增加白名单访问控制拦截器

doc-framework/src/main/java/com/doc/framework/config/ResourcesConfig.java

@@ -3,6 +3,7 @@ package com.doc.framework.config;
 import com.doc.common.config.RuoYiConfig;
 import com.doc.common.constant.Constants;
 import com.doc.framework.interceptor.RepeatSubmitInterceptor;
+import com.doc.framework.interceptor.WhiteListInterceptor;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.http.CacheControl;
@@ -25,6 +26,8 @@ import java.util.concurrent.TimeUnit;
 public class ResourcesConfig implements WebMvcConfigurer {
     @Resource
     private RepeatSubmitInterceptor repeatSubmitInterceptor;
+    @Resource
+    private WhiteListInterceptor whiteListInterceptor;
 
     @Override
     public void addResourceHandlers(ResourceHandlerRegistry registry) {
@@ -44,7 +47,10 @@ public class ResourcesConfig implements WebMvcConfigurer {
      */
     @Override
     public void addInterceptors(InterceptorRegistry registry) {
+        //下面这句代码相当于添加一个拦截器，添加的拦截器就是我们刚刚创建的
+        //addPathPatterns()配置我们要拦截哪些路径 addPathPatterns("/**")表示拦截所有请求，包括我们的静态资源
         registry.addInterceptor(repeatSubmitInterceptor).addPathPatterns("/**");
+        registry.addInterceptor(whiteListInterceptor).addPathPatterns("/**");
     }
 
     /**

doc-framework/src/main/java/com/doc/framework/interceptor/WhiteListInterceptor.java

@@ -0,0 +1,55 @@
+package com.doc.framework.interceptor;
+
+import com.doc.common.utils.StringUtils;
+import com.doc.common.utils.ip.IpUtils;
+import com.doc.system.service.ISysConfigService;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.stereotype.Component;
+import org.springframework.web.servlet.HandlerInterceptor;
+
+import javax.annotation.Resource;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.io.PrintWriter;
+
+/**
+ * 白名单拦截
+ *
+ * @author wukai
+ */
+@Slf4j
+@Component
+public class WhiteListInterceptor implements HandlerInterceptor {
+    @Resource
+    private ISysConfigService configService;
+
+    @Override
+    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
+        String whiteList = configService.selectConfigByKey("access.whiteIPList");
+        String no = "false";
+        if (StringUtils.isEmpty(whiteList) || no.equals(whiteList)) {
+            return true;
+        }
+        if (IpUtils.isMatchedIp(whiteList, IpUtils.getIpAddr())) {
+            return true;
+        } else {
+            returnJson(response);
+            return false;
+        }
+    }
+
+    /**
+     * 设置请求拦截返回参数
+     *
+     * @param response 返回
+     */
+    private void returnJson(HttpServletResponse response) {
+        response.setCharacterEncoding("UTF-8");
+        response.setContentType("text/html; charset=utf-8");
+        try (PrintWriter writer = response.getWriter()) {
+            writer.print("{ \"msg\": \"非法IP访问\", \"code\": 417}");
+        } catch (IOException ignored) {
+        }
+    }
+}

doc-framework/src/main/java/com/doc/framework/interceptor/impl/SameUrlDataInterceptor.java

@@ -29,14 +29,15 @@ public class SameUrlDataInterceptor extends RepeatSubmitInterceptor {
 
     public final String REPEAT_TIME = "repeatTime";
 
-    // 令牌自定义标识
+    /**
+     * 令牌自定义标识
+     */
     @Value("${token.header}")
     private String header;
 
     @Resource
     private RedisCache redisCache;
 
-    @SuppressWarnings("unchecked")
     @Override
     public boolean isRepeatSubmit(HttpServletRequest request, RepeatSubmit annotation) {
         String nowParams = "";