其他
公司的API接口被刷了,那是因为你没这样做!
作者: 海向
来源: cnblogs.com/haixiang/p/12012728.html
api限流的场景
api限流实战
AccessLimit,使用注解方式在方法上限流更优雅更方便!三个参数分别代表有效时间、最大访问次数、是否需要登录,可以理解为 seconds 内最多访问 maxCount 次。import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
@Retention(RetentionPolicy.RUNTIME)
@Target(ElementType.METHOD)
public @interface AccessLimit {
int seconds();
int maxCount();
boolean needLogin() default true;
}限流的思路
key是否存在,是否count超过了限制的访问次数response返回msg:请求过于频繁给前端予以展示import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class AccessLimtInterceptor implements HandlerInterceptor {
private RedisService redisService;
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
if (handler instanceof HandlerMethod) {
HandlerMethod hm = (HandlerMethod) handler;
AccessLimit accessLimit = hm.getMethodAnnotation(AccessLimit.class);
if (null == accessLimit) {
return true;
}
int seconds = accessLimit.seconds();
int maxCount = accessLimit.maxCount();
boolean needLogin = accessLimit.needLogin();
if (needLogin) {
//判断是否登录
}
String key = request.getContextPath() + ":" + request.getServletPath() + ":" + ip ;
Integer count = redisService.get(key);
if (null == count || -1 == count) {
redisService.set(key, 1);
redisService.expire(seconds);
return true;
}
if (count < maxCount) {
redisService.inCr(key);
return true;
}
if (count >= maxCount) {
// response 返回 json 请求过于频繁请稍后再试
return false;
}
}
return true;
}
}import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
// extends WebMvcConfigurerAdapter 已经废弃,java 8开始直接继承就可以
public class IntercepterConfig implements WebMvcConfigurer {
private AccessLimtInterceptor accessLimtInterceptor;
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(accessLimtInterceptor)
.addPathPatterns("/拦截路径")
.excludePathPatterns("/不被拦截路径 通常为登录注册或者首页");
}
}Controller层的方法上直接可以使用注解@AccessLimitimport org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
("test")
public class TestControler {
("accessLimit")
(seconds = 3, maxCount = 10)
public String testAccessLimit() {
//xxxx
return "";
}
}-End-
加小编微信:xiaobaito,免费获取一份架构师资料。还可以邀请加入咱们的「菜鸟架构」技术群一起讨论技术,禁止发广告及垃圾信息哦。
热门阅读
如何访问 Redis 中的海量数据?
40个笑到抽筋的神回复,哈哈哈哈哈...面试问Kafka,这一篇全搞定比 Spring Boot 快 10 倍的 Bootique 框架!面试必问!关于 Git 提交这些规范
更多请关注“菜鸟架构”公众号,将不断呈现更多架构干货!
给个在看,谢谢老板!