SpringBoot整合IP白名单注解实现API安全

1、过滤器配置

package com.cloud.xx.common.config;

import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.cloud.xx.common.entity.DataClient;
import com.cloud.xx.mapper.DataClientMapper;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import org.jetbrains.annotations.NotNull;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;

import java.util.List;

@Component
public class IPWhitelistInterceptor implements HandlerInterceptor {

    @Autowired
    private DataClientMapper repository;

    @Override
    public boolean preHandle(@NotNull HttpServletRequest request, @NotNull HttpServletResponse response, @NotNull Object handler) throws Exception {


        if (handler instanceof HandlerMethod handlerMethod) {

            //原始handler
            //HandlerMethod handlerMethod = (HandlerMethod) handler;

            IPWhitelist ipWhitelist = handlerMethod.getMethodAnnotation(IPWhitelist.class);
            if (ipWhitelist != null) {
                String ip = request.getRemoteAddr();

                List<String> collect = repository.selectList(new LambdaQueryWrapper<DataClient>().eq(DataClient::getClientIp, ip)).stream().map(DataClient::getClientIp).toList();

                if (!collect.contains(ip)) {
                    response.setContentType("application/json;charset=UTF-8");
                    response.setCharacterEncoding("UTF-8");

                    response.getWriter().write(
                            """
                                    {
                                        "msg": "请开通权限！",
                                        "code": "403"
                                    }
                                    """
                            );

                    response.setStatus(HttpServletResponse.SC_FORBIDDEN);
                    return false;
                }
            }
        }
        return true;
    }

}

2、注入拦截器配置

package com.cloud.xx.common.config;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;

@Configuration
public class WebConfig implements WebMvcConfigurer {

    @Autowired
    private IPWhitelistInterceptor ipWhitelistInterceptor;

    @Override
    public void addInterceptors(InterceptorRegistry registry) {
        registry.addInterceptor(ipWhitelistInterceptor);
    }
}

3、自定义注解配置

package com.cloud.xx.common.config;

import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;

@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
public @interface IPWhitelist {
}

4、测试API接口

@RestController
@RequestMapping("/data/tg")
public class TongController {


    /**
     * 配置接口
     * @return
     */

    @PostMapping("ok")
    @IPWhitelist
    public R ok() {

        return R.ok("ok");
    }
}

5、效果