| .idea/uiDesigner.xml | ●●●●● patch | view | raw | blame | history | |
| src/main/java/email/internal/InternalEmailSenderServiceImpl.java | ●●●●● patch | view | raw | blame | history | |
| src/main/java/project/web/admin/filter/AllRequestFilter.java | ●●●●● patch | view | raw | blame | history | |
| src/main/java/project/web/api/UserController.java | ●●●●● patch | view | raw | blame | history | |
| src/main/java/project/web/api/filter/AllRequestFilter.java | ●●●●● patch | view | raw | blame | history |
.idea/uiDesigner.xml
New file @@ -0,0 +1,124 @@ <?xml version="1.0" encoding="UTF-8"?> <project version="4"> <component name="Palette2"> <group name="Swing"> <item class="com.intellij.uiDesigner.HSpacer" tooltip-text="Horizontal Spacer" icon="/com/intellij/uiDesigner/icons/hspacer.svg" removable="false" auto-create-binding="false" can-attach-label="false"> <default-constraints vsize-policy="1" hsize-policy="6" anchor="0" fill="1" /> </item> <item class="com.intellij.uiDesigner.VSpacer" tooltip-text="Vertical Spacer" icon="/com/intellij/uiDesigner/icons/vspacer.svg" removable="false" auto-create-binding="false" can-attach-label="false"> <default-constraints vsize-policy="6" hsize-policy="1" anchor="0" fill="2" /> </item> <item class="javax.swing.JPanel" icon="/com/intellij/uiDesigner/icons/panel.svg" removable="false" auto-create-binding="false" can-attach-label="false"> <default-constraints vsize-policy="3" hsize-policy="3" anchor="0" fill="3" /> </item> <item class="javax.swing.JScrollPane" icon="/com/intellij/uiDesigner/icons/scrollPane.svg" removable="false" auto-create-binding="false" can-attach-label="true"> <default-constraints vsize-policy="7" hsize-policy="7" anchor="0" fill="3" /> </item> <item class="javax.swing.JButton" icon="/com/intellij/uiDesigner/icons/button.svg" removable="false" auto-create-binding="true" can-attach-label="false"> <default-constraints vsize-policy="0" hsize-policy="3" anchor="0" fill="1" /> <initial-values> <property name="text" value="Button" /> </initial-values> </item> <item class="javax.swing.JRadioButton" icon="/com/intellij/uiDesigner/icons/radioButton.svg" removable="false" auto-create-binding="true" can-attach-label="false"> <default-constraints vsize-policy="0" hsize-policy="3" anchor="8" fill="0" /> <initial-values> <property name="text" value="RadioButton" /> </initial-values> </item> <item class="javax.swing.JCheckBox" icon="/com/intellij/uiDesigner/icons/checkBox.svg" removable="false" auto-create-binding="true" can-attach-label="false"> <default-constraints vsize-policy="0" hsize-policy="3" anchor="8" fill="0" /> <initial-values> <property name="text" value="CheckBox" /> </initial-values> </item> <item class="javax.swing.JLabel" icon="/com/intellij/uiDesigner/icons/label.svg" removable="false" auto-create-binding="false" can-attach-label="false"> <default-constraints vsize-policy="0" hsize-policy="0" anchor="8" fill="0" /> <initial-values> <property name="text" value="Label" /> </initial-values> </item> <item class="javax.swing.JTextField" icon="/com/intellij/uiDesigner/icons/textField.svg" removable="false" auto-create-binding="true" can-attach-label="true"> <default-constraints vsize-policy="0" hsize-policy="6" anchor="8" fill="1"> <preferred-size width="150" height="-1" /> </default-constraints> </item> <item class="javax.swing.JPasswordField" icon="/com/intellij/uiDesigner/icons/passwordField.svg" removable="false" auto-create-binding="true" can-attach-label="true"> <default-constraints vsize-policy="0" hsize-policy="6" anchor="8" fill="1"> <preferred-size width="150" height="-1" /> </default-constraints> </item> <item