public class ClientAccessTimeControlInterceptor extends HandlerInterceptorAdapter {
private Logger logger = LoggerFactory.getLogger(ClientAccessTimeControlInterceptor.class);
@Autowired
private RedisHelper redisHelper;
@Autowired
private MessageGenerator messageGenerator;
@Autowired
private LoginService loginService;
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
throws Exception {
logger.info("Start to intercept http request." + request.getAttribute("accessToken"));
if (request.getAttribute("accessToken") != null) {
String accessToken = request.getAttribute("accessToken").toString();
if (!loginService.checkLogin(accessToken)) {
flush(response, messageGenerator.create(MessageCode.COMMON_ACCESS_TOKEN_REQUIRED, null));
return false;
}
String redisKey =
RedisKeysProvider.REQUEST_TIMES_LIMIT_BY_IP + ":" + NetworkUtils.getRemoteIP(request);
if (!redisHelper.hasKey(redisKey)) {
redisHelper.setObject(accessToken, 1, Const.ACCESS_TIMEOUT, TimeUnit.MINUTES);
} else {
int count = Integer
.valueOf(
redisHelper.getString(RedisKeysProvider.REQUEST_TIMES_LIMIT_BY_IP + accessToken));
count = count + 1;
if (count > Const.MAX_REQUEST_TIME) {
flush(response, messageGenerator.create(MessageCode.COMMON_REQUEST_TOO_MUNCH, null));
return false;
}
}
} else {
flush(response, messageGenerator.create(MessageCode.COMMON_ACCESS_TOKEN_REQUIRED, null));
return false;
}
return true;
拦截器限制用户访问次数和验证用户登录代码
最新推荐文章于 2023-11-02 11:08:44 发布