1. 利用AOP技术实现
2. 编写切面类Delay:代码如下
package com.foxconn.core.AccessLimitAPI;
import org.springframework.stereotype.Component;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
/**
- @author wdy
- @date 2023-10-20
*/
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
@Component
public @interface Delay {
//默认两秒,意思是每个方法两秒内只能请求一次,重复请求无效
int time() default 2000; }
3. 服务器IP获取工具类
package com.foxconn.core.AccessLimitAPI;
import javax.servlet.http.HttpServletRequest;
import java.net.InetAddress;
import java.net.UnknownHostException;
/**
- @author wdy
- @date 2023-10-20
*/
public class CommontMethod {
/**
- 获取请求ip
- @param request
- @return
/
public static String getIpAddr(HttpServletRequest request){
String ipAddress = request.getHeader("x-forwarded-for");
if(ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) {
ipAddress = request.getHeader("Proxy-Client-IP");
}
if(ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) {
ipAddress = request.getHeader("WL-Proxy-Client-IP");
}
if(ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) {
ipAddress = request.getRemoteAddr();
if("127.0.0.1".equals(ipAddress) || "0:0:0:0:0:0:0:1".equals(ipAddress)){
//根据网卡取本机配置的IP
InetAddress inet=null;
try {
inet = InetAddress.getLocalHost();
} catch (UnknownHostException e) {
e.printStackTrace();
}
ipAddress= inet.getHostAddress();
}
}
//对于通过多个代理的情况,第一个IP为客户端真实IP,多个IP按照','分割
if(ipAddress!=null && ipAddress.length()>15){ //"...*".length() = 15
if(ipAddress.indexOf(",")>0){
ipAddress = ipAddress.substring(0,ipAddress.indexOf(","));
}
}
return ipAddress;
}
}
4. 定义全局统一请求拦截 filter(RequestFrequenceInterceptor) ,实现HandlerInterceptor
package com.foxconn.core.AccessLimitAPI;
import com.alibaba.fastjson.JSON;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.codehaus.commons.nullanalysis.Nullable;
import org.mybatis.logging.Logger;
import org.mybatis.logging.LoggerFactory;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.HashMap;
import java.util.Map;
import java.util.function.Supplier;
/**
- @author wdy
- @date 2023-10-20
*/
@Component
public class RequestFrequenceInterceptor implements HandlerInterceptor {
private final Log log = LogFactory.getLog(RequestFrequenceInterceptor.class);
private long lastTime = 0;
private boolean startDelay(int time) {
long currentTime = System.currentTimeMillis();
if (currentTime - lastTime > time) {
System.out.println(currentTime + " - " + lastTime);
lastTime = currentTime;
return true;
}
return false;
}
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
String ip = CommontMethod.getIpAddr( request );//获取ip地址
//开始进入请求地址拦截
//获取执行方法上的注解 不过滤静态资源
if(handler instanceof HandlerMethod){
HandlerMethod hm = (HandlerMethod) handler;
//对包含注解的方法进行频率验证
Delay delay = hm.getMethodAnnotation(Delay.class);
if (delay != null) {
if ( startDelay(delay.time()))
{
return true;
}else {
log.info("ip: "+ ip+"-请求被锁定,频率过快");
String msg="ip["+ ip+"],请求频率过快,服务将被锁定!请"+delay.time()/1000+"s后,请重试!";
Map<String,Object> responseMap = new HashMap<>( );
responseMap.put( "code",10021 );
responseMap.put( "message",msg);
String resStr = JSON.toJSONString(responseMap);
response.setContentType("application/json;charset=utf-8");
response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Cache-Control","no-cache");
response.getWriter().write(resStr);
return false;
}
}
}
// 对于不包含注解的方法一律放行
return true;
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, @Nullable ModelAndView modelAndView) throws Exception {
//处理请求完成后紧接着的操作
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, @Nullable Exception ex) throws Exception {
//视图渲染之后的操作
}
}
5. 定义全局统一请求拦截配置 RequestParamInterceptorConf类
package com.foxconn.core.AccessLimitAPI;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
/**
- @author wdy
- @date 2023-10-20
*/
@Configuration
public class RequestParamInterceptorConf implements WebMvcConfigurer {
@Autowired
RequestFrequenceInterceptor frequenceInterceptor;
@Override
public void addInterceptors(InterceptorRegistry registry){
// 多个拦截器组成一个拦截器链
// addPathPatterns 用于添加拦截规则
// excludePathPatterns 用户排除拦截
// TokenInterceptor()为自己定义的拦截器
registry.addInterceptor( frequenceInterceptor ).addPathPatterns( "/**" ).excludePathPatterns("/error");
}
}
