使用服务器缓存,来实现简单的防刷功能
package com.requestIntercept;
import java.util.HashMap;
import java.util.Map;
public class RequestInterceptTest {
/** 缓存,使用redis带时效功能的缓存 */
public Map<String, Integer> cacheMap = new HashMap<String, Integer>();
/** 24小时内最多请求次数 */
public static final int MAX_COUNTS_PER_24HOUR = 10;
/*
* 首页客户端请求
*/
public String indexRequest(HttpServletRequest request, String requestStr) {
/** 在请求首页时放置一个session,用于在ajax请求验证合法性,简单防止直接url攻击 */
HttpSession session = request.getSession();
session.setAttribute("sessionKey", "sessionKey");
/** 返回首页 */
return "index.htm";
}
/*
* js请求
*/
public String takeRequest(HttpServletRequest request, String requestStr, String uuid) {
/** 简单验证session合法,来过滤请求 */
String sessionCode = (String) request.getSession().getAttribute("sessionKey");
if(sessionCode.equals("") || sessionCode == null) {
return "session illegal...";
}else {
//正常作业
String result = this.doTheBusiness(uuid);
return result;
}
}
private String doTheBusiness(String uuid) {
/** 24小时间隔,防刷请求,24小时内最多请求 MAX_COUNTS_PER_24HOUR 次 */
String interval24Hour = "interval24Hour" + uuid;
/** 60秒间隔,防刷请求,60秒内只能请求一次 */
String interval60Second = "interval60Second" + uuid;
//如果存在24小时缓存标记
if(cacheMap.get(interval24Hour) != null) {
//如果24小时内请求已达到最大次数
if(cacheMap.get(interval24Hour) >= MAX_COUNTS_PER_24HOUR) {
return "24小时内请求达到最大次数";
}
}
//如果存在60秒缓存缓存标记
if(cacheMap.get(interval60Second) != null) {
//如果如果存在缓存,则无法请求
return "60秒内不能重复请求";
}
//如果不存在24小时缓存标记
if(cacheMap.get(interval24Hour) == null) {
//第一次请求后,24小时请求标记次数设置为1
cacheMap.put(interval24Hour, 1);
//将缓存持久化24小时
this.persist(interval24Hour, 24*60*60);
//请求后,添加60秒请求标记1
cacheMap.put(interval60Second, 1);
//将缓存持久化60秒
this.persist(interval60Second, 60);
}
//如果不存在60秒缓存标记
if(cacheMap.get(interval60Second) == null) {
//将24小时标记加1
Integer countsFor24Hour = cacheMap.get(interval24Hour);
if(countsFor24Hour != null) {
countsFor24Hour++;
cacheMap.put(interval24Hour, countsFor24Hour);
}
//添加60秒缓存标记
cacheMap.put(interval60Second, 1);
//将缓存持久化60秒
this.persist(interval60Second, 60);
}
return "正常执行作业";
}
/*
* 将缓存持久化n秒
*/
private void persist(String key, int n) {
}
/** ########################外部类定义###################################*/
public class HttpServletRequest{
HttpSession httpSession;
public HttpSession getSession() {
return httpSession;
}
public void setSession(HttpSession httpSession) {
this.httpSession = httpSession;
}
}
public class HttpSession{
public Map<String, String> session = new HashMap<String, String>();
public void setAttribute(String string, String string2) {
session.put(string, string2);
}
public String getAttribute(String string) {
return session.get(string);
}
}
public class PersistTime{
private Long startTime;
private Long persistTime;
public Long getStartTime() {
return startTime;
}
public void setStartTime(Long startTime) {
this.startTime = startTime;
}
public Long getPersistTime() {
return persistTime;
}
public void setPersistTime(Long persistTime) {
this.persistTime = persistTime;
}
}
}