原理
问题:后台接口重复提交是提交一次后又在给定的时间5s内相同接口,相同参数提交多次,这时需要限制,提示前端不允许重复提交
解决:拦截器中可以拦截controller方法中含有@RepeatSubmit 注解的方法,如果是表单提交可以通过request.getParameterMap() 获取,如果是json方式请求,需要从request中获取流,因为request中流只能读取一次,这时需要继承HttpServletRequestWrapper实现多次读取request中流。
通过 IP:类名:方法名:参数序列化的hahCode 保存redis中key, 第一次请求redis中没有这个key放行,第二次请求如果reids中有这个key,就是重复提交,key过期自动删除后,再次请求,也是正常请求
1. 自定义注解RepeatSubmit
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
@Documented
public @interface RepeatSubmit {
/**
* 间隔时间,默认5s,小于此时间视为重复提交
*/
public int interval() default 5;
/**
* 提示消息
*/
public String message() default "不允许重复提交,请稍后再试";
}
2. 拦截器
package com.yl.leaf.interceptor;
import com.yl.leaf.annotation.RepeatSubmit;
import com.yl.leaf.base.BizException;
import lombok.extern.slf4j.Slf4j;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.lang.reflect.Method;
/**
* 防止重复提交拦截器
*
* @author liuxubo
* @date 2022/10/9 22:57
*/
@Slf4j
public abstract class RepeatSubmitInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
if (handler instanceof HandlerMethod) {
HandlerMethod handlerMethod = (HandlerMethod) handler;
Method method = handlerMethod.getMethod();
RepeatSubmit repeatSubmit = method.getAnnotation(RepeatSubmit.class);
if (repeatSubmit != null) {
if (isRepeatSubmit(request, method, repeatSubmit)) {
//如果本次提交被认为是重复提交,则在此处做具体的逻辑处理
//如:弹出警告窗口等
log.info("{}, 重复请求", request.getRequestURI());
throw new BizException("2999", repeatSubmit.message());
}
}
}
return true;
}
/**
* 验证是否重复提交由子类实现具体的防重复提交的规则
*
* @param request 请求对象
* @param method 方法
* @param repeatSubmit 注解
* @return 结果
*/
public abstract boolean isRepeatSubmit(HttpServletRequest request, Method method, RepeatSubmit repeatSubmit) throws Exception;
}
package com.yl.leaf.interceptor;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import com.yl.leaf.annotation.RepeatSubmit;
import com.yl.leaf.base.BizException;
import com.yl.leaf.base.filter.BodyReaderRequestWrapper;
import com.yl.leaf.util.HttpHelper;
import com.yl.leaf.util.IPUtil;
import com.yl.leaf.util.MessageUtil;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.StringRedisTemplate;
import org.springframework.stereotype.Component;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import java.lang.reflect.Method;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
import java.util.concurrent.TimeUnit;
/**
* 判断请求url和数据是否和上一次相同
*
* @author liuxubo
* @date 2022/10/9 23:08
*/
@Slf4j
@Component
public class SameUrlDataInterceptor extends RepeatSubmitInterceptor {
@Autowired
private StringRedisTemplate redisTemplate;
/**
* 两次相同参数的请求,如果间隔时间大于该参数,系统不会认定为重复提交的数据
* @param request 请求对象
* @param method 方法
* @param repeatSubmit 注解
* @return
* @throws Exception
*/
@SuppressWarnings("unchecked")
@Override
public boolean isRepeatSubmit(HttpServletRequest request, Method method, RepeatSubmit repeatSubmit) throws Exception {
String jsonParam = "";
// json方式请求参数
if (request instanceof BodyReaderRequestWrapper) {
BodyReaderRequestWrapper bodyReaderRequestWrapper = (BodyReaderRequestWrapper) request;
jsonParam = HttpHelper.getBodyString(bodyReaderRequestWrapper);
}
// body参数为空,获取表单Parameter的数据
if (StringUtils.isEmpty(jsonParam)) {
jsonParam = JSONObject.toJSONString(request.getParameterMap());
}
//IP:类名:方法名:参数序列化的hahCode
String redisCacheKey = getRedisCacheKey(request, method, jsonParam);
log.info("拦截器方式,redisCacheKey,{}", redisCacheKey);
//查询redis里面是否有key的缓存
if (redisTemplate.hasKey(redisCacheKey)) {
return true;
}
//key 保存
redisTemplate.opsForValue().set(redisCacheKey, String.valueOf(System.currentTimeMillis()), repeatSubmit.interval(), TimeUnit.SECONDS);
//第一次提交
return false;
}
/**
* 组装key
*
* @param request
* @param method 方法对象
* @param jsonParam 参数的json字符串
* @return
*/
private String getRedisCacheKey(HttpServletRequest request, Method method, String jsonParam) {
StringBuilder sb = new StringBuilder();
sb.append(IPUtil.getIpAddr(request)).append(":")
.append(method.getDeclaringClass().getSimpleName()).append(":")
.append(method.getName()).append(":").append(jsonParam.hashCode());
return sb.toString();
}
}
3. Request包装类
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.Objects;
/**
* BodyReaderRequestFilter 过滤器 处理httpRequest包装类,实现request多次读取
*
* @author liuxb
* @date 2021/12/9 10:00
*/
public class BodyReaderRequestFilter implements Filter {
@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) res;
BodyReaderRequestWrapper requestWrapper = new BodyReaderRequestWrapper(request);
if (Objects.isNull(requestWrapper)) {
filterChain.doFilter(request, response);
} else {
filterChain.doFilter(requestWrapper, response);
}
}
@Override
public void destroy() {
}
}
package com.yl.leaf.base.filter;
import javax.servlet.ReadListener;
import javax.servlet.ServletInputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import java.io.*;
/**
* HttpServletRequest 包装类,实现多次从request中读取流
*
* @author liuxb
* @date 2021/12/4 18:37
*/
public class BodyReaderRequestWrapper extends HttpServletRequestWrapper {
private final String body;
/**
* 构造器
* @param request
* @throws IOException
*/
public BodyReaderRequestWrapper(HttpServletRequest request) throws IOException {
super(request);
StringBuilder sb = new StringBuilder();
InputStream ins = request.getInputStream();
try(BufferedReader isr = new BufferedReader(new InputStreamReader(ins))) {
char[] charBuffer = new char[128];
int readCount = 0;
while ((readCount = isr.read(charBuffer)) != -1) {
sb.append(charBuffer, 0, readCount);
}
} catch (IOException e) {
throw e;
}
body = sb.toString();
}
@Override
public BufferedReader getReader() throws IOException {
return new BufferedReader(new InputStreamReader(this.getInputStream()));
}
@Override
public ServletInputStream getInputStream() throws IOException {
final ByteArrayInputStream byteArrayIns = new ByteArrayInputStream(body.getBytes());
ServletInputStream servletIns = new ServletInputStream() {
@Override
public boolean isFinished() {
return false;
}
@Override
public boolean isReady() {
return false;
}
@Override
public void setReadListener(ReadListener readListener) {
}
@Override
public int read() throws IOException {
return byteArrayIns.read();
}
};
return servletIns;
}
}
4.读取Request中流的类
package com.yl.leaf.util;
import lombok.extern.slf4j.Slf4j;
import javax.servlet.ServletRequest;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.nio.charset.StandardCharsets;
/**
* 工具类,获取流中json格式参数
*
* @author liuxubo
* @date 2022/10/11 23:12
*/
@Slf4j
public class HttpHelper {
/**
* 获取请求Body
*
* @param request
* @return
*/
public static String getBodyString(ServletRequest request) {
StringBuilder sb = new StringBuilder();
try (InputStream inputStream = request.getInputStream();
BufferedReader reader = new BufferedReader(new InputStreamReader(inputStream, StandardCharsets.UTF_8));) {
String line = "";
while ((line = reader.readLine()) != null) {
sb.append(line);
}
} catch (IOException e) {
log.error("读取流中json数据异常", e);
}
return sb.toString();
}
}
5. 注册拦截器和过滤器
package com.yl.leaf.config;
import com.yl.leaf.base.filter.BodyReaderRequestFilter;
import com.yl.leaf.interceptor.SameUrlDataInterceptor;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.method.support.HandlerMethodArgumentResolver;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
import java.util.List;
/**
* webmvc配置
*
* @author liuxb
* @date 2021/11/13 17:19
*/
@Configuration
public class WebMvcConfig implements WebMvcConfigurer {
@Autowired
private SameUrlDataInterceptor sameUrlDataInterceptor;
/**
* 配置拦截器
*/
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(sameUrlDataInterceptor).addPathPatterns("/**");
}
@Bean
public FilterRegistrationBean filterRegist() {
FilterRegistrationBean frBean = new FilterRegistrationBean();
frBean.setFilter(new BodyReaderRequestFilter());
//多个过滤器时指定过滤器的执行顺序
frBean.setOrder(1);
frBean.addUrlPatterns("/*");
return frBean;
}
}
redis配置
spring:
redis:
database: 0
host: localhost
port: 6379
#Redis服务器连接密码(默认为空)
password: 123456
timeout: 5000
lettuce:
pool:
# 连接池最大连接数(使用负值表示没有限制) 默认为8
max-active: 8
# 连接池最大阻塞等待时间(使用负值表示没有限制) 默认为-1
max-wait: -1
# 连接池中的最大空闲连接 默认为8
max-idle: 8
# 连接池中的最小空闲连接 默认为 0
min-idle: 2
package com.yl.leaf.config;
import com.fasterxml.jackson.annotation.JsonAutoDetect;
import com.fasterxml.jackson.annotation.PropertyAccessor;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.jsontype.impl.LaissezFaireSubTypeValidator;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.data.redis.connection.RedisConnectionFactory;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.data.redis.core.StringRedisTemplate;
import org.springframework.data.redis.serializer.Jackson2JsonRedisSerializer;
import org.springframework.data.redis.serializer.StringRedisSerializer;
import java.net.UnknownHostException;
/**
* redis配置类
*
* @author liuxb
* @date 2022/7/17 15:56
*/
@Configuration
public class RedisConfig {
private final StringRedisSerializer srs = new StringRedisSerializer();
private final Jackson2JsonRedisSerializer<Object> jsonRedisSerializer = new Jackson2JsonRedisSerializer<>(Object.class);
/**
* 配置key,value的序列化方式
*/
@Bean
public RedisTemplate<String, Object> redisTemplate(RedisConnectionFactory redisConnectionFactory) {
ObjectMapper mapper = new ObjectMapper();
mapper.setVisibility(PropertyAccessor.ALL, JsonAutoDetect.Visibility.ANY);
//序列化输入的类型,存储到redis里的数据将是有类型的json数据
mapper.activateDefaultTyping(LaissezFaireSubTypeValidator.instance, ObjectMapper.DefaultTyping.NON_FINAL);
jsonRedisSerializer.setObjectMapper(mapper);
RedisTemplate<String, Object> template = new RedisTemplate<>();
template.setConnectionFactory(redisConnectionFactory);
template.setKeySerializer(srs);
template.setValueSerializer(jsonRedisSerializer);
//hash key value 序列化
template.setHashKeySerializer(srs);
template.setHashValueSerializer(jsonRedisSerializer);
template.afterPropertiesSet();
//设置redis事务一致
template.setEnableTransactionSupport(true);
return template;
}
@Bean
public StringRedisTemplate stringRedisTemplate(RedisConnectionFactory redisConnectionFactory) throws UnknownHostException {
StringRedisTemplate template = new StringRedisTemplate();
template.setConnectionFactory(redisConnectionFactory);
return template;
}
}
6. 测试
package com.yl.leaf.controller;
import com.wssnail.leaf.core.common.Result;
import com.wssnail.leaf.core.common.Status;
import com.wssnail.leaf.server.service.SegmentService;
import com.wssnail.leaf.server.service.SnowflakeService;
import com.yl.leaf.annotation.RepeatSubmit;
import com.yl.leaf.base.RetModel;
import com.yl.leaf.base.RetResult;
import com.yl.leaf.model.UserQuery;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
/**
* 测试美团Leaf算法生成ID
*
* @author liuxubo
* @date 2022/10/9 22:46
*/
@Slf4j
@RestController
@RequestMapping("/test")
public class TestController {
/**
* 测试生成id
*
* @return
*/
@RepeatSubmit
@PostMapping("/getId")
public RetResult getId(@RequestBody UserQuery userQuery) {
log.info(userQuery.toString());
return RetModel.ok().setData(new Date());
}
/**
* 生成
*
* @return
*/
@PostMapping("/getId2")
public RetResult getId2(@RequestBody UserQuery userQuery) {
log.info(userQuery.toString());
return RetModel.ok().setData(new Date());
}
}