SpringbootブロッキングによるIPブラックリストの実装
6129 ワード
SpringbootブロッキングによるIPブラックリストの実装
一・業務シーンと実現すべき機能
redis IP 。
: , 。
: IP, , ip redis , redis ip
二・Springbootでブロックを定義する
@Order(0)
@Aspect
@Component
public class AopInterceptor {
/**
*
*/
@Pointcut("execution(* com.test.test.api.controller.test.test.*(..))")
public void pointCut() {
}
/**
*
*
* @throws Throwable
*/
@Around(value = "pointCut()")
public Object around(ProceedingJoinPoint point) throws Throwable {
try {
HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
//
String ip = getIpAddress(request);
if (checkIpBlack(ip)) {
//ip false
//return false;
DefaultResponse defaultResponse = new DefaultResponse();
defaultResponse.setCode(-1);
defaultResponse.setMessage("ip , .");
SysLogHelper.log("IpBlackAopInterceptor", " ip" + ip, "ip , ");
return defaultResponse;
} else {
//ip true
SysLogHelper.log("IpBlackAopInterceptor", " ip" + ip, "ip , ");
return point.proceed();
}
} catch (Exception e) {
e.printStackTrace();
SysLogHelper.error("IpBlackAopInterceptor :", ExceptionUtils.getMessage(e) + " " + ExceptionUtils.getStackTrace(e), null);
}
return point.getArgs();
}
// IP , ( ip redis )
public boolean checkIpBlack(String ip) throws Exception {
IpBlackBody body = new IpBlackBody();
body = cacheHelper.get("IpBlack:ips", IpBlackBody.class);
if (body != null) {
for (int i = 0; i < body.getIp().length; i++) {
if (body.getIp()[i].equals(ip))
return true;
}
}
return false;
}
}
三、要求ホストIPアドレスの取得
public final static String getIpAddress(HttpServletRequest request)
throws IOException {
// IP , , IP
String ip = request.getHeader("x-forwarded-for");
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
if (ip == null || ip.length() == 0
|| "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("Proxy-Client-IP");
}
if (ip == null || ip.length() == 0
|| "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("WL-Proxy-Client-IP");
}
if (ip == null || ip.length() == 0
|| "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("HTTP_CLIENT_IP");
}
if (ip == null || ip.length() == 0
|| "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("HTTP_X_FORWARDED_FOR");
}
if (ip == null || ip.length() == 0
|| "unknown".equalsIgnoreCase(ip)) {
ip = request.getRemoteAddr();
}
} else if (ip.length() > 15) {
String[] ips = ip.split(",");
for (int index = 0; index < ips.length; index++) {
String strIp = (String) ips[index];
if (!("unknown".equalsIgnoreCase(strIp))) {
ip = strIp;
break;
}
}
}
return ip;
}
四・インタフェースを拡張し、ブラックリストIPをredisに書き込むことを実現し、現在のすべてのブラックリストIPに戻る
@RestController
public class IpBlackController {
@Autowired(required = false)
private CacheHelper cacheHelper;
@PostMapping("/testIpBlack")
public IpBlackBody IpBlack(@RequestBody IpBlackBody ipBlackBody) throws Exception {
IpBlackBody body = new IpBlackBody();
body = cacheHelper.get("IpBlack:ips", IpBlackBody.class);
if (body != null) {
// IP redis ip
linkArray(body.getIp(), ipBlackBody.getIp());
// body
body.setIp(linkArray(body.getIp(), ipBlackBody.getIp()));
//setex S, ,
// body ip redis
cacheHelper.setex("IpBlack:ips", 86400, body);
} else {
cacheHelper.setex("IpBlack:ips", 86400, ipBlackBody);
body = cacheHelper.get("IpBlack:ips", IpBlackBody.class);
return body;
}
return body;
}
// String[]
public static String[] linkArray(String[] array1, String[] array2) {
List list = new ArrayList<>();
if (array1 == null) {
return array2;
}
if (array2 == null) {
return array1;
}
for (int i = 0; i < array1.length; i++) {
list.add(array1[i]);
}
for (int i = 0; i < array2.length; i++) {
list.add(array2[i]);
}
String[] returnValue = new String[list.size()];
for (int i = 0; i < list.size(); i++) {
returnValue[i] = list.get(i);
}
return returnValue;
}
}
: controller controller , , :
1. ip
2. ip ( redis ip )
redis , IP redis IP 。
: springboot 。