springboot结合ehcache防止恶意刷新请求的实现

 @Retention(RetentionPolicy.RUNTIME) @Target(ElementType.METHOD) @Documented @Order(Ordered.HIGHEST_PRECEDENCE) public @interface RequestLimit { /** * 允许访问的最大次数 */ int count() default 15; /** * 时间段，单位为毫秒，默认值一分钟 */ long time() default 1000*60; }

 @Aspect @Component public class RequestLimitAspect { private static final Logger logger = LoggerFactory.getLogger(RequestLimit.class); @Autowired EhcacheUtil ehcacheUtil; @Before("within(@org.springframework.stereotype.Controller *) && @annotation(limit)") public void requestLimit(final JoinPoint joinPoint , RequestLimit limit) throws RequestLimitException { try { Object[] args = joinPoint.getArgs(); HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest(); String ip = IpUtil.getRemoteIp(request); String uri = request.getRequestURI().toString(); String key = "req_"+uri+"_"+ip; String blackKey = "black_"+ip; // 黑名单IP封锁一段时间 int count = 0; // 访问次数 // 判断是否在黑名单 if (ehcacheUtil.contains("countcache",blackKey)){ throw new RequestLimitException(); }else{ // 判断是否已存在访问计数 if (!ehcacheUtil.contains("limitCache",key)) { ehcacheUtil.put("limitCache",key,1); } else { count = ehcacheUtil.getInt("limitCache",key)+1; ehcacheUtil.put("limitCache",key,count); if (count > limit.count()) { logger.info("用户IP[" + ip + "]访问地址[" + uri + "]超过了限定的次数[" + limit.count() + "]"); // 加入黑名单 ehcacheUtil.put("countcache",blackKey,"badguy"); throw new RequestLimitException(); } } } }catch (RequestLimitException e){ throw e; }catch (Exception e){ logger.error("发生异常",e); } } }

 @RequestLimit(count=10) @OperLog(operModule = "更多文章",operType = "查询",operDesc = "查询更多文章") @GetMapping("/more/{categoryId}") public String getMore(@PathVariable("categoryId") String categoryId, Model model, HttpServletRequest request) { // 略 }