问题与解决方法
问题:当前端进行与后端进行数据交互时,连续操作(例如连续点击了两次按钮)会导致接口多次调用,第一次操作调用后端接口,还未执行完成时第二次请求又来了,由于事务性,第二次请求无法读取到第一次请求更改的值,造成重复操作导致了数据问题。
解决方案:通过用户和接口参数,作为唯一标识,在接口返回前拦截相同唯一标识的请求,来防止接口重复调用。
技术方案:在SpringMVC的拦截器中,将用户的token、接口url、接口参数组合成字符串作为key,存储在缓存中(设置过期时间,自动过期),在接口执行完成后,需要将缓存清理掉。因为不是所有的接口都需要重复性校验,因此封装成注解来指定哪些接口需要幂等性。
实现方式
定义一个缓存静态类(可以使用Redis来代替),用于存储用户请求接口的唯一标识
需要给缓存设置一个过期时间,防止接口卡住,导致接口不能访问
/**
* @author xuchong
* @since 2023/11/22 17:51
*/
public class KeyTimer {
/**
* 用于存储key的值,和过期时间(单位秒)
*/
private final static ConcurrentHashMap<String, Integer> keyMap = new ConcurrentHashMap<>();
/**
* 用于定时清理缓存的线程池
*/
private final static ScheduledExecutorService executor = Executors.newSingleThreadScheduledExecutor();
/**
* 默认五秒
*/
private static final Integer defaultTime = 5;
/**
* 将key放入缓存map中,用于判断幂等性
* @param key 幂等性key
* @return 是否存在,如果存在key返回false;如果不存在key返回true
*/
public static boolean setKeyIfAbsent(String key) {
return setKeyIfAbsent(key, defaultTime);
}
/**
* 将key放入缓存map中,用于判断幂等性
* @param key 幂等性key
* @param seconds 指定过期时间 单位:秒
* @return 是否存在,如果存在key返回false;如果不存在key返回true
*/
public static boolean setKeyIfAbsent(String key, Integer seconds) {
//如果没有key,则添加
Integer newSeconds = keyMap.putIfAbsent(key, seconds);
if (Objects.nonNull(newSeconds)) {
return false;
}
//定时自动删除
executor.schedule(() -> keyMap.remove(key), seconds, TimeUnit.SECONDS);
return true;
}
/**
* 根据key获取value
* @param key 键
* @return 值
*/
public static Integer getValue(String key) {
return keyMap.get(key);
}
/**
* 删除键值
*
* @param key 键
*/
public static void remove(String key) {
keyMap.remove(key);
}
}
定义一个注解,用于在Controller上标识需要幂等性,并且可以指定过期的时间
/**
* 接口幂等性 注解
* @author xuchong
* @since 2023/11/22 18:55
*/
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
@Documented
public @interface Idempotence {
int seconds() default 5;
}
在过滤器中,将重写HttpServletRequest并且传递给chain.doFilter中,在后续的使用中,直接调用保存的流信息即可
public class HttpServletRequestReplacedFilter implements Filter {
@Override
public void destroy() {
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
ServletRequest requestWrapper = null;
String contentType = request.getContentType();
String method = "multipart/form-data";
if (contentType != null && contentType.contains(method)) {
chain.doFilter(request, response);
return;
}
if(request instanceof HttpServletRequest) {
requestWrapper = new BodyReaderHttpServletRequestWrapper((HttpServletRequest) request);
}
//获取请求中的流如何,将取出来的字符串,再次转换成流,然后把它放入到新request对象中。
// 在chain.doFiler方法中传递新的request对象
if(requestWrapper == null) {
chain.doFilter(request, response);
} else {
chain.doFilter(requestWrapper, response);
}
}
@Override
public void init(FilterConfig arg0) throws ServletException {
}
}
重写HandlerInterceptor自定义一个拦截器,preHandle中执行接口请求前的逻辑,这是组装key,加入缓存;postHandle中执行接口成功返回后的逻辑;afterCompletion中执行接口请求完成后的逻辑,该方法无论是否发生异常,最后都会执行,所以选择在这里清楚缓存。
/**
* @author xuchong
* @since 2023/11/24 9:48
*/
@Slf4j
public class IdempotenceInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
//是否需要拦截,返回接口禁止请求的时间
Integer seconds = preHash(handler);
if (Objects.isNull(seconds)) {
return true;
}
//将参数转化为key 用户token + 参数 + body
