Skip to content

H
haoban-manage3.0
Commit 5f78a08f by huangZW
Options

http限制

parent 679277bd
Showing with 119 additions and 0 deletions
haoban-manage3-web/src/main/java/com/gic/haoban/manage/web/anno/HttpLimit.java 0 → 100644
package com.gic.haoban.manage.web.anno;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
import java.util.concurrent.TimeUnit;
/**
* 访问限制
* 默认1秒
* @author hzw
*
*/
@Target({ElementType.METHOD})
@Retention(RetentionPolicy.RUNTIME)
public @interface HttpLimit {
long time() default 1L;
TimeUnit unit() default TimeUnit.SECONDS;
int times() default 2;
}
\ No newline at end of file
haoban-manage3-web/src/main/java/com/gic/haoban/manage/web/controller/WxEnterpriseController.java
......@@ -20,6 +20,7 @@ import com.gic.haoban.manage.api.dto.EnterpriseDetailDTO;
import com.gic.haoban.manage.api.dto.YwWxEnterpriseDTO;
import com.gic.haoban.manage.api.service.WxEnterpriseApiService;
import com.gic.haoban.manage.api.service.WxEnterpriseRelatedApiService;
import com.gic.haoban.manage.web.anno.HttpLimit;
import com.gic.haoban.manage.web.anno.IgnoreLogin;
import com.gic.haoban.manage.web.auth.AuthRequestUtil;
import com.gic.haoban.manage.web.errCode.HaoBanErrCode;
......@@ -35,6 +36,7 @@ public class WxEnterpriseController extends WebBaseController{
private WxEnterpriseApiService wxEnterpriseApiService;
//授权企业列表
@HttpLimit
@IgnoreLogin
@RequestMapping("wx-enterprise-list")
public HaobanResponse wxEnterpriseList() {
......
haoban-manage3-web/src/main/java/com/gic/haoban/manage/web/errCode/HaoBanErrCode.java
......@@ -70,6 +70,8 @@ public enum HaoBanErrCode {
ERR_10006(10006,"该企业已经绑定过了"),
ERR_10007(10007,"成员不存在"),
ERR_10008(10008,"请不要过于频繁点击"),
ERR_DEFINE(-888, "自定义错误"),
ERR_OTHER(-999, "未知错误code");
private int code;
......
haoban-manage3-web/src/main/java/com/gic/haoban/manage/web/interceptor/HttpLimitInterceptor.java 0 → 100644
package com.gic.haoban.manage.web.interceptor;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.Map;
import com.alibaba.fastjson.JSONObject;
import com.gic.haoban.auth.api.dto.UserRightDetailDTO;
import com.gic.haoban.common.utils.AuthRequestUtil;
import com.gic.haoban.common.utils.HaobanResponse;
import com.gic.haoban.manage.web.anno.HttpLimit;
import com.gic.haoban.manage.web.anno.IgnoreLogin;
import com.gic.haoban.manage.web.errCode.HaoBanErrCode;
import com.gic.redis.data.util.RedisUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* 测试登录拦截器
*
* @author zhurz
*/
public class HttpLimitInterceptor extends HandlerInterceptorAdapter {
private static Logger logger = LoggerFactory.getLogger(HttpLimitInterceptor.class);
private void errorResult(HttpServletResponse httpServletResponse, HaoBanErrCode errCode) {
HaobanResponse response = new HaobanResponse();
response.setErrorCode(errCode.getCode());
response.setMessage(errCode.getMsg());
PrintWriter writer = null;
try {
httpServletResponse.setHeader("Content-type", "application/json;charset=UTF-8");
writer = httpServletResponse.getWriter();
writer.append(JSONObject.toJSONString(response));
} catch (IOException e) {
e.printStackTrace();
}
}
@Override
public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o) throws Exception {
String requestURI = httpServletRequest.getRequestURI();
logger.info("post-url:{}", requestURI);
Map<String, String[]> parameterMap = httpServletRequest.getParameterMap();
logger.info("post-params:{}", JSONObject.toJSONString(parameterMap));
HandlerMethod handler = (HandlerMethod) o;
HttpLimit httpLimit = handler.getMethodAnnotation(HttpLimit.class);
if (httpLimit != null) {
String ip = getIpAddress(httpServletRequest);
String url = httpServletRequest.getRequestURL().toString();
String key = "http_limit_".concat(url);
key = key + ip;
if(RedisUtil.getCache(key)!=null){
this.errorResult(httpServletResponse, HaoBanErrCode.ERR_10008);
logger.info("过于频繁点击");
return false;
}else{
RedisUtil.setCache(key, 1, httpLimit.time());
}
}
return true;
}
private String getIpAddress(HttpServletRequest request) {
String ip = request.getHeader("x-forwarded-for");
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("Proxy-Client-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("WL-Proxy-Client-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("HTTP_CLIENT_IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("HTTP_X_FORWARDED_FOR");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getRemoteAddr();
}
return ip;
}
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment