limqsh/quinn-bbc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix 恶意刷新查看量

Browse Source 
全局搜索代替了原来长连接的方式,增加了很多隐藏的门路。
This commit is contained in:
limqhz
2022-05-10 15:23:32 +08:00
parent b0b9e80f8a
commit 759843e83d
22 changed files with 258 additions and 84 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/main/java/com/quinn/common/QuinnConstant.java
View File

@@ -14,7 +14,17 @@ public interface QuinnConstant {
String GUN = "The emperor's new clothes";
/**
* 登录超时时间
*/
int SESSION_TIME_OUT = 30 * 60;
String SESSION_LOCK = "LOCK";
String SOURCE_KEY = "SOURCE_KEY_";
/**
* SESSION_ID
*/
String SESSION_ID = "SESSION_ID_";
/**
* PASSWORD //TODO 可以配置数据库MD5加密
*/

1
src/main/java/com/quinn/config/SecurityConfig.java
View File

@@ -27,7 +27,6 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
http.authorizeRequests()
.antMatchers("/","/index").permitAll()
.antMatchers("/register","/login","/toLogin").permitAll()
.antMatchers("/tracy/mcgrady/lmq/love/wn").permitAll()
.antMatchers("/blog/**").authenticated()
.antMatchers("/source/**").authenticated()
.antMatchers("/user/**").authenticated()

4
src/main/java/com/quinn/controller/AboutController.java
View File

@@ -36,7 +36,7 @@ public class AboutController extends BaseModelController {
@GetMapping("/about")
public String userIndexBlog(Model model){
public String userIndexBlog(HttpServletRequest request,Model model){
Page<About> pageParam = new Page<>(1, 20);
aboutService.page(pageParam,new QueryWrapper<About>().orderByDesc("gmt_create"));
// 结果
@@ -50,7 +50,7 @@ public class AboutController extends BaseModelController {
@PostMapping("/about")
public String saveSay(HttpServletRequest request, About about){
String loginUserId = getLoginUserId(request);
User user = userService.getOne(new QueryWrapper<User>().eq("uid", ""));
User user = userService.getOne(new QueryWrapper<User>().eq("uid", loginUserId));
// 防止请求提交
if (!RoleType.ADMIN.name().equals(user)){
return "redirect:/about";

5
src/main/java/com/quinn/controller/BaseModelController.java
View File

@@ -1,5 +1,6 @@
package com.quinn.controller;
import com.quinn.common.QuinnConstant;
import com.quinn.pojo.User;
import javax.servlet.http.HttpServletRequest;
@@ -14,4 +15,8 @@ public class BaseModelController {
return "";
}
protected String getSessionId(HttpServletRequest request){
return QuinnConstant.SESSION_ID + request.getSession().getId();
}
}

4
src/main/java/com/quinn/controller/BlogController.java
View File

@@ -119,8 +119,8 @@ public class BlogController extends BaseModelController{
@GetMapping("/blog/read/{bid}")
public String read(HttpServletRequest request, @PathVariable("bid") String bid, Model model){
Blog blog = blogService.getOne(new QueryWrapper<Blog>().eq("bid", bid));
blog.setViews(blog.getViews()+1);
blogService.updateById(blog);
String sessionId = getSessionId(request);
blogService.addRecord(blog,sessionId);
model.addAttribute("blog",blog);
StarValue starValue = starService.isStar(bid, getLoginUserId(request), Category.BLOG);

1
src/main/java/com/quinn/controller/LoginController.java
View File

@@ -28,7 +28,6 @@ public class LoginController {
UserInfoService userInfoService;
@GetMapping({"/","/index","/source/view/index",
"/tracy/mcgrady/lmq/love/wn/index",
"/blog/read/index"
})
public String index(){

