import com.alibaba.fastjson.JSONObject;
import com.google.common.util.concurrent.RateLimiter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
@WebFilter(urlPatterns = {"/api/*"})
public class RateLimiterFilter implements Filter {
static Map<String, RateLimiter> limiterMap = new ConcurrentHashMap<>();
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest httpServletRequest = (HttpServletRequest) request;
String uri = httpServletRequest.getRequestURI();
//IP + uri 限制
String ip = RealIpUtil.getIpAddr(httpServletRequest) + ":" + uri;
RateLimiter limiterIp = limiterMap.get(ip);
if (limiterIp == null) {
limiterIp = RateLimiter.create(10.0); // 每秒不超过10个
limiterMap.put(ip, limiterIp);
chain.doFilter(request, response);
} else {
if (limiterIp.tryAcquire()) {
chain.doFilter(request, response);
} else {
HttpServletResponse httpServletResponse = (HttpServletResponse) response;
String result = JSONObject.toJSONString(new ApiResponse(false, ResultCode.REQUEST_ERROR.getCode(), ResultCode.REQUEST_ERROR.getMsg()));
CommonUtil.output(httpServletResponse, result);//自定义返回数据
}
}
}
@Override
public void destroy() {
}
}
ip + uri频率限制
最新推荐文章于 2022-03-16 17:09:17 发布