String key = hashRequest(request);
//加入缓存,防止重复请求
if (!KeyTimer.setKeyIfAbsent(key, seconds)) {
throw new RuntimeException("重复点击,请稍后");
}
return HandlerInterceptor.super.preHandle(request, response, handler);
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
HandlerInterceptor.super.postHandle(request, response, handler, modelAndView);
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
//是否需要拦截,返回接口禁止请求的时间
Integer seconds = preHash(handler);
if (Objects.isNull(seconds)) {
return;
}
//将参数转化为key 用户token + 参数 + body
String key = hashRequest(request);
//当前请求完成,删除缓存
KeyTimer.remove(key);
HandlerInterceptor.super.afterCompletion(request, response, handler, ex);
}
private Integer preHash(Object handler) {
//只拦截controller的请求流
if (!(handler instanceof HandlerMethod)) {
return null;
}
HandlerMethod handlerMethod = (HandlerMethod) handler;
Method method = handlerMethod.getMethod();
Idempotence idempotence = method.getAnnotation(Idempotence.class);
//不拦截不需要做限制的接口
if (Objects.isNull(idempotence)) {
return null;
}
//接口重复请求 需要间隔的秒数
return idempotence.seconds();
}
private String hashRequest(HttpServletRequest request) {
//用于记录唯一值
StringBuilder key = new StringBuilder();
//获取当前用户的token
String authorization = Optional.ofNullable(request.getHeader(HttpHeaders.AUTHORIZATION))
.orElse(StringUtils.EMPTY)
.trim();
key.append(authorization);
//获取url
key.append(request.getRequestURL());
//获取请求参数
Enumeration<String> parameterNames = request.getParameterNames();
while (parameterNames.hasMoreElements()) {
String paramName = parameterNames.nextElement();
// 获取对应的参数值
String paramValue = request.getParameter(paramName);
key.append(paramName).append(paramValue);
//log.info("参数名:" + paramName + ",参数值:" + paramValue);
}
// 获取请求体的值
if (request instanceof BodyReaderHttpServletRequestWrapper) {
BodyReaderHttpServletRequestWrapper requestWrapper = (BodyReaderHttpServletRequestWrapper) request;
String body = requestWrapper.getBody();
key.append(body);
//log.info("请求体的值:" + body);
}
int hash = HashUtil.apHash(key.toString());
//log.info("请求参数Hash:" + hash);
return String.valueOf(hash);
}
}
由于这里从HttpServletRequest中获取了Body,InputStream只能读取一次,这里从拦截器中读取了就会导致后续逻辑中无法获取请求体,会抛出一个异常;所以这里需要重写HttpServeltRequest,将流保存下来提供后面读取;
/**
* 用于读取HttpServletRequest中的Body
* @author xuchong
* @since 2023/12/26 13:44
*/
@Slf4j
public class BodyReaderHttpServletRequestWrapper extends HttpServletRequestWrapper {
private final String requestBody;
public BodyReaderHttpServletRequestWrapper(HttpServletRequest request) {
super(request);
StringBuilder stringBuilder = new StringBuilder();
BufferedReader bufferedReader = null;
InputStream inputStream = null;
try {
inputStream = request.getInputStream();
if (inputStream != null) {
bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
char[] charBuffer = new char[1024];
int bytesRead;
while ((bytesRead = bufferedReader.read(charBuffer)) > 0) {
stringBuilder.append(charBuffer, 0, bytesRead);
}
}
} catch (IOException ex) {
log.error("HttpServletRequest流复制 异常" ,ex);
} finally {
if (inputStream != null) {
try {
inputStream.close();
}
catch (IOException e) {
