rybh+"1.jpg"+"&threshold=90&model=hainan",
+            url: "http://127.0.0.1:9101/getZzRxbd?rybh="+rybh+"&xxdjryXm="+$("#xxdjryXm").val()+"&xxdjryGmsfhm="+$("#xxdjryGmsfhm").val()+"&xxdjdwGajgjgdm="+$("#xxdjdwGajgjgdm").val()+"&xxdjdwGajgmc="+$("#xxdjdwGajgmc").val()+"&xxdjryLxdh="+$("#xxdjryLxdh").val()+"&fjmc="+rybh+"1.jpg"+"&threshold=90&model=hainan",
            data:formData,
            dataType:"text",
            processData:false,

--- a/src/main/resources/templates/zlcc/iframe1.html
+++ b/src/main/resources/templates/zlcc/iframe1.html
@@ -264,7 +264,7 @@
                            "<a href='javascript:void(0)' onclick='newDialog(\"" + rwbh + "\")' class='easyui-linkbutton zdy-btn l-btn l-btn-small' >修改</a>" +
                            "<a href='javascript:void(0)' onclick='deleteRwxx(\"" + rwbh + "\")' class='easyui-linkbutton zdy-btn l-btn l-btn-small' >删除</a>";
                }else{
-                    var rstStr = "<a href='javascript:void(0)'  onclick='zlcc(\"" + xxbh + "\",\"1\")' class='easyui-linkbutton zdy-btn l-btn l-btn-small'>抽查</a>" +
+                    var rstStr = "<a href='javascript:void(0)'  onclick='zlcc(\"" + xxbh + "\",\"1\",ccdw)' class='easyui-linkbutton zdy-btn l-btn l-btn-small'>抽查</a>" +
                            "<a href='javascript:void(0)' onclick='newDialog(\"" + rwbh + "\")' class='easyui-linkbutton zdy-btn l-btn l-btn-small' >修改</a>" +
                            "<a href='javascript:void(0)' onclick='deleteRwxx(\"" + rwbh + "\")' class='easyui-linkbutton zdy-btn l-btn l-btn-small' >删除</a>";
                }
@@ -358,8 +358,8 @@
        ])
    }
-    function zlcc(xxbh,flg){
+    function zlcc(xxbh,flg,ccdw){
-        window.open("/toZlccList?rwbh="+xxbh+"&flg="+flg,'_blank');
+        window.open("/toZlccList?rwbh="+xxbh+"&flg="+flg+"&ccdw="+ccdw,'_blank');
    }
    function ccrw(rwbh){