1. 请求拦截器代码
/**
* @author:
* @date: 2021-10-19 16:44
* @description: 拦截http请求并加载请求url信息
*/
@Component
public class RequestUrlInterceptor implements HandlerInterceptor {
@Value("${ipList}")
private String ipList;
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception{
String url = request.getRequestURL().toString();
if (StrUtil.isNotEmpty(ipList)){
String[] ipArr = ipList.split(",");
List<String> ipLists = CollUtil.newArrayList(ipArr);
String nowIp = IpUtils.getRealIP(request);
if (StrUtil.isNotEmpty(nowIp)){
if (!ipLists.contains(nowIp)){
response.getWriter().append("<h1 style=\"text-align:center;\">IP is not in the whitelist, please contact the administrator!</h1>");
return false;
}
}
}
return true;
}
}
2.WebMvcConfigurer代码
这里配置需要拦截的url地址
/**
* @author:
* @date: 2021-10-19 16:46
* @description: 配置拦截的请求url
*/
@Configuration
public class WebConfig implements WebMvcConfigurer {
@Autowired
private RequestUrlInterceptor requestUrlInterceptor;
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(requestUrlInterceptor).addPathPatterns("/api/open/**");
}
}
3.获取请求ip地址
/**
* @author:
* @date: 2021-11-02 9:50
* @description: 获取ip地址的工具类
*/
public class IpUtils {
/**
* 获取用户真实IP地址,不使用request.getRemoteAddr()的原因是有可能用户使用了代理软件方式避免真实IP地址,
* 可是,如果通过了多级反向代理的话,X-Forwarded-For的值并不止一个,而是一串IP值
* @return ip
*/
public static String getRealIP(HttpServletRequest request) {
String ip = request.getHeader("x-forwarded-for");
if (ip != null && ip.length() != 0 && ! "unknown".equalsIgnoreCase(ip)) {
// 多次反向代理后会有多个ip值,第一个ip才是真实ip
if( ip.indexOf(",") != -1 ){
ip = ip.split(",")[0];
}
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("Proxy-Client-IP");
System.out.println("Proxy-Client-IP ip: " + ip);
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("WL-Proxy-Client-IP");
System.out.println("WL-Proxy-Client-IP ip: " + ip);
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("HTTP_CLIENT_IP");
System.out.println("HTTP_CLIENT_IP ip: " + ip);
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("HTTP_X_FORWARDED_FOR");
System.out.println("HTTP_X_FORWARDED_FOR ip: " + ip);
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("X-Real-IP");
System.out.println("X-Real-IP ip: " + ip);
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getRemoteAddr();
System.out.println("getRemoteAddr ip: " + ip);
}
return ip;
}
}