f296e63af38568909d0063e3849b3298685beae4.svn-base 3.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172
  1. package cn.com.goldenwater.dcproj.intercepter;
  2. import cn.com.goldenwater.dcproj.utils.ReturnUtils;
  3. import cn.com.goldenwater.dcproj.utils.UserMsgSectrityUtils;
  4. import org.apache.commons.lang3.StringUtils;
  5. import org.slf4j.Logger;
  6. import org.slf4j.LoggerFactory;
  7. import org.springframework.beans.factory.annotation.Autowired;
  8. import org.springframework.beans.factory.annotation.Value;
  9. import org.springframework.data.redis.core.RedisTemplate;
  10. import org.springframework.stereotype.Component;
  11. import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
  12. import javax.servlet.http.HttpServletRequest;
  13. import javax.servlet.http.HttpServletResponse;
  14. import java.util.concurrent.TimeUnit;
  15. /**
  16. *
  17. * 用于处理请求路径上的用户参数
  18. * */
  19. @Component
  20. public class PathVariableInterceptor extends HandlerInterceptorAdapter {
  21. @Value("${intercept.enable}")
  22. public Boolean enterceptEnable;
  23. private Logger logger = LoggerFactory.getLogger(getClass());
  24. @Autowired
  25. private RedisTemplate redisTemplate;
  26. @Override
  27. public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
  28. if(enterceptEnable) {
  29. String phone=request.getParameter("phone");
  30. if(StringUtils.isBlank(phone) && !UserMsgSectrityUtils.isMobileNO(phone)){
  31. ReturnUtils.responseFail(response,"手机号信息不能为空",9991);
  32. return false;
  33. }
  34. String blackIp= (String) redisTemplate.opsForValue().get("blackList:"+phone);
  35. if(phone.equals(blackIp)){
  36. ReturnUtils.responseFail(response,"检测到该手机号登录过于频繁,可能存在恶意操作,系统已将手机用户暂时列入黑名单,如果疑问,请1小时后再试!",9991);
  37. return false;
  38. }
  39. long startTime= redisTemplate.opsForValue().get(phone+"_time")==null?0L: Long.valueOf(redisTemplate.opsForValue().get(phone+"_time")+"");
  40. if(startTime==0L){
  41. redisTemplate.opsForValue().set(phone+"_time",System.currentTimeMillis());
  42. redisTemplate.opsForValue().set(phone+"_login_count",1);
  43. }else{
  44. int count= redisTemplate.opsForValue().get(phone+"_login_count")==null?0: (int) redisTemplate.opsForValue().get(phone+"_login_count");
  45. if(count<20){
  46. count=count+1;
  47. redisTemplate.opsForValue().set(phone+"_login_count",count);
  48. }else{
  49. long time=(System.currentTimeMillis()-startTime)/3600000L;
  50. if(time>1){
  51. redisTemplate.opsForValue().set(phone+"_login_count",0);
  52. redisTemplate.opsForValue().set(phone+"_time",0L);
  53. }else{
  54. redisTemplate.opsForValue().set("blackList:"+phone,phone,3600000L,TimeUnit.MILLISECONDS);
  55. ReturnUtils.responseFail(response,"检测到该手机号登录过于频繁,可能存在恶意操作,系统已将手机用户暂时列入黑名单,如果疑问,请1小时后再试!",9991);
  56. return false;
  57. }
  58. }
  59. }
  60. }
  61. return true;
  62. }
  63. }