[SpringMVC]自定義註解實現控制器訪問次數限制(轉載)

原文地址: https://www.cnblogs.com/xiaoyangjia/p/3762150.html

[SpringMVC]自定義註解實現控制器訪問次數限制

我們需要根據IP去限制用戶單位時間的訪問次數，防止刷手機驗證碼,屏蔽註冊機等，使用註解就非常靈活了

準備工作:

spring.xml配置添加一下代碼:

<aop:aspectj-autoproxy />

1 定義註解

@Retention(RetentionPolicy.RUNTIME)
@Target(ElementType.METHOD)
@Documented
//最高優先級
@Order(Ordered.HIGHEST_PRECEDENCE)
public @interface RequestLimit {
    /**
     * 
     * 允許訪問的次數，默認值MAX_VALUE
     */
    int count() default Integer.MAX_VALUE;

    /**
     * 
     * 時間段，單位爲毫秒，默認值一分鐘
     */
    long time() default 60000;
}

2 實現註解

@Aspect
@Component
public class RequestLimitContract {
    private static final Logger logger = LoggerFactory.getLogger("RequestLimitLogger");
    @Autowired
    private RedisTemplate<String, String> redisTemplate;

    @Before("within(@org.springframework.stereotype.Controller *) && @annotation(limit)")
    public void requestLimit(final JoinPoint joinPoint, RequestLimit limit) throws RequestLimitException {

      try {
            Object[] args = joinPoint.getArgs();
            HttpServletRequest request = null;
            for (int i = 0; i < args.length; i++) {
                if (args[i] instanceof HttpServletRequest) {
                    request = (HttpServletRequest) args[i];
                    break;
                }
            }
            if (request == null) {
                throw new RequestLimitException("方法中缺失HttpServletRequest參數");
            }
            String ip = HttpRequestUtil.getIpAddr(request);
            String url = request.getRequestURL().toString();
            String key = "req_limit_".concat(url).concat(ip);
            long count = redisTemplate.opsForValue().increment(key, 1);
            if (count == 1) {
                redisTemplate.expire(key, limit.time(), TimeUnit.MILLISECONDS);
            }
            if (count > limit.count()) {
                logger.info("用戶IP[" + ip + "]訪問地址[" + url + "]超過了限定的次數[" + limit.count() + "]");
                throw new RequestLimitException();
            }
        } catch (RequestLimitException e) {
            throw e;
        } catch (Exception e) {
            logger.error("發生異常: ", e);
        }
    }
}

3 自定義Exception

public class RequestLimitException extends Exception {
    private static final long serialVersionUID = 1364225358754654702L;

    public RequestLimitException() {
        super("HTTP請求超出設定的限制");
    }

    public RequestLimitException(String message) {
        super(message);
    }

}

4 在Controller中使用

@RequestLimit(count=100,time=60000)
@RequestMapping("/test")
public String test(HttpServletRequest request, ModelMap modelMap) {
    //TODO
 }

我使用了redis緩存訪問次數,並且設置自增1，其實用靜態map也可以。(原作者文)