springboot 过滤链设置(接口调用限制)

        

package com.ssj.management.filter;

import com.ssj.management.util.common.Commons;
import com.ssj.management.util.common.StringUtil;
import com.ssj.management.util.redis.SpringRedisUtil;

import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashSet;
import java.util.Set;

/**
 * 限流自定义过滤器
 */
public class ImposeFilter implements Filter {

    // 调用次数
    public final int callCount = 20;

    // 时间段(s)
    public final int time = 3;

    // 路径集合
    private static final String[] url = {"userTypeInfo/selectAll", "userInfo/selectAll", "accountInfo/selectAccountInfoByNotIsDelete",
            "companyInfo/selectCompanyInfoSelective", "memberSetInfo/selectMemberSetInfoSelective", "memberSetInfo/selectMemberSetInfoSelective",
            "memberSetInfo/selectMemberSetInfoSelective", "userLogin/login", "/swagger-ui.html", "/webjars/**", "/v2/**", "/swagger-resources/**", "/websocket/**"};

    // set
    private static final Set<String> ALLOWED_PATHS = Collections.unmodifiableSet(new HashSet<>(Arrays.asList(url)));

    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
    }

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) {
        try {
            // 请求
            HttpServletRequest request = (HttpServletRequest) servletRequest;
            HttpServletResponse response = (HttpServletResponse) servletResponse;

            // 请求路径
            String path = request.getRequestURI().substring(request.getContextPath().length()).replaceAll("[/]+$", "");

            if (!ALLOWED_PATHS.contains(path)) {
                // 获取token
                String token = request.getHeader("token");
                if (StringUtil.isNotBlank(token)) {
                    // 验证是否存在
                    String isToken = SpringRedisUtil.getKeyValue(token);
                    // 调用次数
                    int call = 0;
                    if (StringUtil.isNotBlank(isToken)) {
                        call = Integer.valueOf(isToken);
                        call = call + 1;
                    }
                    // 校验接口调用次数
                    if (callCount < call) {
                        Commons.respondJson(request, response, 402, "interface", "刷新过快!", 0);
                    }
                    SpringRedisUtil.setKeyValue(token, String.valueOf(call), time);
                }
                filterChain.doFilter(servletRequest, servletResponse);
            }

        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    @Override
    public void destroy() {

    }
}
package com.ssj.management.filter.conf;

import com.ssj.management.filter.HTTPBasicAuthorizeHandler;
import com.ssj.management.filter.ImposeFilter;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;

/**
 * 全局filter 过滤链 配置
 */
@Configuration
public class FilterConfig {

    @Bean
    public FilterRegistrationBean httpBasicAuthorizeHandlerBean() {
        FilterRegistrationBean bean = new FilterRegistrationBean();
        bean.setFilter(new HTTPBasicAuthorizeHandler());
        bean.addUrlPatterns("/*");
        bean.setName("HTTPBasicAuthorizeHandler");
        bean.setOrder(Integer.MAX_VALUE);
        return bean;
    }

    @Bean
    public FilterRegistrationBean imposeFilter() {
        FilterRegistrationBean bean = new FilterRegistrationBean();
        bean.setFilter(new ImposeFilter());
        bean.addUrlPatterns("/*");
        bean.setName("ImposeFilter");
        bean.setOrder(Integer.MAX_VALUE - 1);
        return bean;
    }


}
package com.ssj.management.filter;


import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import com.ssj.management.listener.MySessionContext;
import com.ssj.management.util.common.Commons;
import org.springframework.stereotype.Component;

import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.text.SimpleDateFormat;
import java.util.*;
import java.util.logging.Logger;

// @WebFilter(filterName = "basicFilter", urlPatterns = "/management/*")
// @Component
public class HTTPBasicAuthorizeHandler implements Filter {
    //"/userInfo/addUserAccount"
    private static final String[] url = {"/userLogin/login", "/verify/verifyCode", "/shareInfo/**", "/swagger-ui.html", "/webjars/**", "/v2/**",
            "/swagger-resources/**", "/websocket/**", "/alipay/**", "/wxpay/**", "/wxLogin/**", "/wxUserInfo/**"};
    private static final Set<String> ALLOWED_PATHS = Collections.unmodifiableSet(new HashSet<>(Arrays.asList(url)));


    public static Log log = LogFactory.getLog(HTTPBasicAuthorizeHandler.class);

    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
    }

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) {
        try {
            HttpServletRequest request = (HttpServletRequest) servletRequest;
            HttpServletResponse response = (HttpServletResponse) servletResponse;
            String path = request.getRequestURI().substring(request.getContextPath().length()).replaceAll("[/]+$", "");
            log.info(path);
            SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
            System.out.println(path + ":" + simpleDateFormat.format(new Date()));
            Boolean allowedPath = false;
            for (String allow : ALLOWED_PATHS) {
                if (path.equals(allow)) {
                    allowedPath = true;
                    break;
                } else if (allow.indexOf("**") != -1) {
                    String left = allow.substring(0, allow.indexOf("**") - 1);
                    String right = allow.substring(allow.lastIndexOf("**") + 2);
                    if (path.indexOf(left) != -1 && path.indexOf(right) != -1) {
                        allowedPath = true;
                        break;
                    }
                }
            }

            if (allowedPath) {
                filterChain.doFilter(servletRequest, servletResponse);
            } else {
                String token = request.getHeader("token");
                // token认证
                int auth = MySessionContext.auth(token);
                switch (auth) {
                    case MySessionContext.STATU_LOGIN:
                        filterChain.doFilter(servletRequest, servletResponse);
                        break;
                    case MySessionContext.STATU_NOT_LOGIN:
                        Commons.respondJson(request, response, 402, "login", "未登录,无权访问!", 0);
                        break;
                    case MySessionContext.STATU_KICK_OUT:
                        Commons.respondJson(request, response, 402, "login", "用户已在其他地方登录!", 0);
                        break;
                    default:
                        Commons.respondJson(request, response, 402, "login", "认证失败,请重新登录!", 0);
                }
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    @Override
    public void destroy() {

    }
}

  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值