SpringBoot 接口防刷(注解实现)-白红宇

SpringBoot 接口防刷(注解实现)

阅读量：583 次

发布时间：2019-03-11

本文共 3311 字，大约阅读时间需要 11 分钟。

记录如何使用注解的方式对接口实现防刷功能

注解类

import java.lang.annotation.Retention;import java.lang.annotation.Target; import static java.lang.annotation.ElementType.METHOD;import static java.lang.annotation.RetentionPolicy.RUNTIME; @Retention(RUNTIME)@Target(METHOD)public @interface AccessLimit {     int seconds();    int maxCount();    boolean needLogin()default true;}

Interceptor拦截器

import com.alibaba.fastjson.JSON;import org.springframework.beans.factory.annotation.Autowired;import org.springframework.stereotype.Component;import org.springframework.web.method.HandlerMethod;import org.springframework.web.servlet.handler.HandlerInterceptorAdapter; import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import java.io.OutputStream; @Componentpublic class FangshuaInterceptor extends HandlerInterceptorAdapter {     @Autowired    private RedisService redisService;     @Override    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {         //判断请求是否属于方法的请求        if(handler instanceof HandlerMethod){             HandlerMethod hm = (HandlerMethod) handler;             //获取方法中的注解,看是否有该注解            AccessLimit accessLimit = hm.getMethodAnnotation(AccessLimit.class);            if(accessLimit == null){                return true;            }            int seconds = accessLimit.seconds();            int maxCount = accessLimit.maxCount();            boolean login = accessLimit.needLogin();            String key = request.getRequestURI();            //如果需要登录            if(login){                //获取登录的session进行判断                //.....                key+=""+"1";  //这里假设用户是1,项目中是动态获取的userId            }             //从redis中获取用户访问的次数            AccessKey ak = AccessKey.withExpire(seconds);            Integer count = redisService.get(ak,key,Integer.class);            if(count == null){                //第一次访问                redisService.set(ak,key,1);            }else if(count < maxCount){                //加1                redisService.incr(ak,key);            }else{                //超出访问次数                render(response,CodeMsg.ACCESS_LIMIT_REACHED); //这里的CodeMsg是一个返回参数                return false;            }        }         return true;     }    private void render(HttpServletResponse response, CodeMsg cm)throws Exception {        response.setContentType("application/json;charset=UTF-8");        OutputStream out = response.getOutputStream();        String str  = JSON.toJSONString(Result.error(cm));        out.write(str.getBytes("UTF-8"));        out.flush();        out.close();    }}

Interceptor注册到springboot中

@Configurationpublic class WebConfig extends WebMvcConfigurerAdapter {     @Autowired    private FangshuaInterceptor interceptor;      @Override    public void addInterceptors(InterceptorRegistry registry) {        registry.addInterceptor(interceptor);    }}

接着在Controller中加入注解

import org.springframework.stereotype.Controller;import org.springframework.web.bind.annotation.RequestMapping;import org.springframework.web.bind.annotation.ResponseBody; @Controllerpublic class FangshuaController {     @AccessLimit(seconds=5, maxCount=5, needLogin=true)    @RequestMapping("/demo")    @ResponseBody    public Result
   
     fangshua(){          return Result.success("请求成功");     }

转载地址：http://sbytz.baihongyu.com/

你可能感兴趣的文章

Metasploit CGI网关接口渗透测试实战

查看>>

Metasploit Web服务器渗透测试实战

查看>>

Moment.js常见用法总结

查看>>

MongoDB出现Error parsing command line: unrecognised option ‘--fork‘ 的解决方法

查看>>

MongoDB学习笔记(8)--索引及优化索引

查看>>