50
src/main/java/com/quinn/controller/SearchController.java
View File

@@ -3,14 +3,17 @@ package com.quinn.controller;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.quinn.common.QuinnConstant;
import com.quinn.pojo.Source;
import com.quinn.service.SourceService;
import com.quinn.pojo.*;
import com.quinn.service.*;
import com.quinn.vo.MyPageParam;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.PostMapping;
import javax.annotation.Resource;
import java.util.List;
/**
* <p>
@@ -25,6 +28,14 @@ public class SearchController {
@Resource
SourceService sourceService;
@Autowired
BlogCategoryService blogCategoryService;
@Autowired
BlogService blogService;
@Autowired
CommentService commentService;
@Resource
SourceCategoryService sourceCategoryService;
@PostMapping("/search")
public String searchAll(String findWhat,Model model){
@@ -32,6 +43,8 @@ public class SearchController {
return "index";
}
if (QuinnConstant.NEW_SOURCE_PASSWORD.equals(findWhat)){
List<SourceCategory> categoryList = sourceCategoryService.list(null);
model.addAttribute("categoryList",categoryList);
return "source/uploadSource";
}
if (QuinnConstant.APPEND_PASSWORD.equals(findWhat)){
@@ -43,13 +56,38 @@ public class SearchController {
findWhat = findWhat.substring(0,findWhat.lastIndexOf(QuinnConstant.EDIT_SOURCE_LAST));
}
if (!StringUtils.isEmpty(findWhat)){
Source sid = sourceService.getOne(new QueryWrapper<Source>().eq("sid", findWhat));
if (sid!=null){
return "redirect:/tracy/mcgrady/lmq/love/wn/" + findWhat;
Source source = sourceService.getOne(new QueryWrapper<Source>().eq("sid", findWhat));
if (source!=null){
source.setKeyWord1(concatKeyWord(source.getKeyWord2()) + concatKeyWord(source.getKeyWord2()) + concatKeyWord(source.getKeyWord3()));
model.addAttribute("source",source);
// 分类信息
List<SourceCategory> categoryList = sourceCategoryService.list(null);
model.addAttribute("categoryList",categoryList);
return "source/editorSource";
}
}
}
return "index";
//TODO
MyPageParam myPageParam = new MyPageParam(1, 10);
List<BlogWithUser> blogList = blogService.getBlogWithUserOrderBySort(myPageParam);
// 结果
model.addAttribute("blogList",blogList);
model.addAttribute("pageParam",myPageParam);
List<Blog> topBlogList = blogService.getTopBlog();
model.addAttribute("topBlogList",topBlogList);
// 分类信息
List<BlogCategory> categoryList = blogCategoryService.list(null);
model.addAttribute("categoryList",categoryList);
return "page/allsearch";
}
private String concatKeyWord(String keyWord) {
if (!StringUtils.isEmpty(keyWord)) {
return keyWord + QuinnConstant.LINK_KEY_WORD;
}
return "";
}
}

8
src/main/java/com/quinn/controller/SourceController.java
View File

@@ -15,7 +15,6 @@ import com.quinn.vo.*;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.util.CollectionUtils;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.*;
import javax.annotation.Resource;
@@ -83,7 +82,7 @@ public class SourceController extends BaseModelController {
// 列表展示
@GetMapping("/hotspot")
public String sourceHotPot(Model model){
Page<Source> pageParam = new Page<>(1, 9);
Page<Source> pageParam = new Page<>(1, 21);
QueryWrapper<Source> sourceQuery = new QueryWrapper<>();
sourceQuery.orderByDesc("down_record");
sourceService.page(pageParam,sourceQuery);
@@ -110,8 +109,9 @@ public class SourceController extends BaseModelController {
* @return
*/
@GetMapping("/source/view/{sid}")
public String read(HttpServletRequest request, @PathVariable("sid") String sid, Model model){
Source source = sourceService.view(sid);
public String view(HttpServletRequest request, @PathVariable("sid") String sid, Model model){
String sessionId = getSessionId(request);
Source source = sourceService.view(sid,sessionId);
if(source != null){
source.setSourceLink(QuinnConstant.GUN);
source.setKeyWord1(QuinnConstant.GUN);

