防重复接口请求
package com.qz.springcloud.school.brain.core.repeat; import java.util.ArrayList; import java.util.Arrays; import java.util.Collections; import java.util.HashMap; import java.util.List; import java.util.Map; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import org.aspectj.lang.JoinPoint; import org.aspectj.lang.annotation.AfterReturning; import org.aspectj.lang.annotation.AfterThrowing; import org.aspectj.lang.annotation.Aspect; import org.aspectj.lang.annotation.Before; import org.aspectj.lang.annotation.Pointcut; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.core.annotation.Order; import org.springframework.data.redis.core.RedisCallback; import org.springframework.data.redis.core.StringRedisTemplate; import org.springframework.stereotype.Component; import org.springframework.web.context.request.RequestContextHolder; import org.springframework.web.context.request.ServletRequestAttributes; import com.alibaba.fastjson.JSON; import com.alibaba.fastjson.JSONObject; import redis.clients.jedis.Jedis; import redis.clients.jedis.JedisCluster; /** * @description 防止表单重复提交拦截器 */ @Component @Order(1) @Aspect public class DuplicateSubmitAspect { private Logger log = LoggerFactory.getLogger(DuplicateSubmitAspect.class); private final StringRedisTemplate redisTemplate; public static final String DUPLICATE_TOKEN_KEY = "duplicate-token-key"; public static final String REDIS_LOCK_KEY_TEMPLATE = "qz:server:duplicate-token-key:lock_%s"; public DuplicateSubmitAspect(StringRedisTemplate redisTemplate) { this.redisTemplate = redisTemplate; } /** * com.qz.springcloud.school.brain.controller */ @Pointcut("execution(public * com.qz.springcloud.school.brain.controller..*(..))") public void webLog() { } @Before("webLog() && @annotation(token)") public void before(final JoinPoint joinPoint, DuplicateSubmitToken token) { // 需要集成redis后实现 /*if (token != null) { ServletRequestAttributes attributes = (ServletRequestAttributes)RequestContextHolder.getRequestAttributes(); HttpServletRequest request = attributes.getRequest(); boolean isSaveSession = token.save(); if (isSaveSession) { String key = getDuplicateTokenKey(joinPoint, request); final Long locked = redisTemplate.execute((RedisCallback<Long>)connection -> { Object nativeConnection = connection.getNativeConnection(); // 集群模式和单机模式虽然执行脚本的方法一样,但是没有共同的接口,所以只能分开执行 // 集群模式 if (nativeConnection instanceof JedisCluster) { return (Long)((JedisCluster)nativeConnection).eval(getRedisLockScript(), Collections.singletonList(String.format(REDIS_LOCK_KEY_TEMPLATE, key)), Arrays.asList(key, String.valueOf(token.time() / 1000))); } // 单机模式 else if (nativeConnection instanceof Jedis) { return (Long)((Jedis)nativeConnection).eval(getRedisLockScript(), Collections.singletonList(String.format(REDIS_LOCK_KEY_TEMPLATE, key)), Arrays.asList(key, String.valueOf(token.time() / 1000))); } return 0L; }); if (locked == 0) { log.info("请求过于频繁"); log.info("客户地址:{} 请求地址:{} 请求方式 {}", request.getRemoteHost(), request.getRequestURL().toString(), request.getMethod()); log.info("params:{} ", request.getParameterMap().toString()); throw