近期一个老项目出现了接口幂等性 校验问题,前端加了按钮置灰,
依然被人拉着接口参数一顿输出,还是重复调用了接口,小陈及时赶到现场,通过复制粘贴,完成了后端接口幂等性调用校验。
以前写过一篇关于接口简单限流防止重复调用的,但是跟该篇还是不一样的,该篇的角度是接口和参数整体一致才当做重复。
简单限流: (Redis使用系列) Springboot 使用redis实现接口Api限流 十
实现接口调用的幂等性校验
方案 :自定义注解+redis+拦截器+MD5 实现
草图,意会(用户标识不是必要,看业务场景是针对个人还是只针对接口&参数):
话不多说,开始实战。
PS: 前排提醒,如果你还不知道怎么springboot整合redis,可以先去看下redis使用系列的 一、二。
(Redis使用系列) SpringBoot 中对应2.0.x版本的Redis配置 一
(Redis使用系列) SpringBoot中Redis的RedisConfig 二
自定义注解 怎么玩的 :
①标记哪个接口需要进行幂等性拦截
②每个接口可以要求幂等性范围时间不一样,举例:可以2秒内,可以3秒内,时间自己传
③ 一旦触发了,提示语可以不同 ,举例:VIP的接口,普通用户的接口,提示语不一样(开玩笑)
效果:
① RepeatDaMie.java
- import java.lang.annotation.ElementType;
- import java.lang.annotation.Retention;
- import java.lang.annotation.RetentionPolicy;
- import java.lang.annotation.Target;
-
- /**
- * @Author: JCccc
- * @Date: 2022-6-13 9:04
- * @Description: 自定义注解,防止重复提交
- */
- @Target({ElementType.METHOD})
- @Retention(RetentionPolicy.RUNTIME)
- public @interface RepeatDaMie {
-
- /**
- * 时间ms限制
- */
- public int second() default 1;
-
- /**
- * 提示消息
- */
- public String describe() default "重复提交了,兄弟";
-
- }
②ApiRepeatInterceptor.java
- import com.example.repeatdemo.annotation.RepeatDaMie;
- import com.example.repeatdemo.util.ContextUtil;
- import com.example.repeatdemo.util.Md5Encrypt;
- import com.example.repeatdemo.util.RedisUtils;
- import com.example.repeatdemo.wrapper.CustomHttpServletRequestWrapper;
- import com.fasterxml.jackson.databind.ObjectMapper;
- import org.slf4j.Logger;
- import org.slf4j.LoggerFactory;
- import org.springframework.stereotype.Component;
- import org.springframework.web.method.HandlerMethod;
- import org.springframework.web.servlet.HandlerInterceptor;
-
- import javax.servlet.http.HttpServletRequest;
- import javax.servlet.http.HttpServletResponse;
- import java.io.IOException;
- import java.util.Objects;
-
- /**
- * @Author: JCccc
- * @Date: 2022-6-15 9:11
- * @Description: 接口幂等性校验拦截器
- */
- @Component
- public class ApiRepeatInterceptor implements HandlerInterceptor {
-
- private final Logger log = LoggerFactory.getLogger(this.getClass());
-
- private static final String POST="POST";
- private static final String GET="GET";
- @Override
- public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
- try {
- if (handler instanceof HandlerMethod) {
- HandlerMethod handlerMethod = (HandlerMethod) handler;
- // 获取RepeatDaMie注解
- RepeatDaMie repeatDaMie = handlerMethod.getMethodAnnotation(RepeatDaMie.class);
- if (null==repeatDaMie) {
- return true;
- }
- //限制的时间范围
- int seconds = repeatDaMie.second();
- //这个用户唯一标识,可以自己细微调整,是userId还是token还是sessionId还是不需要
- String userUniqueKey = request.getHeader("userUniqueKey");
- String method = request.getMethod();
- String apiParams = "";
- if (GET.equals(method)){
- log.info("GET请求来了");
- apiParams = new ObjectMapper().writeValueAsString(request.getParameterMap());
- }else if (POST.equals(method)){
- log.info("POST请求来了");
- CustomHttpServletRequestWrapper wrapper = (CustomHttpServletRequestWrapper) request;
- apiParams = wrapper.getBody();
- }
- log.info("当前参数是:{}",apiParams);
- // 存储key
- String keyRepeatDaMie = Md5Encrypt.md5(userUniqueKey+request.getServletPath()+apiParams) ;
- RedisUtils redisUtils = ContextUtil.getBean(RedisUtils.class);
- if (Objects.nonNull(redisUtils.get(keyRepeatDaMie))){
