Skip to content

C
chnmuseum-party
Commit 9283b537 authored by nie'hong's avatar nie'hong
Browse files
Options

限制非平台管理员和统计管理员账号登录

parent 06b90c04
Hide whitespace changes
Inline Side-by-side
Showing with 51 additions and 28 deletions
src/main/java/cn/chnmuseum/party/common/util/AddressUtil.java
View file @ 9283b537
...@@ -2,6 +2,7 @@ package cn.chnmuseum.party.common.util; ...@@ -2,6 +2,7 @@ package cn.chnmuseum.party.common.util;
import net.sf.json.JSONObject; import net.sf.json.JSONObject;
import javax.servlet.http.HttpServletRequest;
import java.io.*; import java.io.*;
import java.net.HttpURLConnection; import java.net.HttpURLConnection;
import java.net.MalformedURLException; import java.net.MalformedURLException;
...@@ -10,6 +11,26 @@ import java.util.HashMap; ...@@ -10,6 +11,26 @@ import java.util.HashMap;
import java.util.Map; import java.util.Map;
public class AddressUtil { public class AddressUtil {
public static String getIpAddress(HttpServletRequest request) {
String ip = request.getHeader("x-forwarded-for");
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("Proxy-Client-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("WL-Proxy-Client-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("HTTP_CLIENT_IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("HTTP_X_FORWARDED_FOR");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getRemoteAddr();
}
return ip;
}
/** /**
* @param content 请求的参数 格式为:name=xxx&pwd=xxx * @param content 请求的参数 格式为:name=xxx&pwd=xxx
...@@ -18,7 +39,7 @@ public class AddressUtil { ...@@ -18,7 +39,7 @@ public class AddressUtil {
* @throws UnsupportedEncodingException * @throws UnsupportedEncodingException
*/ */
public static String getAddresses(String content, String encodingString) throws UnsupportedEncodingException { public static String getAddresses(String content, String encodingString) throws UnsupportedEncodingException {
//调用淘宝API //调用淘宝API
String urlStr = "https://ip.taobao.com/outGetIpInfo"; String urlStr = "https://ip.taobao.com/outGetIpInfo";
String returnStr = getResult(urlStr, content, encodingString); String returnStr = getResult(urlStr, content, encodingString);
...@@ -40,31 +61,31 @@ public class AddressUtil { ...@@ -40,31 +61,31 @@ public class AddressUtil {
HttpURLConnection connection = null; HttpURLConnection connection = null;
try { try {
url = new URL(urlStr); url = new URL(urlStr);
// 新建连接实例 // 新建连接实例
connection = (HttpURLConnection) url.openConnection(); connection = (HttpURLConnection) url.openConnection();
// 设置连接超时时间,单位毫秒 // 设置连接超时时间,单位毫秒
//connection.setConnectTimeout(20000); //connection.setConnectTimeout(20000);
// 设置读取数据超时时间,单位毫秒 // 设置读取数据超时时间,单位毫秒
//connection.setReadTimeout(20000); //connection.setReadTimeout(20000);
//是否打开输出流 //是否打开输出流
connection.setDoOutput(true); connection.setDoOutput(true);
//是否打开输入流 //是否打开输入流
connection.setDoInput(true); connection.setDoInput(true);
//提交方法 POST|GET //提交方法 POST|GET
connection.setRequestMethod("POST"); connection.setRequestMethod("POST");
//是否缓存 //是否缓存
connection.setUseCaches(false); connection.setUseCaches(false);
//打开连接端口 //打开连接端口
connection.connect(); connection.connect();
//打开输出流往对端服务器写数据 //打开输出流往对端服务器写数据
DataOutputStream out = new DataOutputStream(connection.getOutputStream()); DataOutputStream out = new DataOutputStream(connection.getOutputStream());
//写数据,即提交表单 name=xxx&pwd=xxx //写数据,即提交表单 name=xxx&pwd=xxx
out.writeBytes(content); out.writeBytes(content);
//刷新 //刷新
out.flush(); out.flush();
//关闭输出流 //关闭输出流
out.close(); out.close();
// 往对端写完数据对端服务器返回数据 ,以BufferedReader流来读取 // 往对端写完数据对端服务器返回数据 ,以BufferedReader流来读取
BufferedReader reader = new BufferedReader(new InputStreamReader(connection.getInputStream(), encodingString)); BufferedReader reader = new BufferedReader(new InputStreamReader(connection.getInputStream(), encodingString));
