将日志写入的用户超时逻辑改为限定为同一个账号
This commit is contained in:
季圣华
@@ -30,6 +30,7 @@ public interface LogMapperEx {
|
|||||||
@Param("content") String content);
|
@Param("content") String content);
|
||||||
|
|
||||||
Long getCountByIpAndDate(
|
Long getCountByIpAndDate(
|
||||||
|
@Param("userId") Long userId,
|
||||||
@Param("moduleName") String moduleName,
|
@Param("moduleName") String moduleName,
|
||||||
@Param("clientIp") String clientIp,
|
@Param("clientIp") String clientIp,
|
||||||
@Param("createTime") String createTime);
|
@Param("createTime") String createTime);
|
||||||
|
|||||||
@@ -150,10 +150,10 @@ public class LogService {
|
|||||||
if(userId!=null) {
|
if(userId!=null) {
|
||||||
String clientIp = getLocalIp(request);
|
String clientIp = getLocalIp(request);
|
||||||
String createTime = Tools.getNow3();
|
String createTime = Tools.getNow3();
|
||||||
Long count = logMapperEx.getCountByIpAndDate(moduleName, clientIp, createTime);
|
Long count = logMapperEx.getCountByIpAndDate(userId, moduleName, clientIp, createTime);
|
||||||
if(count > 0) {
|
if(count > 0) {
|
||||||
//如果某1个IP在同1秒内连续操作两遍,此时需要删除该redis记录,使其退出,防止恶意攻击
|
//如果某个用户某个IP在同1秒内连续操作两遍,此时需要删除该redis记录,使其退出,防止恶意攻击
|
||||||
redisService.deleteObjectByKeyAndIp("clientIp", clientIp, "userId");
|
redisService.deleteObjectByUserAndIp(userId, clientIp);
|
||||||
} else {
|
} else {
|
||||||
Log log = new Log();
|
Log log = new Log();
|
||||||
log.setUserId(userId);
|
log.setUserId(userId);
|
||||||
|
|||||||
@@ -99,21 +99,17 @@ public class RedisService {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* @author jisheng hua
|
* @author jisheng hua
|
||||||
* description:
|
* 将信息从redis中移除,比对user和ip
|
||||||
* 将信息从redis中移除,比对key和ip
|
* @param userId
|
||||||
*@date: 2021/08/21 22:10
|
* @param clientIp
|
||||||
* @Param: request
|
|
||||||
* @Param: key
|
|
||||||
* @Param: ip
|
|
||||||
* @Param: deleteKey
|
|
||||||
* @return Object
|
|
||||||
*/
|
*/
|
||||||
public void deleteObjectByKeyAndIp(String key, String ip, String deleteKey){
|
public void deleteObjectByUserAndIp(Long userId, String clientIp){
|
||||||
Set<String> tokens = redisTemplate.keys("*");
|
Set<String> tokens = redisTemplate.keys("*");
|
||||||
for(String token : tokens) {
|
for(String token : tokens) {
|
||||||
Object value = redisTemplate.opsForHash().get(token, key);
|
Object userIdValue = redisTemplate.opsForHash().get(token, "userId");
|
||||||
if(value!=null && value.equals(ip)) {
|
Object clientIpValue = redisTemplate.opsForHash().get(token, "clientIp");
|
||||||
redisTemplate.opsForHash().delete(token, deleteKey);
|
if(userIdValue!=null && clientIpValue!=null && userIdValue.equals(userId.toString()) && clientIpValue.equals(clientIp)) {
|
||||||
|
redisTemplate.opsForHash().delete(token, "userId");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -75,7 +75,8 @@
|
|||||||
</select>
|
</select>
|
||||||
|
|
||||||
<select id="getCountByIpAndDate" resultType="java.lang.Long">
|
<select id="getCountByIpAndDate" resultType="java.lang.Long">
|
||||||
select count(1) from jsh_log where operation=#{moduleName} and client_ip=#{clientIp} and create_time=#{createTime}
|
select count(1) from jsh_log
|
||||||
|
where user_id=#{userId} and operation=#{moduleName} and client_ip=#{clientIp} and create_time=#{createTime}
|
||||||
</select>
|
</select>
|
||||||
|
|
||||||
<insert id="insertLogWithUserId" parameterType="com.jsh.erp.datasource.entities.Log">
|
<insert id="insertLogWithUserId" parameterType="com.jsh.erp.datasource.entities.Log">
|
||||||
|
|||||||
Reference in New Issue
Block a user