Skip to content

X
xyqb-user2
Commit 56e358c2 authored by 技术部-任文超's avatar 技术部-任文超
Browse files
Options

重复代码重构,清除无效类,补充注释

parent bb7eacb6
Show whitespace changes
Inline Side-by-side
Showing with 61 additions and 123 deletions
src/main/java/cn/quantgroup/xyqb/aspect/accessable/IpValidateAdvisor.java
View file @ 56e358c2
package cn.quantgroup.xyqb.aspect.accessable;
import cn.quantgroup.xyqb.Constants;
import cn.quantgroup.xyqb.model.JsonResult;
import cn.quantgroup.xyqb.util.IPUtil;
import org.apache.commons.lang3.StringUtils;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.aspectj.lang.annotation.Pointcut;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
......@@ -20,7 +17,6 @@ import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import javax.servlet.http.HttpServletRequest;
import javax.xml.crypto.dsig.keyinfo.PGPData;
import java.util.Objects;
/**
......
src/main/java/cn/quantgroup/xyqb/aspect/captcha/CaptchaNewValidateAdvisor.java
View file @ 56e358c2
package cn.quantgroup.xyqb.aspect.captcha;
import cn.quantgroup.xyqb.Constants;
import cn.quantgroup.xyqb.controller.IBaseController;
import cn.quantgroup.xyqb.model.JsonResult;
import cn.quantgroup.xyqb.thirdparty.jcaptcha.AbstractManageableImageCaptchaService;
import cn.quantgroup.xyqb.util.IPUtil;
import com.octo.captcha.service.CaptchaServiceException;
import java.io.PipedReader;
import java.nio.charset.Charset;
import java.security.PrivateKey;
import java.util.Optional;
import java.util.UUID;
import java.util.concurrent.TimeUnit;
......@@ -35,7 +32,7 @@ import org.springframework.web.context.request.ServletRequestAttributes;
* 类描述:
*
* @author 李宁
* @version 1.0.0 创建时间:15/11/17 14:49 修改人: 修改时间:15/11/17 14:49 修改备注:
* @version 1.0.0 创建时间:15/11/17 14:49
*/
@Aspect
@Component
......@@ -59,6 +56,11 @@ public class CaptchaNewValidateAdvisor {
@Value("${xyqb.auth.captcha.autotest.enable:false}")
private boolean autoTestCaptchaEnabled;
private static final String IMAGE_IP_COUNT = "image:ip";
private static final String IMAGE_PHONE_COUNT = "image:phone";
private static final String IMAGE_DEVICEID_COUNT = "image:deviceId:";
private static final Long FIVE_MIN = 24 * 5L;
/**
* 图形验证码切面
*/
......@@ -66,11 +68,6 @@ public class CaptchaNewValidateAdvisor {
private void needNewCaptchaValidate() {
}
private static final String IMAGE_IP_COUNT = "image:ip";
private static final String IMAGE_PHONE_COUNT = "image:phone";
private static final String IMAGE_DEVICEID_COUNT = "image:deviceId:";
private static final Long FIVE_MIN = 24 * 5L;
/**
* 在受图形验证码保护的接口方法执行前, 执行图形验证码校验
* captchaId 图形验证码key
......@@ -80,7 +77,6 @@ public class CaptchaNewValidateAdvisor {
*/
@Around("needNewCaptchaValidate()")
private Object doCapchaValidate(ProceedingJoinPoint pjp) throws Throwable {
HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
String registerFrom = Optional.ofNullable(request.getParameter("registerFrom")).orElse("");
String captchaId = Optional.ofNullable(request.getParameter("captchaId")).orElse("");
......@@ -88,9 +84,9 @@ public class CaptchaNewValidateAdvisor {
String phoneNo = request.getParameter("phoneNo");
String deviceId = Optional.ofNullable(request.getParameter("deviceId")).orElse("");
String clientIp = IPUtil.getRemoteIP(request);
Long countIP = countIP(clientIp);
Long countIP = countByClientId(clientIp, false);
Long countPhone = countPhone(phoneNo);
Long countDeviceId = countDeviceId(deviceId);