log.error("HttpServletRequest流复制 关闭异常" ,e);
}
}
if (bufferedReader != null) {
try {
bufferedReader.close();
}
catch (IOException e) {
log.error("HttpServletRequest流复制 bufferedReader关闭异常" ,e);
}
}
}
requestBody = stringBuilder.toString();
}
@Override
public ServletInputStream getInputStream() {
ByteArrayInputStream stream = new ByteArrayInputStream(requestBody.getBytes());
return new ServletInputStream() {
@Override
public boolean isFinished() {
return false;
}
@Override
public boolean isReady() {
return false;
}
@Override
public void setReadListener(ReadListener readListener) {
}
@Override
public int read() {
return stream.read();
}
};
}
@Override
public BufferedReader getReader() {
return new BufferedReader(new InputStreamReader(getInputStream()));
}
public String getBody() {
return this.requestBody;
}
}
如何使用重写后的BodyReaderHttpServletRequestWrapper呢,这里比较好的方法就是在Filter的doFilter方法中,重写HttpServeltRequest,并将重写后的对象延用起来。
public class HttpServletRequestReplacedFilter implements Filter {
@Override
public void destroy() {
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
ServletRequest requestWrapper = null;
String contentType = request.getContentType();
String method = "multipart/form-data";
if (contentType != null && contentType.contains(method)) {
chain.doFilter(request, response);
return;
}
if(request instanceof HttpServletRequest) {
requestWrapper = new BodyReaderHttpServletRequestWrapper((HttpServletRequest) request);
}
//获取请求中的流如何,将取出来的字符串,再次转换成流,然后把它放入到新request对象中。
// 在chain.doFiler方法中传递新的request对象
if(requestWrapper == null) {
chain.doFilter(request, response);
} else {
chain.doFilter(requestWrapper, response);
}
}
@Override
public void init(FilterConfig arg0) throws ServletException {
}
}
用自定义的BodyReaderHttpServletRequestWrapper时,这里有一个坑,我们调用上传文件的接口,发现报错,这里需要将上传文件的请求过滤掉;
将过滤器加入到配置中
@Configuration
public class WebMvcConfigurer implements WebMvcConfigurer {
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(idempotenceInterceptor())
.addPathPatterns("/api/**").order(100); //order值越大,优先级越低
}
@Bean
public IdempotenceInterceptor idempotenceInterceptor() {
return new IdempotenceInterceptor();
}
/**
* 将HttpServletRequest重写应用的filter注册到spring中
*/
@Bean
public FilterRegistrationBean httpServletRequestReplacedRegistration() {
FilterRegistrationBean registration = new FilterRegistrationBean();
registration.setFilter(new HttpServletRequestReplacedFilter());
registration.addUrlPatterns("/api/*");
registration.addInitParameter("paramName", "paramValue");
registration.setName("httpServletRequestReplacedFilter");
return registration;
}
}
使用
在测试类中编写测试用例,使用接口压测方式,看看能成功运行几次
@Slf4j
@RestController
@RequestMapping("/api")
public class TestController {
@Idempotence(seconds = 5)
@RequestMapping(value = "/test")
String Test(@RequestBody Map<String, String> body, Integer size, Integer current) {
log.info("请求成功 body={} size={} current={}", JSONObject.toJSONString(body), size, current);
return "请求成功";
}
}
结尾
重写HttpServletRequest后,调用部分接口会出现JSON转换的错误
JSON parse error: Invalid UTF-8 middle byte 0x3f;
目前解决方法是启动jar包时,执行utf-8
java -jar -Dfile.encodeing=UTF-8 xxx.jar
各位大佬有没有其他更好的解决方案,欢迎留言……_