1.定义注解Prevent
package com.yicall.aop;
import java.lang.annotation.*;
/**
* 接口防刷注解
* 使用:
* 在相应需要防刷的方法上加上
* 该注解,即可
*
*/
@Documented
@Target({ElementType.METHOD})
@Retention(RetentionPolicy.RUNTIME)
public @interface Prevent {
/**
* 限制的时间值(秒)
*
* @return
*/
String value() default "60";
/**
* 提示
*/
String message() default "";
/**
* 策略
*
* @return
*/
PreventStrategy strategy() default PreventStrategy.DEFAULT;
}
2.实现防刷切面PreventAop
package com.yicall.aop;
import com.alibaba.fastjson.JSON;
import com.zetting.common.BusinessException;
import com.zetting.util.RedisUtil;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.aspectj.lang.annotation.Pointcut;
import org.aspectj.lang.reflect.MethodSignature;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;
import java.lang.reflect.Method;
import java.util.Base64;
/**
* 防刷切面实现类
*
*/
@Aspect
@Component
public class PreventAop {
private static Logger log = LoggerFactory.getLogger(PreventAop.class);
@Autowired
private RedisUtil redisUtil;
/**
* 切入点
*/
@Pointcut("@annotation(com.zetting.aop.Prevent)")
public void pointcut() {
}
/**
* 处理前
*
* @return
*/
@Before("pointcut()")
public void joinPoint(JoinPoint joinPoint) throws Exception {
String requestStr = JSON.toJSONString(joinPoint.getArgs()[0]);
if (StringUtils.isEmpty(requestStr) || requestStr.equalsIgnoreCase("{}")) {
throw new BusinessException("[防刷]入参不允许为空");
}
MethodSignature methodSignature = (MethodSignature) joinPoint.getSignature();
Method method = joinPoint.getTarget().getClass().getMethod(methodSignature.getName(),
methodSignature.getParameterTypes());
Prevent preventAnnotation = method.getAnnotation(Prevent.class);
String methodFullName = method.getDeclaringClass().getName() + method.getName();
entrance(preventAnnotation, requestStr,methodFullName);
return;
}
/**
* 入口
*
* @param prevent
* @param requestStr
*/
private void entrance(Prevent prevent, String requestStr,String methodFullName) throws Exception {
PreventStrategy strategy = prevent.strategy();
switch (strategy) {
case DEFAULT:
defaultHandle(requestStr, prevent,methodFullName);
break;
default:
throw new BusinessException("无效的策略");
}
}
/**
* 默认处理方式
*
* @param requestStr
* @param prevent
*/
private void defaultHandle(String requestStr, Prevent prevent,String methodFullName) throws Exception {
String base64Str = toBase64String(requestStr);
long expire = Long.parseLong(prevent.value());
String resp = redisUtil.get(methodFullName+base64Str);
if (StringUtils.isEmpty(resp)) {
redisUtil.set(methodFullName+base64Str, requestStr, expire);
} else {
String message = !StringUtils.isEmpty(prevent.message()) ? prevent.message() :
expire + "秒内不允许重复请求";
throw new BusinessException(message);
}
}
/**
* 对象转换为base64字符串
*
* @param obj 对象值
* @return base64字符串
*/
private String toBase64String(String obj) throws Exception {
if (StringUtils.isEmpty(obj)) {
return null;
}
Base64.Encoder encoder = Base64.getEncoder();
byte[] bytes = obj.getBytes("UTF-8");
return encoder.encodeToString(bytes);
}
}
3.使用切面
1.在controller方法上使用@P renPrevent注解
package com.yicall.controller;
import com.yicall.aop.Prevent;
import com.yicall.dto.Result;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RestController;
/**
* 切面实现入参校验
*/
@RestController
public class MyController {
/**
* 测试防刷
*
* @param request
* @return
*/
@ResponseBody
@GetMapping(value = "/testPrevent")
@Prevent
public Result testPrevent(HttpRequest request) {
return Result.ok("调用成功");
}
}