Long countDeviceId = countByClientId(deviceId, true);
IPUtil.logIp(LOGGER, request);
LOGGER.info("使用图形验证码, registerFrom={}, clientIp={},手机号次数:{},设备次数:{},ip次数:{},phone:{}", registerFrom, clientIp,countPhone,countDeviceId,countIP,phoneNo);
//if (countIP > Constants.Image_Need_Count || countPhone > Constants.Image_Need_Count || countDeviceId > Constants.Image_Need_Count) {
......@@ -99,7 +95,6 @@ public class CaptchaNewValidateAdvisor {
LOGGER.info("使用超级图形验证码校验, registerFrom={}, clientIp={}", registerFrom, clientIp);
return pjp.proceed();
}
JsonResult result = JsonResult.buildSuccessResult("图形验证码不正确", "");
result.setBusinessCode("0002");
if (StringUtils.isNotBlank(captchaValue)) {
......@@ -132,24 +127,6 @@ public class CaptchaNewValidateAdvisor {
return StringUtils.equals(SUPER_CAPTCHA_ID, String.valueOf(captchaId)) && StringUtils.equals(SUPER_CAPTCHA, String.valueOf(captchaValue));
}
private Long countIP(String clientIp) {
Long count = 1L;
if (StringUtils.isBlank(clientIp)) {
return count;
} else {
String countString = redisTemplate.opsForValue().get(IMAGE_IP_COUNT + clientIp);
if (StringUtils.isBlank(countString)) {
redisTemplate.opsForValue().set(IMAGE_IP_COUNT + clientIp, String.valueOf(count),
FIVE_MIN, TimeUnit.SECONDS);
} else {
count = Long.valueOf(countString) + 1L;
redisTemplate.opsForValue().set(IMAGE_IP_COUNT + clientIp, String.valueOf(count),
FIVE_MIN, TimeUnit.SECONDS);
}
return count;
}
}
private Long countPhone(String phoneNo) {
Long count = 1L;
String countString = redisTemplate.opsForValue().get(IMAGE_PHONE_COUNT + phoneNo);
......@@ -165,28 +142,26 @@ public class CaptchaNewValidateAdvisor {
}
/**
* 短信发送设备限制
* 短信发送限制
* @param clientId - 设备ID或IP
* @param device - true - 设备,false - IP
* @return
*/
private Long countDeviceId(String deviceId) {
private Long countByClientId(String clientId, boolean device) {
Long count = 1L;
if (StringUtils.isBlank(deviceId)) {
if (StringUtils.isBlank(clientId)) {
return count;
} else {
String countString = redisTemplate.opsForValue().get(IMAGE_DEVICEID_COUNT + deviceId);
String key = (device ? IMAGE_DEVICEID_COUNT : IMAGE_IP_COUNT) + clientId;
String countString = redisTemplate.opsForValue().get(key);
if (StringUtils.isBlank(countString)) {
redisTemplate.opsForValue().set(IMAGE_DEVICEID_COUNT + deviceId, String.valueOf(count),
FIVE_MIN, TimeUnit.SECONDS);
redisTemplate.opsForValue().set(key, String.valueOf(count), FIVE_MIN, TimeUnit.SECONDS);
} else {
count = Long.valueOf(countString) + 1L;
redisTemplate.opsForValue().set(IMAGE_DEVICEID_COUNT + deviceId, String.valueOf(count),
FIVE_MIN, TimeUnit.SECONDS);
redisTemplate.opsForValue().set(key, String.valueOf(count), FIVE_MIN, TimeUnit.SECONDS);
}
return count;
}
}
private HttpServletRequest getRequest() {
ServletRequestAttributes attrs = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
return attrs.getRequest();
}
}
src/main/java/cn/quantgroup/xyqb/aspect/lock/PasswordErrorFiniteValidateAdvisor.java
View file @ 56e358c2
......@@ -53,10 +53,6 @@ public class PasswordErrorFiniteValidateAdvisor {
*/
@Around("passwordErrorFiniteValidate()")
private Object doFiniteValidate(ProceedingJoinPoint pjp) throws Throwable {
// Todo -- 全天候开放监控
/*if(!ValidationUtil.isAtDangerousTime()){
return pjp.proceed();
}*/
HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
// 客户端IP
String clientIp = IPUtil.getRemoteIP(request);
......
