videoalliance/.svn/pristine/9e/9e03fa8b7b8f56a9c912593425dc7ee5f285ce15.svn-base

package com.chinacreator.videoalliance.query.action;

import java.io.PrintWriter;
import java.util.Date;
import java.util.List;
import java.util.regex.Pattern;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;

import com.chinacreator.common.pipe.DataOutPipe;
import com.chinacreator.common.util.MD5;
import com.chinacreator.videoalliance.common.annotation.DataOut;
import com.chinacreator.videoalliance.query.bean.IpInfoBean;
import com.chinacreator.videoalliance.query.dao.QueryIPDao;

@Controller
public class QueryIPAction {

	@Autowired
	private QueryIPDao queryIPDao;
	
	@RequestMapping("/ipquery.do")
	@DataOut(callback="ipquery")
	public void ipquery(HttpServletRequest req, HttpServletResponse resp) throws Exception {
		resp.setCharacterEncoding("utf-8");
		resp.setContentType("text/json;charset=utf-8");
		PrintWriter out =  resp.getWriter();
		
		DataOutPipe pipe = new DataOutPipe();
		
		//合作方ID
		String cpid = req.getParameter("cpid");
		//请求时间戳
		String timestamp = req.getParameter("timestamp");
		//签名验证
		String sign = req.getParameter("sign");
		//查询IP
		String ip = req.getParameter("ip");
		
		//判断参数不能为空
		if(cpid == null || "".equals(cpid.trim())){
			pipe.setResultCode("8102");
			pipe.setErrorInfo("cpid参数不能为空");
			out.write(pipe.toJSON());
			return;
		}
		if(timestamp == null || "".equals(timestamp.trim())){
			pipe.setResultCode("8102");
			pipe.setErrorInfo("timestamp参数不能为空");
			out.write(pipe.toJSON());
			return;
		}
		if(sign == null || "".equals(sign.trim())){
			pipe.setResultCode("8102");
			pipe.setErrorInfo("sign参数不能为空");
			out.write(pipe.toJSON());
			return;
		}
		
		//判断合作方信息
		IpInfoBean bean = new IpInfoBean();
		bean.setCpid(cpid);
		try {
			bean = queryIPDao.queryCpidForIp(bean);
		} catch (Exception e) {
			e.printStackTrace();
			
			pipe.setResultCode("506");
			pipe.setErrorInfo("数据库查询异常");
			out.write(pipe.toJSON());
			return;
		}	
		if(bean == null){
			pipe.setResultCode("8102");
			pipe.setErrorInfo("cpid对应合作方不存在");
			out.write(pipe.toJSON());
			return;
		}
		
		//判断难是否正常
		String key = bean.getSignkey();
		if(!sign.equals(this.toSign(cpid, timestamp, key))){
			pipe.setResultCode("8805");
			pipe.setErrorInfo("sign验证不通过");
			out.write(pipe.toJSON());
			return;
		}
		
		//判断请求时间戳是否正常
		Date date = new Date();
		long timestampTemp = (date.getTime()/1000)+28800;
		long timestampVal = Long.parseLong(timestamp);
		if(timestampTemp-timestampVal>10L*60L || timestampTemp-timestampVal<-10L*60L){
			pipe.setResultCode("8806");
			pipe.setErrorInfo("timestamp不正常，不是当前时间");
			out.write(pipe.toJSON());
			return;
		}
		
		//判断是否上传IP
		if(ip == null || "".equals(ip.trim())){
			ip = this.getRealIp(req);
			if(ip == null || "".equals(ip.trim())){
				pipe.setResultCode("8801");
				pipe.setErrorInfo("不能取到客户端IP");
				out.write(pipe.toJSON());
				return;
			}
		}
		
		//判断IP是否格式正常
		String num = "(25[0-5]|2[0-4]\\d|[0-1]\\d{2}|[1-9]?\\d)";
		String regex = "^" + num + "\\." + num + "\\." + num + "\\." + num + "$";
		if(!Pattern.matches(regex, ip)){
			pipe.setResultCode("8802");
			pipe.setErrorInfo("IP格式不正确");
			out.write(pipe.toJSON());
			return;
		}
		
		//查询IP的归属信息
		bean = new IpInfoBean();
		bean.setIp(ip);
		List<IpInfoBean> list = null;
		try {
			list = queryIPDao.queryIpInfo(bean);
		} catch (Exception e1) {
			e1.printStackTrace();
			
			pipe.setResultCode("506");
			pipe.setErrorInfo("数据库查询异常");
			out.write(pipe.toJSON());
			return;
		}
		if(list ==null || list.size()<1){
			try {
				bean.setIp(ip);
				bean.setCpid(cpid);
				bean.setId(cpid+new Date().getTime());
				queryIPDao.insertInfoNoQuery(bean);
			} catch (Exception e) {
				e.printStackTrace();
			}
			
			pipe.setResultCode("8803");
			pipe.setErrorInfo("IP未查询到归属信息");
			out.write(pipe.toJSON());
			return;
		}
		if(list.size()>1){
			pipe.setResultCode("8804");
			pipe.setErrorInfo("IP查询到多条归属信息");
			out.write(pipe.toJSON());
			return;
		}
		
		//IP归属信息
		IpInfoBean ipInfo = list.get(0);
		pipe.setResultCode("0");
		pipe.setErrorInfo("成功");
		pipe.add("ip", ip);
		pipe.add("country", ipInfo.getCountry());
		pipe.add("area", ipInfo.getArea());
		
		String op = ipInfo.getOperator();
		if(op==null || "".equals(op.trim())){
			op="未知";
		}
		pipe.add("operator", op);
		out.write(pipe.toJSON());
	}
	
	@RequestMapping("/clearIpCache.do")
	@DataOut(callback="clearIpCache")
	public void clearCache(HttpServletRequest req, HttpServletResponse resp) throws Exception {
		queryIPDao.clearCache();
		resp.setContentType("text/plain;charset=utf-8");
		resp.getWriter().write("ok");;
	}
	
	/**
	 * 生成MD5签名
	 * 
	 * @param cpid
	 * @param timestamp
	 * @param key
	 * @return
	 * @author 科创·毛燕龙
	 * @datetime 2016年11月3日 下午8:16:40
	 */
	private String toSign(String cpid,String timestamp,String key){
		String val=cpid+timestamp+key;
		return MD5.MD5Encode(val);
	}
	
	/**
	 * 获取真实IP
	 * 
	 * @param request
	 * @return
	 * @author 科创·毛燕龙
	 * @datetime 2016年11月3日 下午8:17:02
	 */
	private String getRealIp(HttpServletRequest request){
		String ip = request.getHeader("X-Forwarded-For") == null ? request
				.getHeader("x-forwarded-for") : request
				.getHeader("X-Forwarded-For");
		if (ip == null||ip.startsWith("10.") || ip.startsWith("172.")||ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
			ip = request.getRemoteAddr();
		}
		if (ip == null||ip.startsWith("10.") || ip.startsWith("172.")||ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
			ip = request.getHeader("Proxy-Client-IP");
		}
		if (ip == null||ip.startsWith("10.") ||ip.startsWith("172.")|| ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
			ip = request.getHeader("WL-Proxy-Client-IP");
		}
		if(ip == null){
			return "";
		}
		String[] ips = ip.split(",");
		return ips[0];
	}
	
}