- log.info("重复请求了,重复请求了,拦截了");
- returnData(response,repeatDaMie.describe());
- return false;
- }else {
- redisUtils.setWithTime(keyRepeatDaMie, true,seconds);
- }
-
- }
- return true;
- } catch (Exception e) {
- log.warn("请求过于频繁请稍后再试");
- e.printStackTrace();
- }
- return true;
- }
-
- public void returnData(HttpServletResponse response,String msg) throws IOException {
- response.setCharacterEncoding("UTF-8");
- response.setContentType("application/json; charset=utf-8");
- ObjectMapper objectMapper = new ObjectMapper();
- //这里传提示语可以改成自己项目的返回数据封装的类
- response.getWriter().println(objectMapper.writeValueAsString(msg));
- return;
- }
-
- }
③ WebConfig.java
- import org.springframework.context.annotation.Configuration;
- import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
- import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
-
- /**
- * @Author: JCccc
- * @Date: 2022-6-15 9:24
- * @Description:
- */
- @Configuration
- public class WebConfig implements WebMvcConfigurer {
-
-
- @Override
- public void addInterceptors(InterceptorRegistry registry) {
- registry.addInterceptor(new ApiRepeatInterceptor()).addPathPatterns("/**");
- }
- }
①ContextUtil.java
- import org.springframework.beans.BeansException;
- import org.springframework.context.ApplicationContext;
- import org.springframework.context.ApplicationContextAware;
- import org.springframework.stereotype.Component;
- /**
- * @Author: JCccc
- * @Date: 2022-6-15 9:24
- * @Description:
- */
- @Component
- public final class ContextUtil implements ApplicationContextAware {
- protected static ApplicationContext applicationContext ;
- @Override
- public void setApplicationContext(ApplicationContext arg0) throws BeansException {
- if (applicationContext == null) {
- applicationContext = arg0;
- }
- }
- public static Object getBean(String name) {
- //name表示其他要注入的注解name名
- return applicationContext.getBean(name);
- }
- /**
- * 拿到ApplicationContext对象实例后就可以手动获取Bean的注入实例对象
- */
- public static <T> T getBean(Class<T> clazz) {
- return applicationContext.getBean(clazz);
- }
- }
②Md5Encrypt.java
- import java.io.UnsupportedEncodingException;
- import java.security.MessageDigest;
- import java.security.NoSuchAlgorithmException;
-
- /**
- * @Author: JCccc
- * @CreateTime: 2018-10-30
- * @Description:
- */
- public class Md5Encrypt {
-
- private static final char[] DIGITS = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a',
- 'b', 'c', 'd', 'e', 'f'};
-
- /**
- * 对字符串进行MD5加密
- *
- * @param text 明文
- * @return 密文
- */
- public static String md5(String text) {
- MessageDigest msgDigest = null;
-
- try {
- msgDigest = MessageDigest.getInstance("MD5");
- } catch (NoSuchAlgorithmException e) {
- throw new IllegalStateException("System doesn't support MD5 algorithm.");
- }
-
- try {
- // 注意该接口是按照指定编码形式签名
- msgDigest.update(text.getBytes("UTF-8"));
-
- } catch (UnsupportedEncodingException e) {
-
- throw new IllegalStateException("System doesn't support your EncodingException.");
-
- }
-
- byte[] bytes = msgDigest.digest();
-
- String md5Str = new String(encodeHex(bytes));
-
- return md5Str;
- }
-
- private static char[] encodeHex(byte[] data) {
-
- int l = data.length;
-
- char[] out = new char[l << 1];
- // two characters form the hex value.
- for (int i = 0, j = 0; i < l; i++) {
- out[j++] = DIGITS[(0xF0 & data[i]) >>> 4];
- out[j++] = DIGITS[0x0F & data[i]];
- }
-
- return out;
- }
- }
③RedisUtils.java
- import org.springframework.beans.factory.annotation.Autowired;
- import org.springframework.data.redis.core.*;
- import org.springframework.stereotype.Component;
- import java.io.Serializable;
- import java.util.List;
- import java.util.Set;
- import java.util.concurrent.TimeUnit;
-
-
- @Component
- public class RedisUtils {
-
- @Autowired
- private RedisTemplate redisTemplate;
-
- /**
- * 写入String型 [ 键,值]
- *
- * @param key
- * @param value
- * @return
- */
-
- public boolean set(final String key, Object value) {
- boolean result = false;
- try {
- ValueOperations<Serializable, Object> operations = redisTemplate.opsForValue();
- operations.set(key, value);
- result = true;
- } catch (Exception e) {
- e.printStackTrace();
- }
- return result;
-
- }
-
-
-
- /**
- * 写入String型,顺便带有过期时间 [ 键,值]
- *
- * @param key
- * @param value
- * @return
- */
-
- public boolean setWithTime(final String key, Object value,int seconds) {
- boolean result = false;
- try {
-
- ValueOperations<Serializable, Object> operations = redisTemplate.opsForValue();
- operations.set(key, value,seconds, TimeUnit.SECONDS);
- result = true;
- } catch (Exception e) {
- e.printStackTrace();
- }
- return result;
-
- }
-
-
-
- /**
- * 批量删除对应的value
- *
- * @param keys
- */
-
- public void remove(final String... keys) {
- for (String key : keys) {
- remove(key);
- }
- }
-
- /**
- * 批量删除key
- *
- * @param pattern
- */
-
- public void removePattern(final String pattern) {
- Set<Serializable> keys = redisTemplate.keys(pattern);
- if (keys.size() > 0)
- redisTemplate.delete(keys);
- }
-
- /**
- * 删除对应的value
- *
- * @param key
- */
-
- public void remove(final String key) {
- if (exists(key)) {
- redisTemplate.delete(key);
- }
- }
-
-
- /**
- * 判断缓存中是否有对应的value
- *
- * @param key
- * @return
- */
-
- public boolean exists(final String key) {
- return redisTemplate.hasKey(key);
- }
-
-
- /**
- * 读取缓存
- *
- * @param key
- * @return
- */
-
- public Object get(final String key) {
- Object result = null;
- ValueOperations<Serializable, Object> operations = redisTemplate.opsForValue();
- result = operations.get(key);
- return result;
- }
-
-
- /**
- * 哈希 添加
- * hash 一个键值(key->value)对集合
- *
- * @param key
- * @param hashKey
- * @param value
- */
-
- public void hmSet(String key, Object hashKey, Object value) {
-
- HashOperations<String, Object, Object> hash = redisTemplate.opsForHash();
-
- hash.put(key, hashKey, value);
-
- }
-
-
- /**
- * Hash获取数据
- *
- * @param key
- * @param hashKey
- * @return
- */
-
- public Object hmGet(String key, Object hashKey) {
- HashOperations<String, Object, Object> hash = redisTemplate.opsForHash();
- return hash.get(key, hashKey);
-
- }
-
-
- /**
- * 列表添加
- * list:lpush key value1
- *
- * @param k
- * @param v
- */
-
- public void lPush(String k, Object v) {
- ListOperations<String, Object> list = redisTemplate.opsForList();
- list.rightPush(k, v);
- }
-
-
- /**
- * 列表List获取
- * lrange: key 0 10 (读取的个数 从0开始 读取到下标为10 的数据)
- *
- * @param k
- * @param l
- * @param l1
- * @return
- */
-
- public List<Object> lRange(String k, long l, long l1) {
- ListOperations<String, Object> list = redisTemplate.opsForList();
- return list.range(k, l, l1);
- }
-
-
- /**
- * Set集合添加
- *
- * @param key
- * @param value
- */
-
- public void add(String key, Object value) {
- SetOperations<String, Object> set = redisTemplate.opsForSet();
- set.add(key, value);
- }
-
-
- /**
- * Set 集合获取
- *
- * @param key
- * @return
- */
-
- public Set<Object> setMembers(String key) {
-
- SetOperations<String, Object> set = redisTemplate.opsForSet();
-
- return set.members(key);
-
- }
-
-
- /**
- * Sorted set :有序集合添加
- *
- * @param key
- * @param value
- * @param scoure
- */
-
- public void zAdd(String key, Object value, double scoure) {
- ZSetOperations<String, Object> zset = redisTemplate.opsForZSet();
- zset.add(key, value, scoure);
- }
-
-
- /**
- * Sorted set:有序集合获取
- *
- * @param key
- * @param scoure
- * @param scoure1
- * @return
- */
-
- public Set<Object> rangeByScore(String key, double scoure, double scoure1) {
-
- ZSetOperations<String, Object> zset = redisTemplate.opsForZSet();
-
- return zset.rangeByScore(key, scoure, scoure1);
-
- }
-
-
- /**
- * 根据key获取Set中的所有值
- *
- * @param key 键
- * @return
- */
-
- public Set<Integer> sGet(String key) {
- try {
- return redisTemplate.opsForSet().members(key);
- } catch (Exception e) {
- e.printStackTrace();
- return null;
- }
- }
-
-
- /**
- * 根据value从一个set中查询,是否存在
- *
- * @param key 键
- * @param value 值
- * @return true 存在 false不存在
- */
-
- public boolean sHasKey(String key, Object value) {
- try {
- return redisTemplate.opsForSet().isMember(key, value);
- } catch (Exception e) {
- e.printStackTrace();
- return false;
- }
- }
-
- }
RedisConfig.java
- import com.fasterxml.jackson.annotation.JsonAutoDetect;
- import com.fasterxml.jackson.annotation.PropertyAccessor;
- import com.fasterxml.jackson.databind.ObjectMapper;
- import org.springframework.cache.CacheManager;
- import org.springframework.cache.annotation.EnableCaching;
- import org.springframework.context.annotation.Bean;
- import org.springframework.context.annotation.Configuration;
- import org.springframework.data.redis.cache.RedisCacheConfiguration;
- import org.springframework.data.redis.cache.RedisCacheManager;
- import org.springframework.data.redis.connection.RedisConnectionFactory;
- import org.springframework.data.redis.core.RedisTemplate;
- import org.springframework.data.redis.core.StringRedisTemplate;
- import org.springframework.data.redis.serializer.Jackson2JsonRedisSerializer;
- import org.springframework.data.redis.serializer.RedisSerializationContext;
- import org.springframework.data.redis.serializer.StringRedisSerializer;
- import static org.springframework.data.redis.cache.RedisCacheConfiguration.defaultCacheConfig;
-
- /**
- * @Author: JCccc
- * @CreateTime: 2018-09-11
- * @Description:
- */
- @Configuration
- @EnableCaching
- public class RedisConfig {
- @Bean
- public CacheManager cacheManager(RedisConnectionFactory connectionFactory) {
- RedisCacheConfiguration cacheConfiguration =
- defaultCacheConfig()
- .disableCachingNullValues()
- .serializeValuesWith(RedisSerializationContext.SerializationPair.fromSerializer(new Jackson2JsonRedisSerializer(Object.class)));
- return RedisCacheManager.builder(connectionFactory).cacheDefaults(cacheConfiguration).build();
- }
-
-
- @Bean
- public RedisTemplate<String, Object> redisTemplate(RedisConnectionFactory factory) {
- RedisTemplate<String, Object> redisTemplate = new RedisTemplate<>();
- redisTemplate.setConnectionFactory(factory);
- Jackson2JsonRedisSerializer jackson2JsonRedisSerializer = new Jackson2JsonRedisSerializer(Object.class);
- ObjectMapper om = new ObjectMapper();
- om.setVisibility(PropertyAccessor.ALL, JsonAutoDetect.Visibility.ANY);
- om.enableDefaultTyping(ObjectMapper.DefaultTyping.NON_FINAL);
- jackson2JsonRedisSerializer.setObjectMapper(om);
- //序列化设置 ,这样为了存储操作对象时正常显示的数据,也能正常存储和获取
- redisTemplate.setKeySerializer(new StringRedisSerializer());
- redisTemplate.setValueSerializer(jackson2JsonRedisSerializer);
- redisTemplate.setHashKeySerializer(new StringRedisSerializer());
- redisTemplate.setHashValueSerializer(jackson2JsonRedisSerializer);
- return redisTemplate;
- }
- @Bean
- public StringRedisTemplate stringRedisTemplate(RedisConnectionFactory factory) {
- StringRedisTemplate stringRedisTemplate = new StringRedisTemplate();
- stringRedisTemplate.setConnectionFactory(factory);
- return stringRedisTemplate;
- }
-
- }
最后写测试接口,看看效果(一个POST,一个GET):
故意把时间放大,1000秒内重复调用,符合我们拦截规则的都会被拦截。
TestController.java
- import com.example.repeatdemo.dto.PayOrderApply;
- import com.example.repeatdemo.annotation.RepeatDaMie;
- import org.slf4j.Logger;
- import org.slf4j.LoggerFactory;
- import org.springframework.web.bind.annotation.*;
-
- /**
- * @Author: JCccc
- * @Date: 2022-6-05 9:44
- * @Description:
- */
- @RestController
- public class TestController {
- private final Logger log = LoggerFactory.getLogger(this.getClass());
-
- @RepeatDaMie(second = 1000,describe = "尊敬的客户,您慢点")
- @PostMapping(value = "/doPost")
- @ResponseBody
- public void test(@RequestBody PayOrderApply payOrderApply) {
- log.info("Controller POST请求:"+payOrderApply.toString());
- }
-
- @RepeatDaMie(second = 1000,describe = "大哥,你冷静点")
- @GetMapping(value = "/doGet")
- @ResponseBody
- public void doGet( PayOrderApply payOrderApply) {
- log.info("Controller GET请求:"+payOrderApply.toString());
- }
-
- }
PayOrderApply.java
- /**
- * @Author: JCccc
- * @Date: 2022-6-12 9:46
- * @Description:
- */
- public class PayOrderApply {
-
- private String sn;
- private Long amount;
- private String proCode;
-
- public String getSn() {
- return sn;
- }
-
- public void setSn(String sn) {
- this.sn = sn;
- }
-
- public Long getAmount() {
- return amount;
- }
-
- public void setAmount(Long amount) {
- this.amount = amount;
- }
-
- public String getProCode() {
- return proCode;
- }
-
- public void setProCode(String proCode) {
- this.proCode = proCode;
- }
-
- @Override
- public String toString() {
- return "PayOrderApply{" +
- "sn='" + sn + '\'' +
- ", amount=" + amount +
- ", proCode='" + proCode + '\'' +
- '}';
- }
- }
redis生成了值:
好了,该篇就到这吧、