使用redis作計數器總結
最近公司系統要求作一個防止刷單的安全攔截,初步擬定的規則是單個用戶一天只拿下5單,單個ip一天只能下10單,這個時候天然考慮到了用redis來存儲java
下單計數,天天當第一個用戶下單時,在redis中建立兩個map對象,20170314_pz_ip_order_count 用來儲存20170314 這天的ip 下單計數,map的key是ip地址,20170314_pz_user_order_count 用來存儲20170314這天的用戶下單計數 map對象的key是用戶id.web
1.redis依賴包
redis
<dependency>
<groupId>org.springframework.data</groupId>
<artifactId>spring-data-redis</artifactId>
<version>1.4.0.RELEASE</version>
</dependency>
<dependency>
<groupId>redis.clients</groupId>
<artifactId>jedis</artifactId>
<version>2.5.1</version>
</dependency>
ps:用於開始導入的clieant的jar包1.4 版本比較低,因此致使redis連不上,因此redis仍是要看服務端的版本,選擇對應的clientspring
2.spring配置
apache
<bean id="poolConfig" class="redis.clients.jedis.JedisPoolConfig">
<property name="maxTotal" value="${redis.maxTotal}" />
<property name="maxIdle" value="${redis.maxIdle}" />
<property name="maxWaitMillis" value="${redis.maxWaitMillis}" />
<property name="testOnBorrow" value="${redis.testOnBorrow}" />
</bean> json
<bean id="connectionFactory"
class="org.springframework.data.redis.connection.jedis.JedisConnectionFactory">
<property name="usePool" value="${redis.usePool}"></property>
<property name="hostName" value="${redis.host}" />
<property name="port" value="${redis.port}" />
<property name="password" value="${redis.password}" />
<property name="timeout" value="${redis.timeout}" />
<constructor-arg index="0" ref="poolConfig" />
</bean> 瀏覽器
<bean id="redisTemplate" class="org.springframework.data.redis.core.StringRedisTemplate">
<property name="connectionFactory" ref="connectionFactory" />
</bean>
ps:高版本的poolConfig配置屬性有所變動,好比以前maxAcive 變爲 maxTotal tomcat
3.編碼
安全
package com.pz998.rpc.service.impl; mvc
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.data.redis.serializer.RedisSerializer;
public abstract class AbstractBaseRedisService<K, V>{
@Autowired
protected RedisTemplate<K, V> redisTemplate;
/**
* 設置redisTemplate
* @param redisTemplate the redisTemplate to set
*/
public void setRedisTemplate(RedisTemplate<K, V> redisTemplate) {
this.redisTemplate = redisTemplate;
}
/**
* 獲取 RedisSerializer
* <br>------------------------------<br>
*/
protected RedisSerializer<String> getRedisSerializer() {
return redisTemplate.getStringSerializer();
}
}
package com.pz998.rpc.service.impl;
import java.util.Date;
import java.util.concurrent.TimeUnit;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.lang.time.DateFormatUtils;
import org.springframework.stereotype.Service;
import com.pz998.rpc.common.utils.Contents;
import com.pz998.rpc.service.RequestCountRpcService;
@Service("requestCountRpcService")
public class RequestCountRpcServiceImpl extends AbstractBaseRedisService<String, Object> implements RequestCountRpcService{
public void ipCount(String ip, Integer count) {
String curDate = DateFormatUtils.format(new Date(), "yyyyMMdd");
String key = curDate+Contents.IP_LIMIT_KEY_SUFFIX;
Integer oldCount = get(key,ip);
oldCount = oldCount+count;
add(key, ip,oldCount);
}
public void userCount(String userId, Integer count) {
String curDate = DateFormatUtils.format(new Date(), "yyyyMMdd");
String key = curDate+Contents.USER_LIMIT_KEY_SUFFIX;
Integer oldCount = get(key,userId);
oldCount = oldCount+count;
add(key,userId,oldCount);