src/main/java/cn/quantgroup/xyqb/aspect/logcaller/LogCallHttpAspect.java
View file @ 56e358c2
......@@ -6,7 +6,6 @@ import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Pointcut;
import org.aspectj.lang.reflect.MethodSignature;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.core.Ordered;
......@@ -17,6 +16,7 @@ import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import javax.servlet.http.HttpServletRequest;
import java.util.Objects;
/**
* 调用者记录
......@@ -31,26 +31,32 @@ public class LogCallHttpAspect {
@Pointcut("@annotation(cn.quantgroup.xyqb.aspect.logcaller.LogHttpCaller)")
private void logHttpCaller() {
}
@Around("logHttpCaller()")
public Object record(ProceedingJoinPoint pjp) throws Throwable {
Object result = pjp.proceed();
// 异步记录调用日志
ServletRequestAttributes attrs = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
if(Objects.nonNull(attrs)){
try {
ServletRequestAttributes attrs = (ServletRequestAttributes) RequestContextHolder
.getRequestAttributes();
HttpServletRequest request = attrs.getRequest();
String remoteIP = IPUtil.getRemoteIP(request);
LogCallHttpAspect logCallHttpAspect = ApplicationContextHolder.getBean(LogCallHttpAspect.class);
// 异步记录日志
logCallHttpAspect.asyncRecordIt(pjp,result,remoteIP);
}catch (Exception e){
LOGGER.error("打印http请求日志出错", e);
}
}
return result;
}
/**
* 异步记录日志
* @param pjp
* @param result
* @param remoteIP
*/
@Async("logExecutor")
public void asyncRecordIt(ProceedingJoinPoint pjp, Object result, String remoteIP){
Object[] args = pjp.getArgs();
......
src/main/java/cn/quantgroup/xyqb/controller/ExceptionHandlingController.java
View file @ 56e358c2
package cn.quantgroup.xyqb.controller;
import cn.quantgroup.xyqb.exception.NullUserException;
import cn.quantgroup.xyqb.exception.PasswordErrorLimitException;
import cn.quantgroup.xyqb.exception.UserNotExistException;
import cn.quantgroup.xyqb.exception.VerificationCodeErrorException;
......@@ -25,15 +24,8 @@ public class ExceptionHandlingController implements IBaseController {
private static final Logger LOGGER = LoggerFactory.getLogger(ExceptionHandlingController.class);
private static final JsonResult EXCEPTION_RESULT = new JsonResult("internal error", 500L, "");
@ExceptionHandler(NullUserException.class)
@ResponseStatus(HttpStatus.UNAUTHORIZED)
public JsonResult nullUserException(NullUserException nue) {
return new JsonResult(nue.getMessage(), 401L, null);
}
/**
* 密码错误次数达到上限异常
*
......@@ -47,7 +39,7 @@ public class ExceptionHandlingController implements IBaseController {
}
/**
* 密码错误次数过多异常,提升验证级别
* 短信验证码错误或失效异常
*
* @param vce
* @return
......@@ -58,6 +50,11 @@ public class ExceptionHandlingController implements IBaseController {
return JsonResult.buildErrorStateResult(vce.getMessage(), null, 1L);
}
/**
* 用户不存在异常
* @param unee
* @return
*/
@ExceptionHandler(UserNotExistException.class)
@ResponseStatus(HttpStatus.UNAUTHORIZED)
public JsonResult userNotExistException(UserNotExistException unee) {
......@@ -65,7 +62,11 @@ public class ExceptionHandlingController implements IBaseController {
return new JsonResult(unee.getMessage(), 401L, null);
}
/**
* 其他全局异常
* @param e
* @return
*/
@ExceptionHandler(Exception.class)
public JsonResult exceptionOccurs(Exception e) {
HttpServletRequest request = getRequest();
......
src/main/java/cn/quantgroup/xyqb/controller/external/user/AppController.java
View file @ 56e358c2
package cn.quantgroup.xyqb.controller.external.user;
import cn.quantgroup.xyqb.Constants;
import cn.quantgroup.xyqb.aspect.logcaller.LogHttpCaller;
import cn.quantgroup.xyqb.controller.IBaseController;
import cn.quantgroup.xyqb.entity.Merchant;
import cn.quantgroup.xyqb.entity.User;
import cn.quantgroup.xyqb.entity.UserBtRegister;
import cn.quantgroup.xyqb.entity.UserDetail;
import cn.quantgroup.xyqb.exception.NullUserException;
import cn.quantgroup.xyqb.model.*;
import cn.quantgroup.xyqb.model.session.LoginInfo;
import cn.quantgroup.xyqb.model.session.SessionStruct;
import cn.quantgroup.xyqb.repository.IUserBtRegisterRepository;
import cn.quantgroup.xyqb.repository.IUserRepository;
import cn.quantgroup.xyqb.service.auth.IIdCardService;
import cn.quantgroup.xyqb.service.merchant.IMerchantService;
......@@ -35,8 +32,6 @@ import org.springframework.web.bind.annotation.RestController;
import javax.servlet.http.HttpServletRequest;
import java.sql.Timestamp;
import java.text.ParseException;
import java.util.Objects;
import java.util.Random;
import static cn.quantgroup.xyqb.constant.UserConstant.USER_ERROR_OR_PASSWORD_ERROR;
......
src/main/java/cn/quantgroup/xyqb/exception/NullUserException.java deleted 100644 → 0
View file @ bb7eacb6
package cn.quantgroup.xyqb.exception;
/**
* Created by Miraculous on 15/7/12.
