注解:
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
@Documented
public @interface DuplicateSubmitToken {
boolean bindToken() default true;
boolean unbindToken() default true;
}
拦截器:
package com.auspiciousclouds.support.spring.mvc.interceptor;
import java.lang.reflect.Method;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.BeansException;
import org.springframework.context.ApplicationContext;
import org.springframework.context.ApplicationContextAware;
import org.springframework.web.bind.annotation.support.HandlerMethodResolver;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
import com.auspiciousclouds.config.Configuration;
import com.auspiciousclouds.kit.UUIDKit;
import com.auspiciousclouds.model.domain.UserDomain;
import com.auspiciousclouds.support.spring.mvc.annotation.DuplicateSubmitToken;
public class DuplicateSubmitTokenInterceptor extends HandlerInterceptorAdapter implements ApplicationContextAware{
private ApplicationContext applicationContext ;
@Override
public boolean preHandle(HttpServletRequest request,
HttpServletResponse response, Object handler) throws Exception {
UserDomain sessionUser = UserDomain.get( request);
if (sessionUser != null) {
Method method = org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter.class.getDeclaredMethod("getMethodResolver", Object.class);
method.setAccessible(true);
HandlerMethodResolver resolver = (HandlerMethodResolver)method.invoke(applicationContext.getBean("annotationMethodHandlerAdapter"), handler);
Method resolveHandlerMethod = resolver.getClass().getMethod("resolveHandlerMethod", HttpServletRequest.class);
resolveHandlerMethod.setAccessible(true);
Method executorMethod = (Method)resolveHandlerMethod.invoke(resolver, request);
DuplicateSubmitToken annotation = executorMethod.getAnnotation(DuplicateSubmitToken.class);
if (annotation != null) {
boolean bindSession = annotation.bindToken();
if (bindSession) {
request.getSession(false).setAttribute(Configuration.SystemConstant.DUPLICATETOKEN, UUIDKit.getUUID());
}
boolean unbindSession = annotation.unbindToken();
if (unbindSession) {
if (isDuplicateSubmitToken(request)) {
System.out.println("--------------------------------------------------------------------------DuplicateSubmitTokenInterceptor-----------------------------------------------------------------------------");
return false;
}
request.getSession(false).removeAttribute(Configuration.SystemConstant.DUPLICATETOKEN);
}
}
}
return true;
}
/**
*
* isDuplicateSubmitToken 判断是否是重复提交
*
* @param request
* @return
* boolean
* @exception
* @since 1.0.0
*/
private boolean isDuplicateSubmitToken(HttpServletRequest request) {
String serverToken = (String) request.getSession(false).getAttribute(Configuration.SystemConstant.DUPLICATETOKEN);
if (serverToken == null) {
return true;
}
String clinetToken = request.getParameter(Configuration.SystemConstant.DUPLICATETOKEN);
if (clinetToken == null) {
return true;
}
if (!serverToken.equals(clinetToken)) {
return true;
}
return false;
}
@Override
public void postHandle(HttpServletRequest request,
HttpServletResponse response, Object handler,
ModelAndView modelAndView) throws Exception {
super.postHandle(request, response, handler, modelAndView);
}
@Override
public void afterCompletion(HttpServletRequest request,
HttpServletResponse response, Object handler, Exception ex)
throws Exception {
super.afterCompletion(request, response, handler, ex);
}
@Override
public void setApplicationContext(ApplicationContext applicationContext)
throws BeansException {
this.applicationContext = applicationContext;
}
}
使用 :
@RequestMapping("/home")
@DuplicateSubmitToken
public String home(ModelMap model){}
spring自定义注解,防止页面重复提交
最新推荐文章于 2024-06-24 18:08:21 发布