}
public void clear(String key, String hashKey){
redisTemplate.opsForHash().delete(key, hashKey);
}
public void add(String key, String hashKey, Integer count) {
String countStr = count==null?"0":count.toString();
redisTemplate.opsForHash().put(key,hashKey, countStr);
redisTemplate.expire(key, 24*60*2, TimeUnit.MINUTES);
}
public Integer get(String key, String hashKey) {
String val = (String)redisTemplate.opsForHash().get(key, hashKey);
if(StringUtils.isEmpty(val)){
return 0;
}
return Integer.parseInt(val);
}
}
4.攔截器配置
<mvc:interceptors>
<mvc:interceptor>
<mvc:mapping path="/**"/>
<bean class="com.pz998.app.service.interceptor.SecurityInterceptor">
<property name="ipLimitCount" value="10"></property>
<property name="userLimitCount" value="5"></property>
<property name="methodSet">
<set>
<value>submitJjqhOrder</value>
<value>submitYymyOrder</value>
<value>submitJypzOrder</value>
<value>submitGhpzOrder</value>
<value>submitDqbgOrder</value>
</set>
</property>
</bean>
</mvc:interceptor>
<!-- 當設置多個攔截器時,先按順序調用preHandle方法,而後逆序調用每一個攔截器的postHandle和afterCompletion方法 -->
</mvc:interceptors>
ps:將具體攔截的業務方法methodSet,ip限制的閥值ipLimitCount,user閥值userLimitCount 做爲攔截器的屬性進行注入,這樣加強了配置靈活性
5.攔截器編寫
package com.pz998.app.service.interceptor;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.Date;
import java.util.Set;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.lang.time.DateFormatUtils;
import org.springframework.web.context.WebApplicationContext;
import org.springframework.web.context.support.WebApplicationContextUtils;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import com.alibaba.fastjson.JSON;
import com.pz998.rpc.common.model.vo.ResponseVoRpc;
import com.pz998.rpc.common.utils.Contents;
import com.pz998.rpc.service.RequestCountRpcService;
public class SecurityInterceptor implements HandlerInterceptor{
private RequestCountRpcService requestCountRpcService;
private Integer ipLimitCount = 10;
private Integer userLimitCount = 5;
private Set<String> methodSet;
public String getRemoteHost(javax.servlet.http.HttpServletRequest request){
String ip = request.getHeader("x-forwarded-for");
if(ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)){
ip = request.getHeader("Proxy-Client-IP");
}
if(ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)){
ip = request.getHeader("WL-Proxy-Client-IP");
}
if(ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)){
ip = request.getRemoteAddr();
}
return ip.equals("0:0:0:0:0:0:0:1")?"127.0.0.1":ip;
}
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
throws Exception {
String customerId = request.getParameter("customerId");
String mn = request.getParameter("mn");
if(StringUtils.isEmpty(mn)){
return true;
}
if(!methodSet.contains(mn)){
return true;
}
ServletContext servletContext = request.getServletContext();
WebApplicationContext ctx = WebApplicationContextUtils.getWebApplicationContext(servletContext);
requestCountRpcService = (RequestCountRpcService)ctx.getBean("requestCountRpcService" );
String host = getRemoteHost(request);
ResponseVoRpc responseVoRpc = new ResponseVoRpc();
if(isLimitIp(host)){
PrintWriter out = null;
try {
out = response.getWriter();
response.setContentType("application/json;charset=UTF-8");
response.setHeader("Cache-Control", "no-cache");
responseVoRpc.setCode(ResponseVoRpc.CODE_COMMON_FAILED);
responseVoRpc.setCodeMsg("同一ip下單過多,已被限制");
out.write(JSON.toJSONString(responseVoRpc));
} catch (IOException e) {
e.printStackTrace();
}finally{
if(out != null)
out.close();
}
return false;
}
if(isLimitUser(customerId)){
PrintWriter out = null;
try {
out = response.getWriter();
response.setContentType("application/json;charset=UTF-8");
response.setHeader("Cache-Control", "no-cache");
responseVoRpc.setCode(ResponseVoRpc.CODE_COMMON_FAILED);
responseVoRpc.setCodeMsg("同一用戶下單過多,已被限制");
out.write(JSON.toJSONString(responseVoRpc));
} catch (IOException e) {
e.printStackTrace();
}finally{
if(out != null)
out.close();
}
return false;
}
requestCountRpcService.ipCount(host, 1);
requestCountRpcService.userCount(customerId, 1);
return true;
}
private boolean isLimitUser(String urseId) {
String key = DateFormatUtils.format(new Date(), "yyyyMMdd")+Contents.USER_LIMIT_KEY_SUFFIX;
Integer count = requestCountRpcService.get(key, urseId);
if(count>=userLimitCount){
return true;
}
return false;
}
private boolean isLimitIp(String host) {
String key = DateFormatUtils.format(new Date(), "yyyyMMdd")+Contents.IP_LIMIT_KEY_SUFFIX;
Integer count = requestCountRpcService.get(key, host);
if(count>=ipLimitCount){
return true;
}
return false;
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler,
ModelAndView modelAndView) throws Exception {
// TODO Auto-generated method stub
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex)
throws Exception {
// TODO Auto-generated method stub
}
public Integer getIpLimitCount() {
return ipLimitCount;
}
public void setIpLimitCount(Integer ipLimitCount) {
this.ipLimitCount = ipLimitCount;
}
public Integer getUserLimitCount() {
return userLimitCount;
}
public void setUserLimitCount(Integer userLimitCount) {
this.userLimitCount = userLimitCount;
}
public Set<String> getMethodSet() {
return methodSet;
}
public void setMethodSet(Set<String> methodSet) {
this.methodSet = methodSet;
}
}
複製連接,在瀏覽器打開
tomcat源碼解析
https://study.163.com/course/introduction/1209535854.htm
Springmvc源碼解析
https://study.163.com/course/introduction/1209536851.htm
dubbo源碼解析
https://study.163.com/course/introduction/1209648816.htm
- 1. 使用redis作計數器總結
- 2. redis使用總結-redis命令總結
- 3. redis 分佈式計數器總結
- 4. Redis使用總結
- 5. redis 使用總結
- 6. 【Redis】使用總結
- 7. redis使用總結
- 8. redis使用總結-redis命令使用
- 9. redis使用總結-redis應用場景
- 10. redis 簡單使用總結
- 更多相關文章...
- • Docker 容器使用 - Docker教程
- • 在Spring中使用Redis - Redis教程
- • 使用Rxjava計算圓周率
- • Composer 安裝與使用
-
每一个你不满意的现在,都有一个你没有努力的曾经。
- 1. 安裝cuda+cuDNN
- 2. GitHub的使用說明
- 3. phpDocumentor使用教程【安裝PHPDocumentor】
- 4. yarn run build報錯Component is not found in path 「npm/taro-ui/dist/weapp/components/rate/index「
- 5. 精講Haproxy搭建Web集羣
- 6. 安全測試基礎之MySQL
- 7. C/C++編程筆記:C語言中的複雜聲明分析,用實例帶你完全讀懂
- 8. Python3教程(1)----搭建Python環境
- 9. 李宏毅機器學習課程筆記2:Classification、Logistic Regression、Brief Introduction of Deep Learning
- 10. 阿里雲ECS配置速記
- 1. 使用redis作計數器總結
- 2. redis使用總結-redis命令總結
- 3. redis 分佈式計數器總結
- 4. Redis使用總結
- 5. redis 使用總結
- 6. 【Redis】使用總結
- 7. redis使用總結
- 8. redis使用總結-redis命令使用
- 9. redis使用總結-redis應用場景
- 10. redis 簡單使用總結