From 05a7b85b78eb154bdef86134ee9c5630956f8943 Mon Sep 17 00:00:00 2001
From: ludc
Date: 星期四, 23 三月 2023 11:41:08 +0800
Subject: [PATCH] 修改ip访问白名单配置开启
---
Source/BladeX/blade-auth/src/main/java/org/springblade/auth/service/BladeUserDetailsServiceImpl.java | 33 ++++++++++++++-------------------
1 files changed, 14 insertions(+), 19 deletions(-)
diff --git a/Source/BladeX/blade-auth/src/main/java/org/springblade/auth/service/BladeUserDetailsServiceImpl.java b/Source/BladeX/blade-auth/src/main/java/org/springblade/auth/service/BladeUserDetailsServiceImpl.java
index f1d2fdf..d5c89f4 100644
--- a/Source/BladeX/blade-auth/src/main/java/org/springblade/auth/service/BladeUserDetailsServiceImpl.java
+++ b/Source/BladeX/blade-auth/src/main/java/org/springblade/auth/service/BladeUserDetailsServiceImpl.java
@@ -18,7 +18,8 @@
import com.alibaba.nacos.common.utils.StringUtils;
import io.jsonwebtoken.Claims;
-import lombok.*;
+import lombok.RequiredArgsConstructor;
+import lombok.SneakyThrows;
import me.zhyd.oauth.log.Log;
import org.springblade.auth.constant.AuthConstant;
import org.springblade.auth.utils.TokenUtil;
@@ -36,11 +37,9 @@
import org.springblade.system.user.entity.UserInfo;
import org.springblade.system.user.enums.UserEnum;
import org.springblade.system.user.feign.IUserClient;
-import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
-import org.springframework.security.core.authority.GrantedAuthoritiesContainer;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
@@ -50,11 +49,7 @@
import javax.servlet.http.HttpServletRequest;
import java.time.Duration;
import java.util.ArrayList;
-import java.util.LinkedHashMap;
import java.util.List;
-import java.util.NoSuchElementException;
-import java.util.function.Predicate;
-import java.util.stream.Stream;
/**
* 鐢ㄦ埛淇℃伅
@@ -91,10 +86,12 @@
private String userName;
@Value("${user-info.passwrod}")
private String password;
- @Value("#{'${user-info.ip}'.split(',')}")
- private List<String> ips;
@Value("${user-info.id}")
private String id;
+ @Value("${ip-whitelist.ip-enable}")
+ private Boolean ipEnable;
+ @Value("#{'${ip-whitelist.ip}'.split(',')}")
+ private List<String> ips;
@Override
@SneakyThrows
@@ -131,12 +128,14 @@
setFailCount(tenantId, username, count);
throw new UsernameNotFoundException(TokenUtil.USER_NOT_FOUND);
}
- Log.debug(getIpAddress(request));
//濡傛灉ip姣斿鍚巊et鎶涘嚭寮傚父No value present灏辩洿鎺ユ姏寮傚父缁撴潫鐧诲綍
- try {
- ips.stream().filter(s -> s.equals(getIpAddress(request))).findFirst().get();
- } catch (Exception e){
- throw new UserDeniedAuthorizationException(TokenUtil.IP_NOT_FOND);
+ if(ipEnable){
+ Log.debug("褰撳墠璁块棶IP锛�"+getIpAddress(request));
+ try {
+ ips.stream().filter(s -> s.equals(getIpAddress(request))).findFirst().get();
+ } catch (Exception e){
+ throw new UserDeniedAuthorizationException(TokenUtil.IP_NOT_FOND);
+ }
}
ArrayList<GrantedAuthority> authorities = new ArrayList<>();
@@ -229,11 +228,7 @@
String ip = request.getHeader("x-forwarded-for");
if (ip != null && ip.length() != 0 && !"unknown".equalsIgnoreCase(ip)) {
// 澶氭鍙嶅悜浠g悊鍚庝細鏈夊涓猧p鍊硷紝绗竴涓猧p鎵嶆槸鐪熷疄ip
- if( ip.indexOf(",")!=-1 && !ip.split(",")[0].equals("127.0.0.1")){
- ip = ip.split(",")[0];
- }else {
- ip = ip.split(",")[1];
- }
+ ip = ip.split(",")[0];
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("Proxy-Client-IP");
--
Gitblit v1.9.3