添加Redis的jar包.
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-redis</artifactId>
</dependency>
在application.yml中配置redis
spring:
## Redis
redis:
database: 0
host: 127.0.0.1
port: 6379
password:
jedis:
pool:
max-active: 8
max-wait: -1ms
max-idle: 8
min-idle: 0
timeout: 2000ms
添加自定義註解
@Inherited
@Documented
@Target({ElementType.FIELD,ElementType.TYPE,ElementType.METHOD})
@Retention(RetentionPolicy.RUNTIME)
public @interface AccessLimit {
//指定second 時間內 API請求次數
int times() default 4;
// 請求次數的指定時間範圍 秒數(redis數據過期時間)
int second() default 10;
}
編寫攔截器
import com.ys.xlb.annotation.AccessLimit;
import com.ys.xlb.bean.Code;
import com.ys.xlb.exception.GlobalException;
import com.ys.xlb.utils.IpUtils;
import com.ys.xlb.utils.RequestUtils;
import com.ys.xlb.utils.ResultUtils;
import lombok.extern.slf4j.Slf4j;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.lang.reflect.Method;
import java.util.concurrent.TimeUnit;
/**
* @ClassName AccessLimitInterceptor
* @description: API請求限流攔截器
* @time 2019-04-20 11:08
**/
@Slf4j
@Component
public class AccessLimitInterceptor implements HandlerInterceptor {
@Resource
private RedisTemplate<String, Integer> redisTemplate;
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
try{
// Handler 是否爲 HandlerMethod 實例
if(handler instanceof HandlerMethod){
// 強轉
HandlerMethod handlerMethod = (HandlerMethod) handler;
// 獲取方法
Method method = handlerMethod.getMethod();
// 是否有AccessLimit註解
if(!method.isAnnotationPresent(AccessLimit.class)){
return true;
}
// 獲取註解內容信息
AccessLimit accessLimit = method.getAnnotation(AccessLimit.class);
if(accessLimit == null){
return true;
}
int times = accessLimit.times();//請求次數
int second = accessLimit.second();//請求時間範圍
//根據 IP + API 限流
String key = IpUtils.getIpAddr(request) + request.getRequestURI();
//根據key獲取已請求次數
Integer maxTimes = redisTemplate.opsForValue().get(key);
if(maxTimes == null){
//set時一定要加過期時間
redisTemplate.opsForValue().set(key, 1, second, TimeUnit.SECONDS);
}else if(maxTimes < times){
redisTemplate.opsForValue().set(key, maxTimes+1, second, TimeUnit.SECONDS);
}else{
// 30405 API_REQUEST_TOO_MUCH 請求過於頻繁
RequestUtils.out(response, ResultUtils.error(Code.API_REQUEST_TOO_MUCH));
return false;
}
}
}catch (Exception e){
log.error("API請求限流攔截異常,請檢查Redis是否開啓!",e);
throw new GlobalException(Code.BAD_REQUEST,e.getMessage());
}
return true;
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
}
}
方法中的IP工具類方法
/**
* IpUtils工具類方法
* 獲取真實的ip地址
* @param request
* @return
*/
public static String getIpAddr(HttpServletRequest request) {
String ip = request.getHeader("X-Forwarded-For");
if(org.apache.commons.lang.StringUtils.isNotEmpty(ip) && !"unKnown".equalsIgnoreCase(ip)){
//多次反向代理後會有多個ip值,第一個ip纔是真實ip
int index = ip.indexOf(",");
if(index != -1){
return ip.substring(0,index);
}else{
return ip;
}
}
ip = request.getHeader("X-Real-IP");
if(org.apache.commons.lang.StringUtils.isNotEmpty(ip) && !"unKnown".equalsIgnoreCase(ip)){
return ip;
}
return request.getRemoteAddr();
}
RequestUtils.out()方法
/**
* @Title: out
* @Description: response輸出JSON數據
* @param response : 響應請求
* @param object: object
* @return void
**/
public static void out(ServletResponse response, Object object){
PrintWriter out = null;
try {
response.setContentType("application/json;charset=UTF-8");
response.setCharacterEncoding("UTF-8");
out = response.getWriter();
out.println(JSONObject.fromObject(resultMap).toString());
} catch (Exception e) {
log.error("輸出JSON報錯!"+e);
}finally{
if(null != out){
out.flush();
out.close();
}
}
}
配置攔截器
@Configuration
public class ApplicationConfig implements WebMvcConfigurer {
//這裏需要注入攔截器 否則無法獲取到攔截器注入的RedisTemplate<String, Integer> redisTemplate;
@Bean
public AccessLimitInterceptor accessLimitInterceptor(){
return new AccessLimitInterceptor();
}
/**
* 配置攔截器
* @author lance
* @param registry
*/
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(new LoginInterceptor()).addPathPatterns("/**").excludePathPatterns("/static/**","/login.html","/user/login");
//API限流攔截
registry.addInterceptor(accessLimitInterceptor()).addPathPatterns("/**").excludePathPatterns("/static/**","/login.html");
}
}
配置攔截器的類中必須先注入這個攔截器否則無法獲取到攔截器注入的RedisTemplate<String, Integer> redisTemplate
使用註解
/**
* @Title: selectAll
* @Description: 查詢文章信息
**/
@AccessLimit(times = 5)
@RequestMapping(value = "selectAll" , method = {RequestMethod.GET,RequestMethod.POST})
//GetMapping(value = "selectAll")
public ResultBody selectAll(Article article) {
return articleService.selectAll(article);
}
請求測試
時間間隔爲默認的10s, 10s內請求第6次出現此返回值,完成.