new DuplicateSubmitException("请求过于频繁"); } } }*/ } /** * 获取重复提交key * * @param joinPoint * @return */ public String getDuplicateTokenKey(JoinPoint joinPoint, HttpServletRequest request) { String url = request.getRemoteAddr() + request.getServletPath(); String params = ""; // 表单中获取参数 Map<String, String[]> parameterMap = request.getParameterMap(); if (!parameterMap.isEmpty()) { params = JSON.toJSONString(parameterMap); } // 获取用户信息token String userToken = request.getHeader("X-Access-Token"); // 获取body参数 String args = toString(parseArgs(joinPoint.getArgs())); params += args; String md5Key = MD5.toMD5(userToken + url + params); return md5Key; } private String toString(Object obj) { return obj == null ? "null" : JSONObject.toJSONString(obj); } private List<Object> parseArgs(Object[] args) { List<Object> lists = new ArrayList<>(); for (Object obj : args) { if (obj instanceof ServletRequest || obj instanceof ServletResponse) { continue; } lists.add(obj); } if (lists.size() == 0) { HttpServletRequest request = ((ServletRequestAttributes)RequestContextHolder.getRequestAttributes()) .getRequest(); lists.add(request.getParameterMap()); } return lists; } @AfterReturning("webLog() && @annotation(token)") public void doAfterReturning(JoinPoint joinPoint, DuplicateSubmitToken token) { // 处理完请求,返回内容 log.info("出方法:"); } /** * 异常 * * @param joinPoint * @param e * @param token */ @AfterThrowing(pointcut = "webLog()&& @annotation(token)", throwing = "e") public void doAfterThrowing(JoinPoint joinPoint, Throwable e, DuplicateSubmitToken token) { } private String getRedisLockScript() { return "if redis.call('setnx',KEYS[1],ARGV[1]) == 1 then " + " redis.call('expire',KEYS[1],ARGV[2]) return 1 else return 0 end"; } } package com.qz.springcloud.school.brain.core.repeat; /** * 重复提交异常 */ public class DuplicateSubmitException extends RuntimeException { public DuplicateSubmitException(String msg) { super(msg); } public DuplicateSubmitException(String msg, Throwable cause){ super(msg,cause); } } package com.qz.springcloud.school.brain.core.repeat; import java.lang.annotation.Documented; import java.lang.annotation.ElementType; import java.lang.annotation.Retention; import java.lang.annotation.RetentionPolicy; import java.lang.annotation.Target; /** * @description 防止表单重复提交注解 */ @Retention(RetentionPolicy.RUNTIME) @Target(ElementType.METHOD) @Documented public @interface DuplicateSubmitToken { /** * 一次请求完成之前防止重复提交 */ public static final int REQUEST=1; /** * 一次会话中防止重复提交 */ public static final int SESSION=2; /** * 重复请求标识缓存时间 */ public static long TIMETOLIVE=5000; /** * 保存重复提交标记 默认为需要保存 * @return */ boolean save() default true; /** * 防止重复提交类型,默认:一次请求完成之前防止重复提交 * @return */ int type() default REQUEST; /** * 获取重复请求标识缓存时间,单位:毫秒 * @return */ long time() default TIMETOLIVE; } package com.qz.springcloud.school.brain.core.repeat; /** * MD5加密类 * * @author Administrator */ public class MD5 { /* 下面这些S11-S44实际上是一个4*4的矩阵,在原始的C实现中是用#define 实现的, 这里把它们实现成为static final是表示了只读,切能在同一个进程空间内的多个 Instance间共享*/ static final int S11 = 7; static final int S12 = 12; static final int S13 = 17; static final int S14 = 22; static final int S21 = 5; static final int S22 = 9; static final int S23 = 14; static final int S24 = 20; static final int S31 = 4; static final int S32 = 11; static final int S33 = 16; static final int S34 = 23; static final int S41 = 6; static final int S42 = 10; static final int S43 = 15; static final int S44 = 21; static final byte[] PADDING = { -128, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }; /* 下面的三个成员是MD5计算过程中用到的3个核心数据,在原始的C实现中 被定义到MD5_CTX结构中 */ private long[] state = new long[4]; // state (ABCD) private long[] count = new long[2]; // number of bits, modulo 2^64 (lsb first) private byte[] buffer = new byte[64]; // input buffer /* digestHexStr是MD5的唯一一个公共成员,是最新一次计算结果的 16进制ASCII表示. */ private String digestHexStr; /* digest,是最新一次计算结果的2进制内部表示,表示128bit的MD5值. */ private byte[] digest = new byte[16]; /* 类MD5最主要的公共方法,入口参数是你想要进行MD5变换的字符串 返回的是变换完的结果,这个结果是从公共成员digestHexStr取得的. */ public String md5(String inbuf) { md5Init(); md5Update(inbuf.getBytes(), inbuf.length()); md5Final(); digestHexStr = ""; for (int i = 0; i < 16; i++) { digestHexStr += byteHEX(digest[i]); } //return digestHexStr.substring(8,24); //16位md5 return digestHexStr; //32位md5 } public MD5() { md5Init(); return; } /* md5Init是一个初始化函数,初始化核心变量,装入标准的幻数 */ private void md5Init() { count[0] = 0L; count[1] = 0L; state[0] = 0x67452301L; state[1] = 0xefcdab89L; state[2] = 0x98badcfeL; state[3] = 0x10325476L; return; } /* F, G, H ,I 是4个基本的MD5函数, */ private long F(long x, long y, long z) { return (x & y) | ((~x) & z); } private long G(long x, long y, long z) { return (x & z) | (y & (~z)); } private long H(long x, long y, long z) { return x ^ y ^ z; } private long I(long x, long y, long z) { return y ^ (x | (~z)); } /* FF,GG,HH和II将调用F,G,H,I进行近一步变换 FF, GG, HH, and II transformations for rounds 1, 2, 3, and 4. Rotation is separate from addition to prevent recomputation. */ private long FF(long a, long b, long c, long d, long x, long s, long ac) { a += F (b, c, d) + x + ac; a = ((int) a << s) | ((int) a >>> (32 - s)); a += b; return a; } private long GG(long a, long b, long c, long d, long x, long s, long ac) { a += G (b, c, d) + x + ac; a = ((int) a << s) | ((int) a >>> (32 - s)); a += b; return a; } private long HH(long a, long b, long c, long d, long x, long s, long ac) { a += H (b, c, d) + x + ac; a = ((int) a << s) | ((int) a >>> (32 - s)); a += b; return a; } private long II(long a, long b, long c, long d, long x, long s, long ac) { a += I (b, c, d) + x + ac; a = ((int) a << s) | ((int) a >>> (32 - s)); a += b; return a; } /* md5Update是MD5的主计算过程,inbuf是要变换的字节串,inputlen是长度,这个 函数由md5调用,调用之前需要调用md5init,因此把它设计成private的 */ private void md5Update(byte[] inbuf, int inputLen) { int i, index, partLen; byte[] block = new byte[64]; index = (int)(count[0] >>> 3) & 0x3F; // /* Update number of bits */ if ((count[0] += (inputLen << 3)) < (inputLen << 3)) count[1]++; count[1] += (inputLen >>> 29); partLen = 64 - index; // Transform as many times as possible. if (inputLen >= partLen) { md5Memcpy(buffer, inbuf, index, 0, partLen); md5Transform(buffer); for (i = partLen; i + 63 < inputLen; i += 64) { md5Memcpy(block, inbuf, 0, i, 64); md5Transform (block); } index = 0; } else i = 0; ///* Buffer remaining input */ md5Memcpy(buffer, inbuf, index, i, inputLen - i); } /* md5Final整理和填写输出结果 */ private void md5Final () { byte[] bits = new byte[8]; int index, padLen; ///* Save number of bits */ Encode (bits, count, 8); ///* Pad out to 56 mod 64. index = (int)(count[0] >>> 3) & 0x3f; padLen = (index < 56) ? (56 - index) : (120 - index); md5Update (PADDING, padLen); ///* Append length (before padding) */ md5Update(bits, 8); ///* Store state in digest */ Encode (digest, state, 16); } /* md5Memcpy是一个内部使用的byte数组的块拷贝函数,从input的inpos开始把len长度的 字节拷贝到output的outpos位置开始 */ private void md5Memcpy (byte[] output, byte[] input, int outpos, int inpos, int len) { int i; for (i = 0; i < len; i++) output[outpos + i] = input[inpos + i]; } /* md5Transform是MD5核心变换程序,有md5Update调用,block是分块的原始字节 */ private void md5Transform (byte block[]) { long a = state[0], b = state[1], c = state[2], d = state[3]; long[] x = new long[16]; Decode (x, block, 64); /* Round 1 */ a = FF (a, b, c, d, x[0], S11, 0xd76aa478L); /* 1 */ d = FF (d, a, b, c, x[1], S12, 0xe8c7b756L); /* 2 */ c = FF (c, d, a, b, x[2], S13, 0x242070dbL); /* 3 */ b = FF (b, c, d, a, x[3], S14, 0xc1bdceeeL); /* 4 */ a = FF (a, b, c, d, x[4], S11, 0xf57c0fafL); /* 5 */ d = FF (d, a, b, c, x[5], S12, 0x4787c62aL); /* 6 */ c = FF (c, d, a, b, x[6], S13, 0xa8304613L); /* 7 */ b = FF (b, c, d, a, x[7], S14, 0xfd469501L); /* 8 */ a = FF (a, b, c, d, x[8], S11, 0x698098d8L); /* 9 */ d = FF (d, a, b, c, x[9], S12, 0x8b44f7afL); /* 10 */ c = FF (c, d, a, b, x[10], S13, 0xffff5bb1L); /* 11 */ b = FF (b, c, d, a, x[11], S14, 0x895cd7beL); /* 12 */ a = FF (a, b, c, d, x[12], S11, 0x6b901122L); /* 13 */ d = FF (d, a, b, c, x[13], S12, 0xfd987193L); /* 14 */ c = FF (c, d, a, b, x[14], S13, 0xa679438eL); /* 15 */ b = FF (b, c, d, a, x[15], S14, 0x49b40821L); /* 16 */ /* Round 2 */ a = GG (a, b, c, d, x[1], S21, 0xf61e2562L); /* 17 */ d = GG (d, a, b, c, x[6], S22, 0xc040b340L); /* 18 */ c = GG (c, d, a, b, x[11], S23, 0x265e5a51L); /* 19 */ b = GG (b, c, d, a, x[0], S24, 0xe9b6c7aaL); /* 20 */ a = GG (a, b, c, d, x[5], S21, 0xd62f105dL); /* 21 */ d = GG (d, a, b, c, x[10], S22, 0x2441453L); /* 22 */ c = GG (c, d, a, b, x[15], S23, 0xd8a1e681L); /* 23 */ b = GG (b, c, d, a, x[4], S24, 0xe7d3fbc8L); /* 24 */ a = GG (a, b, c, d, x[9], S21, 0x21e1cde6L); /* 25 */ d = GG (d, a, b, c, x[14], S22, 0xc33707d6L); /* 26 */ c = GG (c, d, a, b, x[3], S23, 0xf4d50d87L); /* 27 */ b = GG (b, c, d, a, x[8], S24, 0x455a14edL); /* 28 */ a = GG (a, b, c, d, x[13], S21, 0xa9e3e905L); /* 29 */ d = GG (d, a, b, c, x[2], S22, 0xfcefa3f8L); /* 30 */ c = GG (c, d, a, b, x[7], S23, 0x676f02d9L); /* 31 */ b = GG (b, c, d, a, x[12], S24, 0x8d2a4c8aL); /* 32 */ /* Round 3 */ a = HH (a, b, c, d, x[5], S31, 0xfffa3942L); /* 33 */ d = HH (d, a, b, c, x[8], S32, 0x8771f681L); /* 34 */ c = HH (c, d, a, b, x[11], S33, 0x6d9d6122L); /* 35 */ b = HH (b, c, d, a, x[14], S34, 0xfde5380cL); /* 36 */ a = HH (a, b, c, d, x[1], S31, 0xa4beea44L); /* 37 */ d = HH (d, a, b, c, x[4], S32, 0x4bdecfa9L); /* 38 */ c = HH (c, d, a, b, x[7], S33, 0xf6bb4b60L); /* 39 */ b = HH (b, c, d, a, x[10], S34, 0xbebfbc70L); /* 40 */ a = HH (a, b, c, d, x[13], S31, 0x289b7ec6L); /* 41 */ d = HH (d, a, b, c, x[0], S32, 0xeaa127faL); /* 42 */ c = HH (c, d, a, b, x[3], S33, 0xd4ef3085L); /* 43 */ b = HH (b, c, d, a, x[6], S34, 0x4881d05L); /* 44 */ a = HH (a, b, c, d, x[9], S31, 0xd9d4d039L); /* 45 */ d = HH (d, a, b, c, x[12], S32, 0xe6db99e5L); /* 46 */ c = HH (c, d, a, b, x[15], S33, 0x1fa27cf8L); /* 47 */ b = HH (b, c, d, a, x[2], S34, 0xc4ac5665L); /* 48 */ /* Round 4 */ a = II (a, b, c, d, x[0], S41, 0xf4292244L); /* 49 */ d = II (d, a, b, c, x[7], S42, 0x432aff97L); /* 50 */ c = II (c, d, a, b, x[14], S43, 0xab9423a7L); /* 51 */ b = II (b, c, d, a, x[5], S44, 0xfc93a039L); /* 52 */ a = II (a, b, c, d, x[12], S41, 0x655b59c3L); /* 53 */ d = II (d, a, b, c, x[3], S42, 0x8f0ccc92L); /* 54 */ c = II (c, d, a, b, x[10], S43, 0xffeff47dL); /* 55 */ b = II (b, c, d, a, x[1], S44, 0x85845dd1L); /* 56 */ a = II (a, b, c, d, x[8], S41, 0x6fa87e4fL); /* 57 */ d = II (d, a, b, c, x[15], S42, 0xfe2ce6e0L); /* 58 */ c = II (c, d, a, b, x[6], S43, 0xa3014314L); /* 59 */ b = II (b, c, d, a, x[13], S44, 0x4e0811a1L); /* 60 */ a = II (a, b, c, d, x[4], S41, 0xf7537e82L); /* 61 */ d = II (d, a, b, c, x[11], S42, 0xbd3af235L); /* 62 */ c = II (c, d, a, b, x[2], S43, 0x2ad7d2bbL); /* 63 */ b = II (b, c, d, a, x[9], S44, 0xeb86d391L); /* 64 */ state[0] += a; state[1] += b; state[2] += c; state[3] += d; } /*Encode把long数组按顺序拆成byte数组,因为java的long类型是64bit的,只拆低32bit */ private void Encode (byte[] output, long[] input, int len) { int i, j; for (i = 0, j = 0; j < len; i++, j += 4) { output[j] = (byte)(input[i] & 0xffL); output[j + 1] = (byte)((input[i] >>> 8) & 0xffL); output[j + 2] = (byte)((input[i] >>> 16) & 0xffL); output[j + 3] = (byte)((input[i] >>> 24) & 0xffL); } } /*Decode把byte数组按顺序合成成long数组,因为java的long类型是64bit的, 只合成低32bit,高32bit清零 */ private void Decode (long[] output, byte[] input, int len) { int i, j; for (i = 0, j = 0; j < len; i++, j += 4) output[i] = b2iu(input[j]) | (b2iu(input[j + 1]) << 8) |(b2iu(input[j + 2]) << 16) | (b2iu(input[j + 3]) << 24); return; } /* b2iu是一个把byte按照不考虑正负号的原则的"升位"程序,因为java没有unsigned运算 */ public static long b2iu(byte b) { return b < 0 ? b & 0x7F + 128 : b; } /*byteHEX(),用来把一个byte类型的数转换成十六进制的ASCII表示, 因为java中的byte的toString无法实现这一点 */ public static String byteHEX(byte ib) { char[] Digit = { '0','1','2','3','4','5','6','7','8','9','a','b','c','d','e','f' }; char [] ob = new char[2]; ob[0] = Digit[(ib >>> 4) & 0X0F]; ob[1] = Digit[ib & 0X0F]; String s = new String(ob); return s; } public static String toMD5(String source){ MD5 md5 = new MD5(); return md5.md5(source); } public static void main(String[] args) { // TODO Auto-generated method stub System.out.print(MD5.toMD5("")); } } ServerApplication 加入扫描包路径 "com.qz.springcloud.school.brain.core.repeat", 示例 @DuplicateSubmitToken(type=DuplicateSubmitToken.REQUEST,time=10000 * 1) // 10秒钟
编程PDF电子书免费下载: http://www.shitanlife.com/code 每天学习一点点
