spring boot+ redis 接口访问频率限制的实现

spring boot+ redis 接口访问频率限制的实现

生产环境下可以解决的问题：

1.短信验证码请求评率限制（防止抓包短信轰炸）

2.热点数据请求评率限制（防止数据库爆炸）

@Component

public class BlackInterceper implements HandlerInterceptor {

@Autowired

private RedisTemplate redisTemplate;

private Logger log = LoggerFactory.getLogger(this.getClass());

@Override

public boolean preHandle(HttpServletRequest request, Hthttp://tpServletResponse response, Object handler)

throws Exception {

response.setHeader("Content-type", "text/html;charset=UTF-8");

String token = request.getHeader(Cons.TOKEN.WECHAT);

String requestURI = request.getRequestURI();

if (StringUtils.isBlank(token)) {

response.setHeader("Content-type", "text/html;charset=UTF-8");

response.getWriter().write(jsonUtils.marshalToString(ReturnResult.build(401, "未授权")));

return false;

}

Integer userId = (Integer) redisTemplate.opsForValue().get(Cons.TOKEN.WECHAT + ":" + token);

log.error("userId={},访问了url={},请求ip={}",token,requestURI, IpUtil.getIpAddress(request));

if(redisTemplate.hasKey("black")){

if(redisTemplate.opsForSet().isMember("black", userId)){

response.getWriter().write(JsonUtils.marshalToString(ReturnResult.build(500, "由于存在恶意攻击你已被限制访问")));

return false;

}

}

Integer count = (Integer)redisTemplate.opsForValue().get("limit:"+token);

if(count==null){

redisTemplate.opsForValue().set("limit:"+token, 1, 60, TimeUnit.SECONDS);

return true;

}else{

if(count>100 && count<150){

response.getWriter().write(JsonUtils.marshalToString(ReturnResult.build(500, "请求太频繁，请稍后再试")));

redisTemplate.opsForValue().increment("limit:"+token, 1);

return false;

}else if(count>=150){

redisTemplate.opsForSet().add("black",userId,2,TimeUnit.DAYS);

response.getWriter().write(JsonUtils.marshalToString(ReturnResult.build(500, "请求太频繁，已经被限制访问")));

//redisTemplate.opsForSet().add("black",token);

return false;

}else{

redisTemplate.opsForValue().increment("limit:"+token, 1);

return true;

}

}

}

@Override

public void postHandle(HttpServletRequest request, HttpSFAnDHXTervletResponse response, Object handler,

ModelAndView modelAndView) throws Exception {

// TODO Auto-generated method stub

}

@Override

public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex)

throws Exception {

// TODO Auto-generated method stub

}

}

版权声明：本文内容由网络用户投稿，版权归原作者所有，本站不拥有其著作权，亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容，请联系我们jiasou666@gmail.com 处理，核实后本网站将在24小时内删除侵权内容。