From 43dfbd5ad66d3ab8aa958c495bf84c5fc9d79155 Mon Sep 17 00:00:00 2001
From: Liang Ding <d@b3log.org>
Date: Sat, 11 Jan 2020 22:22:36 +0800
Subject: [PATCH] =?UTF-8?q?:lock:=20=E5=8A=A0=E5=85=A5=E7=A4=BE=E5=8C=BA?=
 =?UTF-8?q?=E9=BB=91=E5=90=8D=E5=8D=95=20IP?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../solo/processor/BeforeRequestHandler.java  | 12 +++++++-
 .../b3log/solo/service/CronMgmtService.java   | 11 +++----
 src/main/java/org/b3log/solo/util/Solos.java  | 30 ++++++++++++++++++-
 3 files changed, 46 insertions(+), 7 deletions(-)

diff --git a/src/main/java/org/b3log/solo/processor/BeforeRequestHandler.java b/src/main/java/org/b3log/solo/processor/BeforeRequestHandler.java
index 62d906769..cbbefeff6 100644
--- a/src/main/java/org/b3log/solo/processor/BeforeRequestHandler.java
+++ b/src/main/java/org/b3log/solo/processor/BeforeRequestHandler.java
@@ -19,19 +19,29 @@
 
 import org.b3log.latke.http.RequestContext;
 import org.b3log.latke.http.handler.Handler;
+import org.b3log.latke.util.Requests;
 import org.b3log.latke.util.Stopwatchs;
+import org.b3log.solo.util.Solos;
 
 /**
  * Before request handler.
  *
  * @author <a href="http://88250.b3log.org">Liang Ding</a>
- * @version 1.0.0.0, Nov 3, 2019
+ * @version 1.0.0.1, Jan 11, 2020
  * @since 3.6.7
  */
 public class BeforeRequestHandler implements Handler {
 
     @Override
     public void handle(final RequestContext context) {
+        final String remoteAddr = Requests.getRemoteAddr(context.getRequest());
+        if (Solos.BLACKLIST_IPS.contains(remoteAddr)) {
+            context.sendStatus(200);
+            context.abort();
+
+            return;
+        }
+
         Stopwatchs.start("Request Initialized [requestURI=" + context.requestURI() + "]");
     }
 }
diff --git a/src/main/java/org/b3log/solo/service/CronMgmtService.java b/src/main/java/org/b3log/solo/service/CronMgmtService.java
index 03ce3b911..389331808 100644
--- a/src/main/java/org/b3log/solo/service/CronMgmtService.java
+++ b/src/main/java/org/b3log/solo/service/CronMgmtService.java
@@ -22,6 +22,7 @@
 import org.b3log.latke.logging.Logger;
 import org.b3log.latke.service.annotation.Service;
 import org.b3log.latke.util.Stopwatchs;
+import org.b3log.solo.util.Solos;
 
 import java.util.concurrent.Executors;
 import java.util.concurrent.ScheduledExecutorService;
@@ -96,27 +97,27 @@ public void start() {
 
         SCHEDULED_EXECUTOR_SERVICE.scheduleAtFixedRate(() -> {
             try {
-                articleMgmtService.refreshGitHub();
-                userMgmtService.refreshUSite();
+                Solos.reloadBlacklistIPs();
             } catch (final Exception e) {
                 LOGGER.log(Level.ERROR, "Executes cron failed", e);
             } finally {
                 Stopwatchs.release();
             }
-        }, delay, 1000 * 60 * 60 * 24, TimeUnit.MILLISECONDS);
+        }, delay, 30, TimeUnit.MINUTES);
         delay += 2000;
 
         SCHEDULED_EXECUTOR_SERVICE.scheduleAtFixedRate(() -> {
             try {
+                articleMgmtService.refreshGitHub();
+                userMgmtService.refreshUSite();
                 exportService.exportHacPai();
             } catch (final Exception e) {
                 LOGGER.log(Level.ERROR, "Executes cron failed", e);
             } finally {
                 Stopwatchs.release();
             }
-        }, delay + 1000 * 60 * 10, 1000 * 60 * 60 * 24, TimeUnit.MILLISECONDS);
+        }, delay, 1000 * 60 * 60 * 24, TimeUnit.MILLISECONDS);
         delay += 2000;
-
     }
 
     /**
diff --git a/src/main/java/org/b3log/solo/util/Solos.java b/src/main/java/org/b3log/solo/util/Solos.java
index a95481c5f..7d8da8ced 100644
--- a/src/main/java/org/b3log/solo/util/Solos.java
+++ b/src/main/java/org/b3log/solo/util/Solos.java
@@ -38,17 +38,20 @@
 import org.b3log.solo.model.Common;
 import org.b3log.solo.model.UserExt;
 import org.b3log.solo.repository.UserRepository;
+import org.json.JSONArray;
 import org.json.JSONObject;
 
+import java.util.List;
 import java.util.MissingResourceException;
 import java.util.ResourceBundle;
 import java.util.Set;
+import java.util.concurrent.CopyOnWriteArrayList;
 
 /**
  * Solo utilities.
  *
  * @author <a href="http://88250.b3log.org">Liang Ding</a>
- * @version 1.9.0.6, Jan 8, 2020
+ * @version 1.10.0.0, Jan 11, 2020
  * @since 2.8.0
  */
 public final class Solos {
@@ -113,6 +116,31 @@ public final class Solos {
         COOKIE_SECRET = cookieSecret;
     }
 
+    /**
+     * Blacklist IPs.
+     */
+    public static final List<String> BLACKLIST_IPS = new CopyOnWriteArrayList<>();
+
+    /**
+     * Reloads blacklist IPs.
+     */
+    public static void reloadBlacklistIPs() {
+        final HttpResponse res = HttpRequest.post("https://hacpai.com/apis/blacklist/ip").trustAllCerts(true).
+                connectionTimeout(3000).timeout(7000).header("User-Agent", Solos.USER_AGENT).send();
+        if (200 != res.statusCode()) {
+            return;
+        }
+        res.charset("UTF-8");
+        final JSONObject result = new JSONObject(res.bodyText());
+        if (0 != result.optInt(Keys.CODE)) {
+            return;
+        }
+
+        final JSONArray ips = result.optJSONArray(Common.DATA);
+        BLACKLIST_IPS.clear();
+        BLACKLIST_IPS.addAll(CollectionUtils.jsonArrayToList(ips));
+    }
+
     /**
      * Constructs a successful result.
      *