36
src/main/java/com/quinn/controller/SourceUploadController.java
View File

@@ -1,20 +1,13 @@
package com.quinn.controller;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.quinn.common.QuinnConstant;
import com.quinn.pojo.Source;
import com.quinn.pojo.SourceCategory;
import com.quinn.service.SourceCategoryService;
import com.quinn.service.SourceService;
import com.quinn.vo.SourceDeleteForm;
import com.quinn.vo.SourceUpdateForm;
import com.quinn.vo.SourceWriteForm;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.multipart.MultipartFile;
@@ -22,7 +15,6 @@ import javax.annotation.Resource;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.List;
/**
* <p>
@@ -40,15 +32,6 @@ public class SourceUploadController {
@Resource
SourceService sourceService;
// 写文章
@GetMapping("/tracy/mcgrady/lmq/love/wn")
public String toWrite(Model model){
// 分类信息
List<SourceCategory> categoryList = sourceCategoryService.list(null);
model.addAttribute("categoryList",categoryList);
return "source/uploadSource";
}
@PostMapping("/tracy/mcgrady/lmq/love/wn")
public synchronized String write(MultipartFile file, SourceWriteForm sourceWriteForm) throws IOException {
if (!QuinnConstant.SOURCE_PASSWORD.equals(sourceWriteForm.getUploadPassWord())){
@@ -59,25 +42,6 @@ public class SourceUploadController {
return "redirect:/source";
}
// 编辑信息
@GetMapping("/tracy/mcgrady/lmq/love/wn/{sid}")
public String toEdit(@PathVariable("sid") String sid, Model model){
Source source = sourceService.getOne(new QueryWrapper<Source>().eq("sid",sid));
source.setKeyWord1(concatKeyWord(source.getKeyWord2()) + concatKeyWord(source.getKeyWord2()) + concatKeyWord(source.getKeyWord3()));
model.addAttribute("source",source);
// 分类信息
List<SourceCategory> categoryList = sourceCategoryService.list(null);
model.addAttribute("categoryList",categoryList);
return "source/editorSource";
}
private String concatKeyWord(String keyWord) {
if (!StringUtils.isEmpty(keyWord)) {
return keyWord + QuinnConstant.LINK_KEY_WORD;
}
return "";
}
// 编辑信息
@PostMapping("/tracy/mcgrady/lmq/love/wn/update")
public String toEdit(MultipartFile file, SourceUpdateForm sourceUpdateForm) throws IOException {

1
src/main/java/com/quinn/service/BlogService.java
View File

@@ -26,4 +26,5 @@ public interface BlogService extends IService<Blog> {
List<BlogWithUser> getMyBlogs(String userId,MyPageParam myPageParam);
void addRecord(Blog blog, String sessionId);
}

2
src/main/java/com/quinn/service/SourceService.java
View File

@@ -40,7 +40,7 @@ public interface SourceService extends IService<Source> {
* @throws IOException
* @return
*/
Source view(String sid);
Source view(String sid,String sessionId);
/**
* 上传新资源

15
src/main/java/com/quinn/service/impl/BlogServiceImpl.java
View File

@@ -1,14 +1,17 @@
package com.quinn.service.impl;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.quinn.common.QuinnConstant;
import com.quinn.pojo.Blog;
import com.quinn.mapper.BlogMapper;
import com.quinn.pojo.BlogWithUser;
import com.quinn.service.BlogService;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import com.quinn.utils.RedisUtils;
import com.quinn.vo.MyPageParam;
import org.springframework.stereotype.Service;
import org.springframework.util.CollectionUtils;
import org.springframework.util.StringUtils;
import javax.annotation.Resource;
import java.util.List;
@@ -24,6 +27,8 @@ import java.util.List;
@Service
public class BlogServiceImpl extends ServiceImpl<BlogMapper, Blog> implements BlogService {
@Resource
RedisUtils redisUtils;
@Resource
BlogMapper blogMapper;
@@ -59,4 +64,14 @@ public class BlogServiceImpl extends ServiceImpl<BlogMapper, Blog> implements Bl
return blogMapper.getMyBlogs(userId,myPageParam);
}
@Override
public void addRecord(Blog blog, String sessionId) {
String value = redisUtils.get(sessionId);
if (StringUtils.isEmpty(value)){
redisUtils.set(sessionId, QuinnConstant.SESSION_LOCK,QuinnConstant.SESSION_TIME_OUT);
blog.setViews(blog.getViews()+1);
updateById(blog);
}
}
}

25
src/main/java/com/quinn/service/impl/SourceServiceImpl.java
View File

@@ -81,9 +81,13 @@ public class SourceServiceImpl extends ServiceImpl<SourceMapper, Source> impleme
}
@Override
public Source view(String sid) {
public Source view(String sid,String sessionId) {
Source source = getOne(new QueryWrapper<Source>().eq("sid", sid));
addDownLoadRecord(source);
String value = redisUtils.get(sessionId);
if (StringUtils.isEmpty(value)){
redisUtils.set(sessionId,QuinnConstant.SESSION_LOCK,QuinnConstant.SESSION_TIME_OUT);
addDownLoadRecord(source);
}
return source;
}
@@ -214,13 +218,16 @@ public class SourceServiceImpl extends ServiceImpl<SourceMapper, Source> impleme
* @param source
*/
private void addDownLoadRecord(Source source) {
String downLoadTime = redisUtils.get(QuinnConstant.SOURCE_KEY + source.getSid());
int downTimes = 0;
if (StringUtils.isEmpty(downLoadTime)){
downTimes = source.getDownRecord() + 1;
}else {
downTimes = Integer.parseInt(downLoadTime) + 1;
}
/** 使用redis记录访问量可以降低数据库压力,但是时效性就会降低,
* 需要不断跑批处理,用户量小或者单实例不推荐这么做
*/
// int downTimes = 0;
// if (StringUtils.isEmpty(downLoadTime)){
// downTimes = source.getDownRecord() + 1;
// }else {
// downTimes = Integer.parseInt(downLoadTime) + 1;
// }
int downTimes = source.getDownRecord() + 1;
redisUtils.set(QuinnConstant.SOURCE_KEY + source.getSid(),downTimes + "");
source.setDownRecord(source.getDownRecord() + 1);
updateById(source);

8
src/main/java/com/quinn/service/impl/StarServiceImpl.java
View File

@@ -53,6 +53,7 @@ public class StarServiceImpl extends ServiceImpl<StarMapper, Star> implements St
save(blogStar);
starValue.setStar(true);
}
starValue.setTotal(getTotalStar(topicId,category));
return starValue;
}
@@ -68,9 +69,16 @@ public class StarServiceImpl extends ServiceImpl<StarMapper, Star> implements St
starValue.setStar(true);
}
}
starValue.setTotal(getTotalStar(topicId,category));
return starValue;
}
private int getTotalStar(String topicId,Category category){
return count(new QueryWrapper<Star>()
.eq("topic_category",category.name())
.eq("topic_id",topicId));
}
@Override
public List<StarWithTopic> listStars(String userId, MyPageParam myPageParam) {
int count = count(new QueryWrapper<Star>().eq("user_id",userId));

1
src/main/java/com/quinn/service/impl/UserServiceImpl.java
View File

@@ -55,6 +55,7 @@ public class UserServiceImpl extends ServiceImpl<UserMapper, User> implements Us
user.setPassword(QuinnConstant.GUN);
// 放入session
session.setAttribute("loginUser",user);
session.setMaxInactiveInterval(QuinnConstant.SESSION_TIME_OUT);
//创建一个集合来存放权限
List<GrantedAuthority> authList = new ArrayList<GrantedAuthority>();
RoleType[] values = RoleType.values();

3
src/main/java/com/quinn/vo/StarValue.java
View File

@@ -13,4 +13,7 @@ public class StarValue {
@ApiModelProperty(value = "是否收藏")
private boolean star;
@ApiModelProperty(value = "总收藏量")
private int total;
}