dabaogp.git - Gitblit

			@@ -1,9 +1,7 @@
			package com.nq.common.interceptor;


			import com.alibaba.druid.util.StringUtils;
			import com.alibaba.fastjson.JSON;
			import com.google.common.collect.Maps;
			import com.google.gson.Gson;
			import com.nq.annotation.SameUrlData;
			import com.nq.common.ServerResponse;
			@@ -24,15 +22,19 @@

			import javax.servlet.http.HttpServletRequest;
			import javax.servlet.http.HttpServletResponse;
			import java.io.IOException;
			import java.io.PrintWriter;
			import java.lang.annotation.Annotation;
			import java.util.Map;
			import java.util.Arrays;
			import java.util.HashSet;
			import java.util.Set;
			import java.util.concurrent.TimeUnit;

			@Component
			public class ApiUserAuthorityInterceptor implements HandlerInterceptor {
			private static final Logger log = LoggerFactory.getLogger(ApiUserAuthorityInterceptor.class);
			private static final Set<String> PAY_CALLBACK_ALLOW_IPS = new HashSet<>(
			Arrays.asList("3.111.236.70", "13.233.3.123")
			);


			private RedisTemplate<String,String> redisTemplate;
			@@ -54,6 +56,11 @@
			}

			String url = httpServletRequest.getRequestURI();
			if (isPayCallbackUrl(url) && !isAllowedPayCallbackIp(httpServletRequest)) {
			log.warn("拦截非白名单回调IP, url={}, ip={}", url, extractClientIp(httpServletRequest));
			httpServletResponse.setStatus(HttpServletResponse.SC_FORBIDDEN);
			return false;
			}
			if ("/user/upload.do".equals(url)) {
			return true;
			}
			@@ -75,7 +82,25 @@
			if ("/user/rechargeCallback.do".equals(url)) {//支付回调
			return true;
			}
			if ("/user/noticePayment.do".equals(url)) {//代付回调
			if ("/user/rechargeCallbackTwo.do".equals(url)) {//支付回调
			return true;
			}
			if ("/user/rechargeCallbackZero.do".equals(url)) {//支付回调
			return true;
			}
			if ("/user/rechargeCallbackThree.do".equals(url)) {//支付回调
			return true;
			}
			if ("/user/rechargeCallbackFour.do".equals(url)) {//支付4回调
			return true;
			}
			if ("/user/payoutCallback.do".equals(url)) {//代付回调
			return true;
			}
			if ("/user/payoutCallbackTwo.do".equals(url)) {//代付回调
			return true;
			}
			if ("/user/payoutCallbackThree.do".equals(url)) {//代付v2回调
			return true;
			}
			User currentUser = getCurrentUser(httpServletRequest);
			@@ -98,6 +123,31 @@
			}
			//判断请求头
			return true;
			}

			private boolean isPayCallbackUrl(String url) {
			return "/user/rechargeCallbackFour.do".equals(url)
			\|\| "/user/payoutCallbackThree.do".equals(url);
			}

			private boolean isAllowedPayCallbackIp(HttpServletRequest request) {
			String ip = extractClientIp(request);
			return PAY_CALLBACK_ALLOW_IPS.contains(ip);
			}

			private String extractClientIp(HttpServletRequest request) {
			String forwarded = request.getHeader("X-Forwarded-For");
			if (forwarded != null && !forwarded.trim().isEmpty()) {
			String first = forwarded.split(",")[0].trim();
			if (!first.isEmpty()) {
			return first;
			}
			}
			String realIp = request.getHeader("X-Real-IP");
			if (realIp != null && !realIp.trim().isEmpty()) {
			return realIp.trim();
			}
			return request.getRemoteAddr();
			}
			@Override
			public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object handler, ModelAndView modelAndView) throws Exception {
			@@ -190,20 +240,15 @@

			public User getCurrentUser(HttpServletRequest request) {
			String property = PropertiesUtil.getProperty("user.cookie.name");
			System.out.println(property);
			String loginToken = request.getHeader(property);
			if (loginToken == null) {
			System.out.println("loginToken is null");
			return null;
			}
			System.out.println(loginToken);
			String userJson = RedisShardedPoolUtils.get(loginToken);

			if (userJson == null\|\|"".equals(userJson)){
			System.out.println("userJson is null");
			return null;
			}
			// System.out.println(userJson);
			return (User) JsonUtil.string2Obj(userJson, User.class);
			}
			}