diff --git a/src/main/java/app/annotations/impl/PermitionFlagAspect.java b/src/main/java/app/annotations/impl/PermitionFlagAspect.java index 73aef05..f1320c7 100644 --- a/src/main/java/app/annotations/impl/PermitionFlagAspect.java +++ b/src/main/java/app/annotations/impl/PermitionFlagAspect.java @@ -29,6 +29,9 @@ public class PermitionFlagAspect { private final Logger logger = LoggerFactory.getLogger(PermitionFlagAspect.class); + @Autowired + private HttpServletRequest request; + @Autowired public PermitionFlagAspect(ProfileService profileService) { this.profileService = profileService; @@ -41,8 +44,8 @@ public class PermitionFlagAspect { return permition.getFlags().contains(flag); } - @Before(value = "@annotation(app.annotations.interfaces.CheckPermitionFlag) && args(request,..)") - public void before(JoinPoint joinPoint, HttpServletRequest request){ + @Before(value = "@annotation(app.annotations.interfaces.CheckPermitionFlag)") + public void before(JoinPoint joinPoint){ String flag = ((MethodSignature) joinPoint.getSignature()).getMethod().getAnnotation(CheckPermitionFlag.class).flag(); logger.info("check permition flag, requested: {}", flag); if(!(request instanceof HttpServletRequest)) { diff --git a/src/main/java/app/annotations/impl/ShowClientIPAspect.java b/src/main/java/app/annotations/impl/ShowClientIPAspect.java index 84bcea9..e195469 100644 --- a/src/main/java/app/annotations/impl/ShowClientIPAspect.java +++ b/src/main/java/app/annotations/impl/ShowClientIPAspect.java @@ -5,6 +5,7 @@ import org.aspectj.lang.annotation.Aspect; import org.aspectj.lang.annotation.Before; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Configuration; /** @@ -16,9 +17,16 @@ public class ShowClientIPAspect { private final Logger logger = LoggerFactory.getLogger(ShowClientIPAspect.class); - @Before("@annotation(app.annotations.interfaces.ShowClientIP) && args(request,..)") - public void before(HttpServletRequest request) { + @Autowired + private HttpServletRequest request; + + @Before("@annotation(app.annotations.interfaces.ShowClientIP)") + public void before() { String client_ip = request.getHeader("X-Forwarded-For"); + if (client_ip == null) { + client_ip = request.getRemoteAddr(); + } + if (client_ip != null) { logger.info("Client IP: {}, Request: {}", client_ip, request.getRequestURI()); } diff --git a/src/main/java/app/annotations/impl/WaitAfterNextAspect.java b/src/main/java/app/annotations/impl/WaitAfterNextAspect.java index 0b4798a..eca1dcc 100644 --- a/src/main/java/app/annotations/impl/WaitAfterNextAspect.java +++ b/src/main/java/app/annotations/impl/WaitAfterNextAspect.java @@ -8,6 +8,9 @@ import org.aspectj.lang.annotation.After; import org.aspectj.lang.annotation.Aspect; import org.aspectj.lang.annotation.Before; import org.aspectj.lang.reflect.MethodSignature; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Configuration; import java.util.HashSet; @@ -18,24 +21,34 @@ import java.util.HashSet; @Aspect @Configuration public class WaitAfterNextAspect { - HashSet wait_order = new HashSet<>(); + private final HashSet wait_order = new HashSet<>(); + private final Logger logger = LoggerFactory.getLogger(getClass()); - @Before("@annotation(app.annotations.interfaces.WaitAfterNext) && args(request,..)") - public void before(JoinPoint joinPoint, HttpServletRequest request) { + @Autowired + private HttpServletRequest request; + + @Before("@annotation(app.annotations.interfaces.WaitAfterNext)") + public void before(JoinPoint joinPoint) { final String order = ((MethodSignature) joinPoint.getSignature()).getMethod().getAnnotation(WaitAfterNext.class).order(); final String hash = new StringBuilder().append(getSteam64fromCookie(request)).append(getIp(request)).append(order).toString(); - if (hash.isEmpty()) return; - if (wait_order.contains(hash)) throw new WaitRateLimit(); + if (wait_order.contains(hash)) { + logger.error(hash); + throw new WaitRateLimit(); + } + logger.info(hash); wait_order.add(hash); } - @After("@annotation(app.annotations.interfaces.WaitAfterNext) && args(request,..)") - public void after(JoinPoint joinPoint, HttpServletRequest request) { + @After("@annotation(app.annotations.interfaces.WaitAfterNext)") + public void after(JoinPoint joinPoint) { final String order = ((MethodSignature) joinPoint.getSignature()).getMethod().getAnnotation(WaitAfterNext.class).order(); final String hash = new StringBuilder().append(getSteam64fromCookie(request)).append(getIp(request)).append(order).toString(); if (hash.isEmpty()) return; - if (wait_order.contains(hash)) wait_order.remove(hash); + if (wait_order.contains(hash)) { + logger.warn(hash); + wait_order.remove(hash); + } } public String getSteam64fromCookie(HttpServletRequest request) { diff --git a/src/main/java/app/controllers/other/PulseController.java b/src/main/java/app/controllers/other/PulseController.java index d25408d..f87c85a 100644 --- a/src/main/java/app/controllers/other/PulseController.java +++ b/src/main/java/app/controllers/other/PulseController.java @@ -3,10 +3,10 @@ package app.controllers.other; import app.annotations.impl.WaitAfterNextAspect; import app.annotations.interfaces.CheckPermitionFlag; import app.annotations.interfaces.CheckWebAccess; +import app.annotations.interfaces.WaitAfterNext; import app.services.StatsService; import app.services.db.DBService; import app.updates.OnlineUpdater; -import jakarta.servlet.http.HttpServletRequest; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; @@ -61,12 +61,14 @@ public class PulseController { } @GetMapping("/ratelimit") + @WaitAfterNext(order = "ratelimitcheck") @CheckWebAccess @CheckPermitionFlag(flag = "z") - public HashSet getRateLimitOrder(HttpServletRequest request, @RequestParam(defaultValue = "false") boolean clear) { + public HashSet getRateLimitOrder(@RequestParam(defaultValue = "false") boolean clear) { if (clear) { waitAfterNextAspect.clearRateLimits(); } - return waitAfterNextAspect.getRateLimits(); + HashSet r = (HashSet) waitAfterNextAspect.getRateLimits().clone(); + return r; } }