Springboot+Redis 實現API接口限流

添加Redis的jar包.

<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-data-redis</artifactId>
</dependency>

在application.yml中配置redis

spring:
  ## Redis
    redis:
      database: 0
      host: 127.0.0.1
      port: 6379
      password:
      jedis:
        pool:
          max-active: 8
          max-wait: -1ms
          max-idle: 8
          min-idle: 0
      timeout: 2000ms

添加自定義註解

@Inherited
@Documented
@Target({ElementType.FIELD,ElementType.TYPE,ElementType.METHOD})
@Retention(RetentionPolicy.RUNTIME)
public @interface AccessLimit {

    //指定second 時間內 API請求次數
    int times() default 4;

    // 請求次數的指定時間範圍  秒數(redis數據過期時間)
    int second() default 10;
}

編寫攔截器

import com.ys.xlb.annotation.AccessLimit;
import com.ys.xlb.bean.Code;
import com.ys.xlb.exception.GlobalException;
import com.ys.xlb.utils.IpUtils;
import com.ys.xlb.utils.RequestUtils;
import com.ys.xlb.utils.ResultUtils;
import lombok.extern.slf4j.Slf4j;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.lang.reflect.Method;
import java.util.concurrent.TimeUnit;

/**
 * @ClassName AccessLimitInterceptor
 * @description: API請求限流攔截器
 * @time 2019-04-20 11:08
 **/
@Slf4j
@Component
public class AccessLimitInterceptor implements HandlerInterceptor {

    @Resource
    private RedisTemplate<String, Integer> redisTemplate;

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        try{
            // Handler 是否爲 HandlerMethod 實例
            if(handler instanceof HandlerMethod){
                // 強轉
                HandlerMethod handlerMethod = (HandlerMethod) handler;
                // 獲取方法
                Method method = handlerMethod.getMethod();
                // 是否有AccessLimit註解
                if(!method.isAnnotationPresent(AccessLimit.class)){
                    return true;
                }
                // 獲取註解內容信息
                AccessLimit accessLimit = method.getAnnotation(AccessLimit.class);
                if(accessLimit == null){
                    return true;
                }
                int times = accessLimit.times();//請求次數
                int second = accessLimit.second();//請求時間範圍
                //根據 IP + API 限流
                String key = IpUtils.getIpAddr(request) + request.getRequestURI();
                //根據key獲取已請求次數
                Integer maxTimes = redisTemplate.opsForValue().get(key);
                if(maxTimes == null){
                    //set時一定要加過期時間
                    redisTemplate.opsForValue().set(key, 1, second, TimeUnit.SECONDS);
                }else if(maxTimes < times){
                    redisTemplate.opsForValue().set(key, maxTimes+1, second, TimeUnit.SECONDS);
                }else{
                    // 30405 API_REQUEST_TOO_MUCH  請求過於頻繁
                    RequestUtils.out(response, ResultUtils.error(Code.API_REQUEST_TOO_MUCH));
                    return false;
                }
            }
        }catch (Exception e){
            log.error("API請求限流攔截異常,請檢查Redis是否開啓!",e);
            throw new GlobalException(Code.BAD_REQUEST,e.getMessage());
        }
        return true;
    }

    @Override
    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {

    }

    @Override
    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {

    }
}

方法中的IP工具類方法

 /**
     * IpUtils工具類方法
     * 獲取真實的ip地址
     * @param request
     * @return
     */
    public static String getIpAddr(HttpServletRequest request) {
        String ip = request.getHeader("X-Forwarded-For");
        if(org.apache.commons.lang.StringUtils.isNotEmpty(ip) && !"unKnown".equalsIgnoreCase(ip)){
            //多次反向代理後會有多個ip值，第一個ip纔是真實ip
            int index = ip.indexOf(",");
            if(index != -1){
                return ip.substring(0,index);
            }else{
                return ip;
            }
        }
        ip = request.getHeader("X-Real-IP");
        if(org.apache.commons.lang.StringUtils.isNotEmpty(ip) && !"unKnown".equalsIgnoreCase(ip)){
            return ip;
        }
        return request.getRemoteAddr();
    }

RequestUtils.out()方法

 /**
     * @Title: out
     * @Description:  response輸出JSON數據
     * @param response : 響應請求
     * @param object: object
     * @return void
     **/
    public static void out(ServletResponse response, Object object){
        PrintWriter out = null;
        try {
            response.setContentType("application/json;charset=UTF-8");
            response.setCharacterEncoding("UTF-8");
            out = response.getWriter();
            out.println(JSONObject.fromObject(resultMap).toString());
        } catch (Exception e) {
            log.error("輸出JSON報錯!"+e);
        }finally{
            if(null != out){
                out.flush();
                out.close();
            }
        }
    }

配置攔截器

@Configuration
public class ApplicationConfig implements WebMvcConfigurer {

	//這裏需要注入攔截器 否則無法獲取到攔截器注入的RedisTemplate<String, Integer> redisTemplate; 
	@Bean
    public AccessLimitInterceptor accessLimitInterceptor(){
        return new AccessLimitInterceptor();
    }

	/**
     * 配置攔截器
     * @author lance
     * @param registry
     */
    @Override
    public void addInterceptors(InterceptorRegistry registry) {
        registry.addInterceptor(new LoginInterceptor()).addPathPatterns("/**").excludePathPatterns("/static/**","/login.html","/user/login");
        //API限流攔截
        registry.addInterceptor(accessLimitInterceptor()).addPathPatterns("/**").excludePathPatterns("/static/**","/login.html");
    }
}

配置攔截器的類中必須先注入這個攔截器否則無法獲取到攔截器注入的RedisTemplate<String, Integer> redisTemplate

使用註解

/**
     * @Title: selectAll
     * @Description: 查詢文章信息
     **/
    @AccessLimit(times = 5)
    @RequestMapping(value = "selectAll" , method = {RequestMethod.GET,RequestMethod.POST})
    //GetMapping(value = "selectAll")
    public ResultBody selectAll(Article article) {
        return articleService.selectAll(article);
    }

請求測試

時間間隔爲默認的10s, 10s內請求第6次出現此返回值,完成.

參考博客:
https://blog.csdn.net/zrg523/article/details/82185088