Commit 9283b537 authored by nie'hong's avatar nie'hong

限制非平台管理员和统计管理员账号登录

parent 06b90c04
......@@ -2,6 +2,7 @@ package cn.chnmuseum.party.common.util;
import net.sf.json.JSONObject;
import javax.servlet.http.HttpServletRequest;
import java.io.*;
import java.net.HttpURLConnection;
import java.net.MalformedURLException;
......@@ -10,6 +11,26 @@ import java.util.HashMap;
import java.util.Map;
public class AddressUtil {
public static String getIpAddress(HttpServletRequest request) {
String ip = request.getHeader("x-forwarded-for");
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("Proxy-Client-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("WL-Proxy-Client-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("HTTP_CLIENT_IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("HTTP_X_FORWARDED_FOR");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getRemoteAddr();
}
return ip;
}
/**
* @param content 请求的参数 格式为:name=xxx&pwd=xxx
......@@ -18,7 +39,7 @@ public class AddressUtil {
* @throws UnsupportedEncodingException
*/
public static String getAddresses(String content, String encodingString) throws UnsupportedEncodingException {
//调用淘宝API
//调用淘宝API
String urlStr = "https://ip.taobao.com/outGetIpInfo";
String returnStr = getResult(urlStr, content, encodingString);
......@@ -40,31 +61,31 @@ public class AddressUtil {
HttpURLConnection connection = null;
try {
url = new URL(urlStr);
// 新建连接实例
// 新建连接实例
connection = (HttpURLConnection) url.openConnection();
// 设置连接超时时间,单位毫秒
//connection.setConnectTimeout(20000);
// 设置读取数据超时时间,单位毫秒
//connection.setReadTimeout(20000);
//是否打开输出流
// 设置连接超时时间,单位毫秒
//connection.setConnectTimeout(20000);
// 设置读取数据超时时间,单位毫秒
//connection.setReadTimeout(20000);
//是否打开输出流
connection.setDoOutput(true);
//是否打开输入流
//是否打开输入流
connection.setDoInput(true);
//提交方法 POST|GET
//提交方法 POST|GET
connection.setRequestMethod("POST");
//是否缓存
//是否缓存
connection.setUseCaches(false);
//打开连接端口
//打开连接端口
connection.connect();
//打开输出流往对端服务器写数据
//打开输出流往对端服务器写数据
DataOutputStream out = new DataOutputStream(connection.getOutputStream());
//写数据,即提交表单 name=xxx&pwd=xxx
//写数据,即提交表单 name=xxx&pwd=xxx
out.writeBytes(content);
//刷新
//刷新
out.flush();
//关闭输出流
//关闭输出流
out.close();
// 往对端写完数据对端服务器返回数据 ,以BufferedReader流来读取
// 往对端写完数据对端服务器返回数据 ,以BufferedReader流来读取
BufferedReader reader = new BufferedReader(new InputStreamReader(connection.getInputStream(), encodingString));
StringBuffer buffer = new StringBuffer();
String line = "";
......@@ -86,9 +107,9 @@ public class AddressUtil {
}
public static Map<String, String> getAddressByIp(String ip) {
// 参数ip
// 参数ip
// ip = "118.213.176.78";
// json_result用于接收返回的json数据
// json_result用于接收返回的json数据
String json_result = null;
Map<String, String> map = new HashMap<>();
try {
......
......@@ -186,12 +186,12 @@ public class LoginController extends BaseController {
List<Role> roles = roleService.selectRoleByUserId(user.getId());
// 用户需要拥有“统计管理员”或“平台管理员”角色才能登录
List<String> roleAliasList = roles.stream().map(Role::getAlias).collect(Collectors.toList());
if (!roleAliasList.contains(ROLE_TJGLY) && !roleAliasList.contains(ROLE_XTGLY)) {
resultMap.put("resultCode", "400");
resultMap.put("message", "您登录的账号既不是平台用户账号也不是统计用户账号,不能查看大屏");
return resultMap;
}
// List<String> roleAliasList = roles.stream().map(Role::getAlias).collect(Collectors.toList());
// if (!roleAliasList.contains(ROLE_TJGLY) && !roleAliasList.contains(ROLE_XTGLY)) {
// resultMap.put("resultCode", "400");
// resultMap.put("message", "您登录的账号既不是平台用户账号也不是统计用户账号,不能查看大屏");
// return resultMap;
// }
List<String> list1 = new ArrayList<>();
//获取当前用户角色拥有菜单
......
......@@ -66,9 +66,10 @@ public class StatisticController extends BaseController {
return ResponseEntity.ok(new StatisticData());
}
@GetMapping("/recordVisitor")
@ApiOperation(value = "记录视频访问者的城市", notes = "记录视频访问者的城市")
public Map recordVisitor(String videoId, String ip){
public Map recordVisitor(String videoId, HttpServletRequest request){
Map<String, String> resultMap = new HashMap<>();
try {
TVideoVisitor tVideoVisitor = new TVideoVisitor();
......@@ -78,11 +79,12 @@ public class StatisticController extends BaseController {
}else {
tVideoVisitor.setVideoId(StringUtils.trimToNull(videoId));
}
if (StringUtils.isBlank(ip)) {
String ipAddress = AddressUtil.getIpAddress(request);
if (StringUtils.isBlank(ipAddress)) {
resultMap.put("resultCoed", "400");
resultMap.put("message", "ip地址不能为空");
resultMap.put("message", "获取数据异常");
}else{
Map<String, String> addressByIp = AddressUtil.getAddressByIp(ip);
Map<String, String> addressByIp = AddressUtil.getAddressByIp(ipAddress);
tVideoVisitor.setArea(StringUtils.trimToNull(addressByIp.get("city")));
}
// 该条信息的创建时间和更新时间
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment