拦截器
package com.rebuild.core.interceptor;
import cn.devezhao.persist4j.Entity;
import cn.devezhao.persist4j.engine.ID;
import com.alibaba.fastjson.JSONObject;
import com.rebuild.api.RespBody;
import com.rebuild.core.Application;
import com.rebuild.core.UserContextHolder;
import com.rebuild.core.metadata.EntityHelper;
import com.rebuild.core.metadata.MetadataHelper;
import lombok.extern.slf4j.Slf4j;
import org.springframework.util.StreamUtils;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.*;
@Slf4j
public class IPInterceptor implements HandlerInterceptor {
/* @Autowired
private ProjectTableDao projectTableDao;*/
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
log.info("---------- 判断相关ip");
if (handler instanceof HandlerMethod) {
String queryString = request.getQueryString();
//获取请求body
byte[] bodyBytes = StreamUtils.copyToByteArray(request.getInputStream());
String body = new String(bodyBytes, request.getCharacterEncoding());
// 记录信息:Controller路径</br>对应方法名</br>请求参数信息</br>请求相对路径</br>请求处理时长
HandlerMethod h = (HandlerMethod) handler;
StringBuilder sb = new StringBuilder(1000);
sb.append("Controller: ").append(h.getBean().getClass().getName()).append("\n");
sb.append("Method : ").append(h.getMethod().getName()).append("\n");
sb.append("Params : ").append(getParamString(request.getParameterMap())).append("\n");
sb.append("URI : ").append(request.getRequestURI()).append("\n");
System.out.println(sb.toString());
ID userId = UserContextHolder.getUser();
if (request.getRequestURI().equals("/user/user-login")) {
String user = request.getParameterMap().get("user")[0];
Entity entity = MetadataHelper.getEntity(EntityHelper.User);
String sql = String.format("select %s from %s where %s = '%s'",
"USER_ID",
"user",
"LOGIN_NAME",
user
);
Object[] objects = Application.getQueryFactory().createNativeQuery(sql)
.unique();
userId = (ID) objects[0];
}
}
//先获取相关需要验证的ip列表
//过滤ip,若用户在白名单内,则放行
String ipAddress = IPUtils.getRealIP(request);
//所用需要验证的ip,暂时批量验证
Set<String> listIps = getL