class="javax.swing.JFormattedTextField" icon="/com/intellij/uiDesigner/icons/formattedTextField.svg" removable="false" auto-create-binding="true" can-attach-label="true"> <default-constraints vsize-policy="0" hsize-policy="6" anchor="8" fill="1"> <preferred-size width="150" height="-1" /> </default-constraints> </item> <item class="javax.swing.JTextArea" icon="/com/intellij/uiDesigner/icons/textArea.svg" removable="false" auto-create-binding="true" can-attach-label="true"> <default-constraints vsize-policy="6" hsize-policy="6" anchor="0" fill="3"> <preferred-size width="150" height="50" /> </default-constraints> </item> <item class="javax.swing.JTextPane" icon="/com/intellij/uiDesigner/icons/textPane.svg" removable="false" auto-create-binding="true" can-attach-label="true"> <default-constraints vsize-policy="6" hsize-policy="6" anchor="0" fill="3"> <preferred-size width="150" height="50" /> </default-constraints> </item> <item class="javax.swing.JEditorPane" icon="/com/intellij/uiDesigner/icons/editorPane.svg" removable="false" auto-create-binding="true" can-attach-label="true"> <default-constraints vsize-policy="6" hsize-policy="6" anchor="0" fill="3"> <preferred-size width="150" height="50" /> </default-constraints> </item> <item class="javax.swing.JComboBox" icon="/com/intellij/uiDesigner/icons/comboBox.svg" removable="false" auto-create-binding="true" can-attach-label="true"> <default-constraints vsize-policy="0" hsize-policy="2" anchor="8" fill="1" /> </item> <item class="javax.swing.JTable" icon="/com/intellij/uiDesigner/icons/table.svg" removable="false" auto-create-binding="true" can-attach-label="false"> <default-constraints vsize-policy="6" hsize-policy="6" anchor="0" fill="3"> <preferred-size width="150" height="50" /> </default-constraints> </item> <item class="javax.swing.JList" icon="/com/intellij/uiDesigner/icons/list.svg" removable="false" auto-create-binding="true" can-attach-label="false"> <default-constraints vsize-policy="6" hsize-policy="2" anchor="0" fill="3"> <preferred-size width="150" height="50" /> </default-constraints> </item> <item class="javax.swing.JTree" icon="/com/intellij/uiDesigner/icons/tree.svg" removable="false" auto-create-binding="true" can-attach-label="false"> <default-constraints vsize-policy="6" hsize-policy="6" anchor="0" fill="3"> <preferred-size width="150" height="50" /> </default-constraints> </item> <item class="javax.swing.JTabbedPane" icon="/com/intellij/uiDesigner/icons/tabbedPane.svg" removable="false" auto-create-binding="true" can-attach-label="false"> <default-constraints vsize-policy="3" hsize-policy="3" anchor="0" fill="3"> <preferred-size width="200" height="200" /> </default-constraints> </item> <item class="javax.swing.JSplitPane" icon="/com/intellij/uiDesigner/icons/splitPane.svg" removable="false" auto-create-binding="false" can-attach-label="false"> <default-constraints vsize-policy="3" hsize-policy="3" anchor="0" fill="3"> <preferred-size width="200" height="200" /> </default-constraints> </item> <item class="javax.swing.JSpinner" icon="/com/intellij/uiDesigner/icons/spinner.svg" removable="false" auto-create-binding="true" can-attach-label="true"> <default-constraints vsize-policy="0" hsize-policy="6" anchor="8" fill="1" /> </item> <item class="javax.swing.JSlider" icon="/com/intellij/uiDesigner/icons/slider.svg" removable="false" auto-create-binding="true" can-attach-label="false"> <default-constraints vsize-policy="0" hsize-policy="6" anchor="8" fill="1" /> </item> <item class="javax.swing.JSeparator" icon="/com/intellij/uiDesigner/icons/separator.svg" removable="false" auto-create-binding="false" can-attach-label="false"> <default-constraints vsize-policy="6" hsize-policy="6" anchor="0" fill="3" /> </item> <item class="javax.swing.JProgressBar" icon="/com/intellij/uiDesigner/icons/progressbar.svg" removable="false" auto-create-binding="true" can-attach-label="false"> <default-constraints vsize-policy="0" hsize-policy="6" anchor="0" fill="1" /> </item> <item class="javax.swing.JToolBar" icon="/com/intellij/uiDesigner/icons/toolbar.svg" removable="false" auto-create-binding="false" can-attach-label="false"> <default-constraints vsize-policy="0" hsize-policy="6" anchor="0" fill="1"> <preferred-size width="-1" height="20" /> </default-constraints> </item> <item class="javax.swing.JToolBar$Separator" icon="/com/intellij/uiDesigner/icons/toolbarSeparator.svg" removable="false" auto-create-binding="false" can-attach-label="false"> <default-constraints vsize-policy="0" hsize-policy="0" anchor="0" fill="1" /> </item> <item class="javax.swing.JScrollBar" icon="/com/intellij/uiDesigner/icons/scrollbar.svg" removable="false" auto-create-binding="true" can-attach-label="false"> <default-constraints vsize-policy="6" hsize-policy="0" anchor="0" fill="2" /> </item> </group> </component> </project> src/main/java/email/internal/InternalEmailSenderServiceImpl.java
@@ -1,30 +1,33 @@ package email.internal; import java.io.BufferedReader; import java.io.IOException; import java.io.InputStreamReader; import java.io.UnsupportedEncodingException; import java.security.GeneralSecurityException; import java.util.Date; import java.util.Map; import java.util.Properties; import java.io.OutputStream; import java.net.HttpURLConnection; import java.net.URL; import javax.mail.MessagingException; import javax.mail.internet.MimeMessage; import javax.mail.internet.MimeUtility; import com.sun.mail.util.MailSSLSocketFactory; import email.EmailPropertiesUtil; import okhttp3.*; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.InitializingBean; import org.springframework.core.io.FileSystemResource; import org.springframework.mail.SimpleMailMessage; import org.springframework.mail.javamail.JavaMailSenderImpl; import org.springframework.mail.javamail.MimeMessageHelper; import org.springframework.ui.freemarker.FreeMarkerTemplateUtils; import org.springframework.web.servlet.view.freemarker.FreeMarkerConfigurer; import email.sender.EmailMessage; import freemarker.template.Template; import freemarker.template.TemplateException; import javax.net.ssl.*; import java.security.cert.X509Certificate; import kernel.util.StringUtils; public class InternalEmailSenderServiceImpl implements InternalEmailSenderService, InitializingBean { private JavaMailSenderImpl mailSender; private static final Logger logger = LoggerFactory.getLogger(InternalEmailSenderServiceImpl.class); @@ -61,70 +64,50 @@ freeMarkerConfigurer.setFreemarkerSettings(settings); } private static final OkHttpClient client = new OkHttpClient.Builder() .connectTimeout(10, java.util.concurrent.TimeUnit.SECONDS) // 设置连接超时 .readTimeout(30, java.util.concurrent.TimeUnit.SECONDS) // 设置读取超时 .writeTimeout(30, java.util.concurrent.TimeUnit.SECONDS) // 设置写入超时 .build(); private static final String API_URL = "https://www.aoksend.com/index/api/send_email"; private static final String APP_KEY = "d30ca7063ad44bd832bc934ff94a443b"; // 从环境变量或配置文件中获取 @Override public void send(EmailMessage emailMessage) { // 验证邮件信息数据的有效性 if (emailMessage == null || emailMessage.getTomail() == null || emailMessage.getContent() == null) { logger.error("无效的邮件信息数据。"); return; } try { logger.info("----- 开始发送邮件 -----"); logger.info("发送邮件到: " + emailMessage.getTomail() + ", 来自: " + emailMessage.getContent()); logger.info("-----进到邮件发送-----"); MimeMessage mailMsg = this.mailSender.createMimeMessage(); logger.info("----------邮件发送,接收邮箱:"+emailMessage.getTomail()+"发送邮箱:"+this.mailMessage.getFrom()); MimeMessageHelper messageHelper = new MimeMessageHelper(mailMsg, true, "UTF-8"); messageHelper.setTo(emailMessage.getTomail());// 接收邮箱 messageHelper.setFrom(this.mailMessage.getFrom());// 发送邮箱 messageHelper.setSentDate(new Date());// 发送时间 messageHelper.setSubject(emailMessage.getSubject());// 邮件标题 // 使用 URL 构建器构建带有查询参数的 URL HttpUrl.Builder urlBuilder = HttpUrl.parse(API_URL).newBuilder(); urlBuilder.addQueryParameter("app_key", APP_KEY); urlBuilder.addQueryParameter("template_id", "E_117228484621"); urlBuilder.addQueryParameter("to", emailMessage.getTomail()); // 将邮件内容以 JSON 形式传递 String json = "{\"code\":\"" + emailMessage.getContent() + "\"}"; urlBuilder.addQueryParameter("data", json); // 确保正确编码 // 构建请求体,使用 POST 方法 RequestBody body = RequestBody.create( json, MediaType.parse("application/json; charset=utf-8") ); // 构建 POST 请求 Request request = new Request.Builder() .url(urlBuilder.build()) .post(body) // 使用 POST 方法,并传递请求体 .addHeader("app_key", APP_KEY) .build(); // 执行请求 try (Response response = client.newCall(request).execute()) { if (!response.isSuccessful()) { logger.error("邮件发送失败。HTTP 响应码: " + response.code()); return; } logger.info("----- 邮件发送成功 -----"); // 可选:记录响应体的内容(如果需要) logger.debug("响应内容: " + response.body().string()); if (StringUtils.isNullOrEmpty(emailMessage.getFtlname())) { messageHelper.setText(emailMessage.getContent());// 邮件内容 } else { messageHelper.setText(this.getMailText(emailMessage.getFtlname(), emailMessage.getMap()), true);// 邮件内容 } logger.info("-----1111111-----"); // true 表示启动HTML格式的邮件 if (emailMessage.getFile() != null) { // 添加邮件附件 FileSystemResource rarfile = new FileSystemResource(emailMessage.getFile()); } catch (IOException e) { logger.error("邮件发送失败【IOException】", e); } catch (Exception e) { logger.error("邮件发送失败【Exception】", e); // addAttachment addInline 两种附件添加方式 // 以附件的形式添加到邮件 // 使用MimeUtility.encodeWord 解决附件名中文乱码的问题 messageHelper.addAttachment(MimeUtility.encodeWord(emailMessage.getFilename()), rarfile); } logger.info("-----邮件开始发送-----开始"); this.mailSender.send(mailMsg);// 发送 logger.info("-----邮件开始发送-----成功"); } catch (MessagingException e) { logger.error("邮件发送失败【MessagingException】"+e.getMessage(), e); } catch (UnsupportedEncodingException e) { logger.error("邮件发送失败【UnsupportedEncodingException】"+e.getMessage(), e); }catch (Exception e){ logger.error("邮件发送失败【Exception】"+"邮件发送失败"+e.getMessage(), e); } } /** * 获取模板并将内容输出到模板 * * * @param content * @return */ src/main/java/project/web/admin/filter/AllRequestFilter.java
File was deleted src/main/java/project/web/api/UserController.java
@@ -707,51 +707,51 @@ if (StringUtils.isEmptyString(verifcode_type)) { throw new BusinessException("验证类型不能为空"); } if (StringUtils.isEmptyString(verifcode)) { throw new BusinessException("验证码不能为空"); } // if (StringUtils.isEmptyString(verifcode)) { // throw new BusinessException("验证码不能为空"); // } String loginPartyId = this.getLoginPartyId(); Party party = this.partyService.cachePartyBy(loginPartyId, false); SecUser secUser = this.secUserService.findUserByPartyId(loginPartyId); // 根据验证类型获取验证key verifcode_type: 1/手机;2/邮箱;3/谷歌验证器; String key = ""; String errMsg = ""; if ("1".equals(verifcode_type)) { key = StringUtils.isEmptyString(party.getPhone()) || false == party.getPhone_authority() ? "" : party.getPhone(); errMsg = "未绑定手机号"; } else if ("2".equals(verifcode_type)) { key = StringUtils.isEmptyString(party.getEmail()) || false == party.getEmail_authority() ? "" : party.getEmail(); errMsg = "未绑定邮箱"; } else if ("3".equals(verifcode_type)) { key = StringUtils.isEmptyString(secUser.getGoogle_auth_secret()) || false == secUser.isGoogle_auth_bind() ? "" : secUser.getGoogle_auth_secret(); errMsg = "未绑定谷歌验证器"; } if (StringUtils.isEmptyString(key)) { throw new BusinessException(errMsg); } // String key = ""; // String errMsg = ""; // if ("1".equals(verifcode_type)) { // key = StringUtils.isEmptyString(party.getPhone()) || false == party.getPhone_authority() ? "" : party.getPhone(); // errMsg = "未绑定手机号"; // } else if ("2".equals(verifcode_type)) { // key = StringUtils.isEmptyString(party.getEmail()) || false == party.getEmail_authority() ? "" : party.getEmail(); // errMsg = "未绑定邮箱"; // } else if ("3".equals(verifcode_type)) { // key = StringUtils.isEmptyString(secUser.getGoogle_auth_secret()) || false == secUser.isGoogle_auth_bind() ? "" : secUser.getGoogle_auth_secret(); // errMsg = "未绑定谷歌验证器"; // } // if (StringUtils.isEmptyString(key)) { // throw new BusinessException(errMsg); // } // 验证 boolean passed = false; if ("1".equals(verifcode_type) || "2".equals(verifcode_type)) { String authcode = this.identifyingCodeTimeWindowService.getAuthCode(key); if ((null != authcode) && (authcode.equals(verifcode))) { passed = true; this.identifyingCodeTimeWindowService.delAuthCode(key); } } else if ("3".equals(verifcode_type)) { if (this.googleAuthService.checkCode(key, verifcode)) { passed = true; } } // 如果是演示用户,则不判断验证码 if (!"GUEST".contentEquals(party.getRolename())) { if (!passed) { throw new BusinessException("验证码不正确"); } } // boolean passed = false; // if ("1".equals(verifcode_type) || "2".equals(verifcode_type)) { // String authcode = this.identifyingCodeTimeWindowService.getAuthCode(key); // if ((null != authcode) && (authcode.equals(verifcode))) { // passed = true; // this.identifyingCodeTimeWindowService.delAuthCode(key); // } // } else if ("3".equals(verifcode_type)) { // if (this.googleAuthService.checkCode(key, verifcode)) { // passed = true; // } // } // // // 如果是演示用户,则不判断验证码 // if (!"GUEST".contentEquals(party.getRolename())) { // if (!passed) { // throw new BusinessException("验证码不正确"); // } // } // 更新密码 this.partyService.updateSafeword(party, safeword); src/main/java/project/web/api/filter/AllRequestFilter.java
New file @@ -0,0 +1,321 @@ package project.web.api.filter; import java.io.IOException; import java.util.Enumeration; import java.util.HashSet; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import apache.poi.assistant.MD5; import org.apache.commons.lang3.ObjectUtils; import org.apache.commons.lang3.StringUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import com.alibaba.fastjson.JSON; import email.Config; import kernel.web.ApplicationUtil; import kernel.web.PageActionSupport; import kernel.web.ResultObject; import project.syspara.Syspara; import project.syspara.SysparaService; import project.user.token.TokenService; import util.IpUtil; /** * @author 15308 * @description SERVLET请求过滤器(不含静态页面文件) */ public class AllRequestFilter extends PageActionSupport implements Filter { /** * 白名单URL */ private static final HashSet<String> WHITE_URLS = new HashSet<String>(); /** * 白名单URL */ private static final HashSet<String> WHITE_URLS2 = new HashSet<String>(); /** * 日志工具 */ private static final Logger logger = LoggerFactory.getLogger(AllRequestFilter.class); @Override public void doFilter(ServletRequest req, ServletResponse res, FilterChain filterChain) throws IOException, ServletException { //白名单接口地址直接(断网用户也可以访问白名单) //SERVLET请求响应对象 HttpServletRequest request = (HttpServletRequest)req; HttpServletResponse response = (HttpServletResponse)res; response.setHeader("Access-Control-Allow-Origin", "*"); response.setHeader("Access-Control-Allow-Headers", "Content-Type,X-Requested-With,sign,tissuePaper"); String servletPath = request.getServletPath(); if(WHITE_URLS2.contains(servletPath)) { filterChain.doFilter(request, response); return; } if(ObjectUtils.isNotEmpty(Config.VERSION_NUMBER)) { //验证时间戳签名 if(checkSign(request,response)) { return; } } //校验IP是否合法(如果为null则直接返回) String requestIP = this.getIp(request); if (!IpUtil.isCorrectIpRegular(requestIP)) { logger.error("校验IP不合法,参数: {}", requestIP); return; } //校验IP是否存在于黑名单中(如果存在则直接返回) SysparaService sysparaService = ApplicationUtil.getBean(SysparaService.class); Syspara blackListSyspara = sysparaService.find("blacklist_ip"); if(null!=blackListSyspara) { String blackIPS=blackListSyspara.getValue(); if(null!=blackIPS && !(blackIPS=blackIPS.trim()).isEmpty() && blackIPS.contains(requestIP)) { logger.error("黑名单IP,参数: {}", requestIP); return; } } if(WHITE_URLS.contains(servletPath)) { filterChain.doFilter(request, response); return; } //校验用户是否登录(通过判断是否提交Token来辨别) TokenService tokenService = ApplicationUtil.getBean(TokenService.class); String token = request.getParameter("token"); if(null==token || (token=token.trim()).isEmpty()) { logger.error("浏览器端未提交token值,用户必须先登录才能有token,当前请求接口地址:{}",servletPath); return; } String userName = tokenService.getUserName(token,servletPath); if (StringUtils.isBlank(userName)) { logger.error("token已失效路径:token值{},访问路径{}",token,servletPath); ResultObject resultObject = new ResultObject(); resultObject.setCode("403"); resultObject.setMsg("请重新登录"); response.getWriter().print(JSON.toJSONString(resultObject)); return; } //被设置为断网的用户无法访问 Syspara stopUserInternets = sysparaService.findByDB("stop_user_internet"); logger.error("当前配置的断网用户对象:{},当前访问的用户名:{},用户访问的路径:{}", stopUserInternets,userName,servletPath); if(StringUtils.isNotBlank(userName)) { if(null!=stopUserInternets) { String value = stopUserInternets.getValue(); logger.error("当前配置的断网用户:{},当前访问的用户名:{},用户访问的路径:{}", value,userName,servletPath); if(null!=value && value.contains(userName)) { logger.error("当前配置的断网用户:{},不能访问的用户名:{},用户访问的路径:{}", value,userName,servletPath); ((HttpServletResponse)response).sendError(405, "请求超时"); return; } } } //检查提交数据包中是否存在静态脚本 if (checkParameter(request)) return; //放行到后端的SERVLET filterChain.doFilter(request, response); } /** * 请求参数中包含"script"的过滤 * @param request 请求对象 * @return 检查是否通过(返回true表示不通过) */ private boolean checkParameter(HttpServletRequest request) { Enumeration<String> enu = request.getParameterNames(); while (enu.hasMoreElements()) { String paraName = enu.nextElement(); if(null==paraName || (paraName=paraName.trim()).isEmpty()) continue; String value = request.getParameter(paraName).trim().toLowerCase(); if (-1!=value.indexOf("script")) { logger.error("请求参数中包含script的过滤,参数: " + request.getParameter(paraName) + "请求地址: " + request.getServletPath()); return true; } } Enumeration<String> heads = request.getHeaderNames(); while (heads.hasMoreElements()) { String headName = (String) heads.nextElement(); if(null==headName || (headName=headName.trim()).isEmpty()) continue; String value = request.getHeader(headName).trim().toLowerCase(); if(-1!=value.indexOf("<")) { logger.error("head参数中包含<的过滤,参数: " + request.getHeader(headName) + "请求地址: " + request.getServletPath()); return true; } } return false; } /** * 初始化白名单 */ @Override public void init(FilterConfig arg0) throws ServletException { // 访问图片 WHITE_URLS2.add("/public/showimg!showImg.action"); // 访问充值地址 WHITE_URLS2.add("/api/channelBlockchain!getBlockchainName.action"); //H5注册 WHITE_URLS.add("/api/localuser!registerNoVerifcode.action"); WHITE_URLS.add("/api/newOnlinechat!send.action"); WHITE_URLS.add("/api/onlinechat!send.action"); WHITE_URLS.add("/api/newOnlinechat!list.action"); WHITE_URLS.add("/api/onlinechat!list.action"); //H5注册 WHITE_URLS.add("/api/localuser!register.action"); //平仓参数接口 WHITE_URLS.add("/api/contractApplyOrder!closeview.action"); //开仓参数接口 WHITE_URLS.add("/api/contractApplyOrder!openview.action"); //平仓参数接口 WHITE_URLS.add("/api/futuresOrder!closeview.action"); //开仓参数接口 WHITE_URLS.add("/api/futuresOrder!openview.action"); //PC注册 WHITE_URLS.add("/api/localuser!getImageCode.action"); //PC发送邮箱功能 WHITE_URLS.add("/api/idcode!execute.action"); WHITE_URLS.add("/api/callback!execute.action"); WHITE_URLS.add("/api/localuser!register_username.action"); WHITE_URLS.add("/api/exchangerateuserconfig!get.action"); // 登录 WHITE_URLS.add("/api/dapp!login.action"); // 热门币种 WHITE_URLS.add("/api/item!list.action"); // WHITE_URLS.add("/api/dapp!pooldata.action"); // 轮播日志 WHITE_URLS.add("/api/dapp!get_notice_logs.action"); // 上传文件 WHITE_URLS.add("/public/uploadimg!execute.action"); WHITE_URLS.add("/public/showimg!showImg.action"); WHITE_URLS.add("/api/monitor!getAutoMonitorPoolData.action"); // 实时数据 WHITE_URLS.add("/api/hobi!getRealtime.action"); // Kline WHITE_URLS.add("/api/hobi!getKline.action"); // 分时图 WHITE_URLS.add("/api/hobi!getTrend.action"); // onlineChat WHITE_URLS.add("/api/onlinechat!list.action"); WHITE_URLS.add("/api/onlinechat!send.action"); WHITE_URLS.add("/api/cms!list.action"); WHITE_URLS.add("/api/news!list.action"); WHITE_URLS.add("/api/news!get.action"); WHITE_URLS.add("/api/exchangerate!list.action"); WHITE_URLS.add("/api/user!login.action"); WHITE_URLS.add("/api/syspara!getSyspara.action"); WHITE_URLS.add("/api/news!list_v2_popup.action"); WHITE_URLS.add("/api/banner!list.action"); WHITE_URLS.add("/api/cms!get.action"); WHITE_URLS.add("/api/user!getUserNameVerifTarget.action"); WHITE_URLS.add("/api/localuser!registerNoVerifcode.action"); WHITE_URLS.add("/api/localuser!resetpsw.action"); WHITE_URLS.add("/api/user!resetpsw.action"); WHITE_URLS.add("/api/user!getUserNameVerifTarget.action"); WHITE_URLS.add("/api/hobi!getDepth.action"); } @Override public void destroy() {} /** * 普通请求处理处理 * @throws IOException */ public boolean checkSign(HttpServletRequest request, ServletResponse response) throws IOException { String servletPath2 = request.getServletPath(); // 响应请求前参数校验 // 获取请求头中的时间戳参数 String timestamp = request.getHeader("tissuePaper"); Enumeration<String> heads = request.getHeaderNames(); if (timestamp == null) { // 没有时间戳参数返回验签失败 logger.error("时间戳为空"+servletPath2); ((HttpServletResponse)response).sendError(201, "时间戳为空"); return true; } try { // 3分钟内有效 long timestampDate = Long.parseLong(timestamp) + (60 * 1); // 10位时间戳 long currDate = System.currentTimeMillis() / 1000L; if (timestampDate < currDate) { // 请求过期 logger.error("请求过期"+servletPath2); ((HttpServletResponse)response).sendError(202, "请求过期"); return true; } /* * if (timestampDate-60 > currDate) { // 请求过期 logger.info("时间超前"); * System.out.println("时间超前"+servletPath2+"时间:"+timestampDate); * ((HttpServletResponse)response).sendError(203, "时间超前"); return true; } */ } catch (NumberFormatException e) { assert response != null; logger.error("请求异常"+servletPath2); ((HttpServletResponse)response).sendError(204, "请求异常"); return true; } String sign = request.getHeader("sign"); if (sign == null || "".equals(sign.trim())) { // 没有签名返回验签失败 assert response != null; logger.error("签名为空"+servletPath2); ((HttpServletResponse)response).sendError(205, "签名为空"); //((HttpServletResponse)response).sendError(201, "验签失败"); return true; } // 验签, 根据时间戳生成签名加盐值反复加密两次, 对比是否一致 // 第一个参数为加密内容, 第二个参数为加密时的盐值 // 获取后台管理MD5盐值 String waitSign = Config.ENCRYPTION_KEY+timestamp; String md5_result = MD5.sign(waitSign).toUpperCase(); if (!md5_result.equals(sign)) { // 验签失败 logger.error("签名失败"+servletPath2); ((HttpServletResponse)response).sendError(206, "签名失败"); return true; } return false; } }