*/
public class NullUserException extends RuntimeException {
private static final long serialVersionUID = -1L;
public NullUserException() {
super("未找到用户");
}
public NullUserException(String message) {
super(message);
}
}
src/main/java/cn/quantgroup/xyqb/service/user/impl/LockIpv4ServiceImpl.java
View file @ 56e358c2
......@@ -55,10 +55,6 @@ public class LockIpv4ServiceImpl implements ILockIpv4Service {
*/
@Override
public void countErrorByIpv4(String ipv4) {
// Todo -- 全天候开放监控
/*if(!ValidationUtil.isAtDangerousTime()){
return;
}*/
if (ValidationUtil.validateIpv4(ipv4) && !IPUtil.whiteOf(ipv4)) {
String ipv4Key = getErrorIpKey(ipv4);
if(!stringRedisTemplate.hasKey(ipv4Key)){
......@@ -99,10 +95,6 @@ public class LockIpv4ServiceImpl implements ILockIpv4Service {
*/
@Override
public void countSuccessByIpv4(String ipv4) {
// Todo -- 全天候开放监控
/*if(!ValidationUtil.isAtDangerousTime()){
return;
}*/
if (ValidationUtil.validateIpv4(ipv4) && !IPUtil.whiteOf(ipv4)) {
String ipv4Key = getSuccessIpKey(ipv4);
if(!stringRedisTemplate.hasKey(ipv4Key)){
......
src/main/java/cn/quantgroup/xyqb/util/IPUtil.java
View file @ 56e358c2
......@@ -71,6 +71,7 @@ public class IPUtil {
* @return
*/
public static String getRemoteIP(HttpServletRequest request) {
Objects.requireNonNull(request, "无效请求");
String ip = request.getHeader("x-original-client-ip");
if (ValidationUtil.validateIpv4(ip) && !Objects.equals(LOCAL_ADDRESS, ip)) {
return ip;
......
src/main/java/cn/quantgroup/xyqb/util/ValidationUtil.java
View file @ 56e358c2
......@@ -15,7 +15,7 @@ import java.util.regex.Pattern;
*/
public class ValidationUtil {
private static String phoneRegExp = "^((13[0-9])|(14[0-9])|(15[0-9])|(17[0-9])|(18[0-9])|(19[0-9]))\\d{8}$";
private static String phoneRegExp = "^1[345789][0-9]{9}$";
private static String chineseNameRegExp = "^[\u4e00-\u9fa5]+(\\.|·)?[\u4e00-\u9fa5]+$";
private static String ipv4RegExp = "^((2[0-4][0-9]|25[0-5]|[01]?[0-9][0-9]?)\\.){3}(2[0-4][0-9]|25[0-5]|[01]?[0-9][0-9]?)$";
private static String localIpv4RegExp = "^((172\\.(1[0-6]|2[0-9]|3[01]))|(192\\.168|169\\.254)|((127|10)\\.(2[0-4][0-9]|25[0-5]|[01]?[0-9][0-9]?)))(\\.(2[0-4][0-9]|25[0-5]|[01]?[0-9][0-9]?)){2}$";
......@@ -42,6 +42,11 @@ public class ValidationUtil {
return matcher.find();
}
/**
* 是否是合法的IPV4地址
* @param ipv4
* @return
*/
public static boolean validateIpv4(String ipv4) {
if (StringUtils.isBlank(ipv4)) {
return false;
......@@ -50,6 +55,11 @@ public class ValidationUtil {
return matcher.find();
}
/**
* 是否是合法的私有IPV4地址
* @param localIpv4
* @return
*/
public static boolean validateLocalIpv4(String localIpv4) {
if (StringUtils.isBlank(localIpv4)) {
return false;
......@@ -83,21 +93,4 @@ public class ValidationUtil {
return MD5Util.build(_key.toString());
}
public static boolean isAtDangerousTime() {
Calendar now = Calendar.getInstance();
int hour = now.get(Calendar.HOUR_OF_DAY);
return Constants.DANGEROUS_TIME_START <= hour || hour < Constants.DANGEROUS_TIME_END;
}
public static boolean validateChannelId(Long channelId) {
return channelId == 0L ? false : true;
}
public static boolean isNull(Object object) {
if (object == null) {
return true;
}
return false;
}
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment