Halaman utama Jelajahi Bantuan
Masuk
cicdata
/
cic-data-reportin
2
0
Fork 0
Berkas Masalah 0 Tarik Permintaan 0 Wiki
Jelajahi Sumber

在线用户

tianwu.sun 1 tahun lalu
induk
ff06042f22
melakukan
0f68b68de7
6 mengubah file dengan 40 tambahan dan 8 penghapusan
Tampilan Split Tampilkan Statistik Diff
  1. 11 4
      src/main/java/com/bootdo/system/controller/SessionController.java
  2. 4 2
      src/main/java/com/bootdo/system/service/SessionService.java
  3. 16 2
      src/main/java/com/bootdo/system/service/impl/SessionServiceImpl.java
  4. 3 0
      src/main/resources/application-dev.yml
  5. 3 0
      src/main/resources/application-prod.yml
  6. 3 0
      src/main/resources/application-test.yml

+ 11 - 4
src/main/java/com/bootdo/system/controller/SessionController.java
Tampilan Berkas 

@@ -1,6 +1,7 @@
 
 package com.bootdo.system.controller;
 
 
 import com.bootdo.common.annotation.Log;
 
+import com.bootdo.common.utils.IPUtils;
 
 import com.bootdo.common.utils.R;
 
 import com.bootdo.system.domain.UserOnline;
 
 import com.bootdo.system.service.SessionService;
 
@@ -13,6 +14,7 @@ import org.springframework.web.bind.annotation.RequestMapping;
 
 import org.springframework.web.bind.annotation.ResponseBody;
 
 import org.springframework.web.servlet.mvc.support.RedirectAttributes;
 
 
+import javax.servlet.http.HttpServletRequest;
 
 import java.util.Collection;
 
 import java.util.List;
 
 
@@ -30,15 +32,20 @@ public class SessionController {
 
 
 	@ResponseBody
 
 	@RequestMapping("/list")
 
-	public List<UserOnline> list() {
 
-		return sessionService.list();
 
+	public List<UserOnline> list(HttpServletRequest request) {
 
+		try {
 
+			return sessionService.list(request);
 
+		} catch (Exception e) {
 
+			e.printStackTrace();
 
+			return null;
 
+		}
 
 	}
 
 
 	@ResponseBody
 
 	@RequestMapping("/forceLogout/{sessionId}")
 
-	public R forceLogout(@PathVariable("sessionId") String sessionId, RedirectAttributes redirectAttributes) {
 
+	public R forceLogout(@PathVariable("sessionId") String sessionId,HttpServletRequest request) {
 
 		try {
 
-			sessionService.forceLogout(sessionId);
 
+			sessionService.forceLogout(sessionId,request);
 
 			return R.ok();
 
 		} catch (Exception e) {
 
 			e.printStackTrace();

+ 4 - 2
src/main/java/com/bootdo/system/service/SessionService.java
Tampilan Berkas 

@@ -11,13 +11,15 @@ import org.springframework.stereotype.Service;
 
 
 import com.bootdo.system.domain.UserOnline;
 
 
+import javax.servlet.http.HttpServletRequest;
 
+
 
 @Service
 
 public interface SessionService {
 
-	List<UserOnline> list();
 
+	List<UserOnline> list(HttpServletRequest request) throws Exception;
 
 
 	List<UserDO> listOnlineUser();
 
 
 	Collection<Session> sessionList();
 
 	
-	boolean forceLogout(String sessionId);
 
+	boolean forceLogout(String sessionId,HttpServletRequest request) throws Exception;
 
 }

+ 16 - 2
src/main/java/com/bootdo/system/service/impl/SessionServiceImpl.java
Tampilan Berkas 

@@ -1,5 +1,6 @@
 
 package com.bootdo.system.service.impl;
 
 
+import com.bootdo.common.utils.IPUtils;
 
 import com.bootdo.system.domain.UserDO;
 
 import com.bootdo.system.domain.UserOnline;
 
 import com.bootdo.system.domain.UserToken;
 
@@ -9,8 +10,10 @@ import org.apache.shiro.session.mgt.eis.SessionDAO;
 
 import org.apache.shiro.subject.SimplePrincipalCollection;
 
 import org.apache.shiro.subject.support.DefaultSubjectContext;
 
 import org.springframework.beans.factory.annotation.Autowired;
 
+import org.springframework.beans.factory.annotation.Value;
 
 import org.springframework.stereotype.Service;
 
 
+import javax.servlet.http.HttpServletRequest;
 
 import java.security.Principal;
 
 import java.util.ArrayList;
 
 import java.util.Collection;
 
@@ -25,13 +28,20 @@ import java.util.List;
 
 public class SessionServiceImpl implements SessionService {
 
     private final SessionDAO sessionDAO;
 
 
+    @Value("${api-allow-ip}")
 
+    private String apiAllowIp;
 
+
 
     @Autowired
 
     public SessionServiceImpl(SessionDAO sessionDAO) {
 
         this.sessionDAO = sessionDAO;
 
     }
 
 
     @Override
 
-    public List<UserOnline> list() {
 
+    public List<UserOnline> list(HttpServletRequest request) throws Exception{
 
+        String ip = IPUtils.getIpAddr(request);
 
+        if (!apiAllowIp.contains(ip)) {
 
+            throw new Exception("不允许访问");
 
+        }
 
         List<UserOnline> list = new ArrayList<>();
 
         Collection<Session> sessions = sessionDAO.getActiveSessions();
 
         for (Session session : sessions) {
 
@@ -79,7 +89,11 @@ public class SessionServiceImpl implements SessionService {
 
     }
 
 
     @Override
 
-    public boolean forceLogout(String sessionId) {
 
+    public boolean forceLogout(String sessionId,HttpServletRequest request) throws Exception {
 
+        String ip = IPUtils.getIpAddr(request);
 
+        if (!apiAllowIp.contains(ip)) {
 
+            throw new Exception("不允许访问");
 
+        }
 
         Session session = sessionDAO.readSession(sessionId);
 
         sessionDAO.delete(session);
 
         return true;

File diff ditekan karena terlalu besar
+ 3 - 0
src/main/resources/application-dev.yml


File diff ditekan karena terlalu besar
+ 3 - 0
src/main/resources/application-prod.yml


File diff ditekan karena terlalu besar
+ 3 - 0
src/main/resources/application-test.yml