#

LSH

2023-11-21 3d3bfa5cb4efbf784254dcb5fb22da35e34dcbff

 src/main/java/com/zy/common/config/AdminInterceptor.java

@@ -1,15 +1,22 @@
package com.zy.common.config;

import com.alibaba.fastjson.JSON;
import com.baomidou.mybatisplus.mapper.EntityWrapper;
import com.core.annotations.ManagerAuth;
import com.core.common.BaseRes;
import com.core.common.Cools;
import com.google.common.util.concurrent.RateLimiter;
import com.zy.asrs.entity.ApiConfig;
import com.zy.asrs.service.ApiConfigService;
import com.zy.common.model.annotations.RateLimit;
import com.zy.common.utils.Http;
import com.zy.system.entity.*;
import com.zy.system.entity.Permission;
import com.zy.system.entity.RolePermission;
import com.zy.system.entity.User;
import com.zy.system.entity.UserLogin;
import com.zy.system.service.*;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.HttpStatus;
import org.springframework.lang.Nullable;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
@@ -19,6 +26,7 @@
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.lang.reflect.Method;
import java.util.concurrent.TimeUnit;

/**
 * Created by vincent on 2019-06-13
@@ -38,6 +46,10 @@
    private PermissionService permissionService;
    @Autowired
    private RolePermissionService rolePermissionService;
    @Autowired
    private ApiConfigService apiConfigService;

    private final RateLimiter rateLimiter = RateLimiter.create(10);// 默认每秒最多处理 10 个请求

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
@@ -45,6 +57,17 @@
        if (handler instanceof org.springframework.web.servlet.resource.ResourceHttpRequestHandler) {
            return true;
        }
        HandlerMethod handlerMethod = (HandlerMethod) handler;
        Method method = handlerMethod.getMethod();
        if (method.isAnnotationPresent(RateLimit.class)){
            RateLimit annotation = method.getAnnotation(RateLimit.class);
            rateLimiter.setRate(annotation.value());
            if (!rateLimiter.tryAcquire(annotation.value(), TimeUnit.SECONDS)) {
                response.setStatus(HttpStatus.TOO_MANY_REQUESTS.value());
                return false;
            }
        }

        // super账号
        String token = request.getHeader("token");
        if (token!=null) {
@@ -64,25 +87,35 @@
        }
        // 跨域设置
        // response.setHeader("Access-Control-Allow-Origin", "*");
        HandlerMethod handlerMethod = (HandlerMethod) handler;
        Method method = handlerMethod.getMethod();
        if (method.isAnnotationPresent(ManagerAuth.class)){
            ManagerAuth annotation = method.getAnnotation(ManagerAuth.class);
            if (annotation.value().equals(ManagerAuth.Auth.CHECK)){
                return check(request, response, annotation.memo());
            }
        }

        //判断请求路径是否在接口配置中
        String servletPath = request.getServletPath();
        ApiConfig apiConfig = apiConfigService.selectByUrl(servletPath);
        if (apiConfig != null) {
            if(apiConfig.getStatus() == 1){
                //api被禁用
                Http.response(response, BaseRes.LIMIT);
                return false;
            }
        }

        return true;
    }

    @Override
    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, @Nullable ModelAndView modelAndView) {
        Object obj = request.getAttribute("operateLog");
        if (obj instanceof OperateLog) {
            OperateLog operate = (OperateLog) obj;
            operate.setResponse(String.valueOf(response.getStatus()));
            operateLogService.insert(operate);
        }
//        Object obj = request.getAttribute("operateLog");
//        if (obj instanceof OperateLog) {
//            OperateLog operate = (OperateLog) obj;
//            operate.setResponse(String.valueOf(response.getStatus()));
//            operateLogService.insert(operate);
//        }
    }

    private boolean check(HttpServletRequest request, HttpServletResponse response, String memo) {
@@ -107,14 +140,14 @@
                return false;
            }
            // 操作日志
            OperateLog operateLog = new OperateLog();
            operateLog.setAction(Cools.isEmpty(memo)?request.getRequestURI():memo);
            operateLog.setIp(request.getRemoteAddr());
            operateLog.setUserId(user.getId());
            operateLog.setRequest(JSON.toJSONString(request.getParameterMap()));
//            OperateLog operateLog = new OperateLog();
//            operateLog.setAction(Cools.isEmpty(memo)?request.getRequestURI():memo);
//            operateLog.setIp(request.getRemoteAddr());
//            operateLog.setUserId(user.getId());
//            operateLog.setRequest(JSON.toJSONString(request.getParameterMap()));
            // 请求缓存
            request.setAttribute("userId", user.getId());
            request.setAttribute("operateLog", operateLog);
//            request.setAttribute("operateLog", operateLog);
            return true;
        } catch (Exception e){
            Http.response(response, BaseRes.DENIED);