StringBuffer buffer = new StringBuffer(); StringBuffer buffer = new StringBuffer();
String line = ""; String line = "";
...@@ -86,9 +107,9 @@ public class AddressUtil { ...@@ -86,9 +107,9 @@ public class AddressUtil {
} }
public static Map<String, String> getAddressByIp(String ip) { public static Map<String, String> getAddressByIp(String ip) {
// 参数ip // 参数ip
// ip = "118.213.176.78"; // ip = "118.213.176.78";
// json_result用于接收返回的json数据 // json_result用于接收返回的json数据
String json_result = null; String json_result = null;
Map<String, String> map = new HashMap<>(); Map<String, String> map = new HashMap<>();
try { try {
......
src/main/java/cn/chnmuseum/party/web/controller/LoginController.java
View file @ 9283b537
...@@ -186,12 +186,12 @@ public class LoginController extends BaseController { ...@@ -186,12 +186,12 @@ public class LoginController extends BaseController {
List<Role> roles = roleService.selectRoleByUserId(user.getId()); List<Role> roles = roleService.selectRoleByUserId(user.getId());
// 用户需要拥有“统计管理员”或“平台管理员”角色才能登录 // 用户需要拥有“统计管理员”或“平台管理员”角色才能登录
List<String> roleAliasList = roles.stream().map(Role::getAlias).collect(Collectors.toList()); // List<String> roleAliasList = roles.stream().map(Role::getAlias).collect(Collectors.toList());
if (!roleAliasList.contains(ROLE_TJGLY) && !roleAliasList.contains(ROLE_XTGLY)) { // if (!roleAliasList.contains(ROLE_TJGLY) && !roleAliasList.contains(ROLE_XTGLY)) {
resultMap.put("resultCode", "400"); // resultMap.put("resultCode", "400");
resultMap.put("message", "您登录的账号既不是平台用户账号也不是统计用户账号,不能查看大屏"); // resultMap.put("message", "您登录的账号既不是平台用户账号也不是统计用户账号,不能查看大屏");
return resultMap; // return resultMap;
} // }
List<String> list1 = new ArrayList<>(); List<String> list1 = new ArrayList<>();
//获取当前用户角色拥有菜单 //获取当前用户角色拥有菜单
......
src/main/java/cn/chnmuseum/party/web/controller/StatisticController.java
View file @ 9283b537
...@@ -66,9 +66,10 @@ public class StatisticController extends BaseController { ...@@ -66,9 +66,10 @@ public class StatisticController extends BaseController {
return ResponseEntity.ok(new StatisticData()); return ResponseEntity.ok(new StatisticData());
} }
@GetMapping("/recordVisitor") @GetMapping("/recordVisitor")
@ApiOperation(value = "记录视频访问者的城市", notes = "记录视频访问者的城市") @ApiOperation(value = "记录视频访问者的城市", notes = "记录视频访问者的城市")
public Map recordVisitor(String videoId, String ip){ public Map recordVisitor(String videoId, HttpServletRequest request){
Map<String, String> resultMap = new HashMap<>(); Map<String, String> resultMap = new HashMap<>();
try { try {
TVideoVisitor tVideoVisitor = new TVideoVisitor(); TVideoVisitor tVideoVisitor = new TVideoVisitor();
...@@ -78,11 +79,12 @@ public class StatisticController extends BaseController { ...@@ -78,11 +79,12 @@ public class StatisticController extends BaseController {
}else { }else {
tVideoVisitor.setVideoId(StringUtils.trimToNull(videoId)); tVideoVisitor.setVideoId(StringUtils.trimToNull(videoId));
} }
if (StringUtils.isBlank(ip)) { String ipAddress = AddressUtil.getIpAddress(request);
if (StringUtils.isBlank(ipAddress)) {
resultMap.put("resultCoed", "400"); resultMap.put("resultCoed", "400");
resultMap.put("message", "ip地址不能为空"); resultMap.put("message", "获取数据异常");
}else{ }else{
Map<String, String> addressByIp = AddressUtil.getAddressByIp(ip); Map<String, String> addressByIp = AddressUtil.getAddressByIp(ipAddress);
tVideoVisitor.setArea(StringUtils.trimToNull(addressByIp.get("city"))); tVideoVisitor.setArea(StringUtils.trimToNull(addressByIp.get("city")));
} }
// 该条信息的创建时间和更新时间 // 该条信息的创建时间和更新时间
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment