Springboot项目的接口防刷

发表于 | 分类于

创建一个注解,通过注解控制接口请求次数

1
2
3
4
5
6
7
@Retention(RetentionPolicy.RUNTIME)
@Target(ElementType.METHOD)
public @interface AccessControl {
    // 在 second 秒内,最大只能请求 maxCount 次
    int seconds();
    int maxCount();
}

拦截器处理注解信息

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
@Component
public class AccessControlInterceptor extends HandlerInterceptorAdapter {

    @Autowired
    private RedisTemplate redisTemplate;

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        //判断请求是否属于方法的请求
        if(handler instanceof HandlerMethod){
            HandlerMethod hm = (HandlerMethod) handler;
            //获取方法中的注解,看是否有该注解
            AccessControl accessControl = hm.getMethodAnnotation(AccessControl.class);
            if(accessControl == null){
                return true;
            }
            int seconds = accessControl.seconds();
            int maxCount = accessControl.maxCount();
            String key = request.getRequestURI()+request.getSession().getId();
            // 从缓存中获取,当前这个请求访问了几次
            Integer redisCount = (Integer) redisTemplate.opsForValue().get(key);
            if(redisCount == null){
                redisTemplate.opsForValue().set(key,1,seconds, TimeUnit.SECONDS);
            }else{
                if(redisCount.intValue() >= maxCount){
                    render(response,"次数超过");
                    return false;
                }
                redisTemplate.opsForValue().increment(key);
            }
            return true;
        }

        return super.preHandle(request, response, handler);

    }
    private void render(HttpServletResponse response, String msg)throws Exception {
        response.setContentType("application/json;charset=UTF-8");
        OutputStream out = response.getOutputStream();
        out.write(msg.getBytes("UTF-8"));
        out.flush();
        out.close();
    }
}

注册拦截器

1
2
3
4
5
6
7
8
9
10
11
@Configuration
public class WebConfig implements WebMvcConfigurer {

    @Autowired
    private AccessControlInterceptor interceptor;

    @Override
    public void addInterceptors(InterceptorRegistry registry) {
        registry.addInterceptor(interceptor);
    }
}

使用

1
2
3
4
@AccessControl(seconds = 60,maxCount = 1)
@RequestMapping("register")
public ModelAndView register(User user) throws Exception{
    //.......
分享到: 收藏夹 复制网址 邮件 微信 QQ空间 腾讯微博 豆瓣 一键分享 更多