Spring Boot 使用 AOP 防止重复提交
2019-03-30 本文已影响110人
殷天文
在传统的web项目中,防止重复提交,通常做法是:后端生成一个唯一的提交令牌(uuid),并存储在服务端。页面提交请求携带这个提交令牌,后端验证并在第一次验证后删除该令牌,保证提交请求的唯一性。
上述的思路其实没有问题的,但是需要前后端都稍加改动,如果在业务开发完在加这个的话,改动量未免有些大了,本节的实现方案无需前端配合,纯后端处理。
思路
- 自定义注解
@NoRepeatSubmit标记所有Controller中的提交请求 - 通过AOP 对所有标记了
@NoRepeatSubmit的方法拦截 - 在业务方法执行前,获取当前用户的 token(或者JSessionId)+ 当前请求地址,作为一个唯一 KEY,去获取 Redis 分布式锁(如果此时并发获取,只有一个线程会成功获取锁)
- 业务方法执行后,释放锁
关于Redis 分布式锁
- 不了解的同学戳这里 ==> Redis分布式锁的正确实现方式
- 使用Redis 是为了在负载均衡部署,如果是单机的部署的项目可以使用一个线程安全的HashMap 替代 Redis
Code
这里只贴出 AOP 类和测试类,完整代码见 ==> Gitee
@Aspect
@Component
public class RepeatSubmitAspect {
private static final Logger LOGGER = LoggerFactory.getLogger(RepeatSubmitAspect.class);
@Autowired
private RedisLock redisLock;
@Pointcut("@annotation(com.gitee.taven.aop.NoRepeatSubmit)")
public void pointCut() {}
@Around("pointCut()")
public Object before(ProceedingJoinPoint pjp) {
try {
HttpServletRequest request = RequestUtils.getRequest();
Assert.notNull(request, "request can not null");
// 此处可以用token或者JSessionId
String token = request.getHeader("Authorization");
String path = request.getServletPath();
String key = getKey(token, path);
String clientId = getClientId();
boolean isSuccess = redisLock.tryLock(key, clientId, 10);
LOGGER.info("tryLock key = [{}], clientId = [{}]", key, clientId);
if (isSuccess) {
LOGGER.info("tryLock success, key = [{}], clientId = [{}]", key, clientId);
// 获取锁成功, 执行进程
Object result = pjp.proceed();
// 解锁
redisLock.releaseLock(key, clientId);
LOGGER.info("releaseLock success, key = [{}], clientId = [{}]", key, clientId);
return result;
} else {
// 获取锁失败,认为是重复提交的请求
LOGGER.info("tryLock fail, key = [{}]", key);
return new ApiResult(200, "重复请求,请稍后再试", null);
}
} catch (Throwable throwable) {
throwable.printStackTrace();
}
return new ApiResult(500, "系统异常", null);
}
private String getKey(String token, String path) {
return token + path;
}
private String getClientId() {
return UUID.randomUUID().toString();
}
}
多线程测试
测试代码如下,模拟十个请求并发同时提交
@Component
public class RunTest implements ApplicationRunner {
private static final Logger LOGGER = LoggerFactory.getLogger(RunTest.class);
@Autowired
private RestTemplate restTemplate;
@Override
public void run(ApplicationArguments args) throws Exception {
System.out.println("执行多线程测试");
String url="http://localhost:8000/submit";
CountDownLatch countDownLatch = new CountDownLatch(1);
ExecutorService executorService = Executors.newFixedThreadPool(10);
for(int i=0; i<10; i++){
String userId = "userId" + i;
HttpEntity request = buildRequest(userId);
executorService.submit(() -> {
try {
countDownLatch.await();
System.out.println("Thread:"+Thread.currentThread().getName()+", time:"+System.currentTimeMillis());
ResponseEntity<String> response = restTemplate.postForEntity(url, request, String.class);
System.out.println("Thread:"+Thread.currentThread().getName() + "," + response.getBody());
} catch (InterruptedException e) {
e.printStackTrace();
}
});
}
countDownLatch.countDown();
}
private HttpEntity buildRequest(String userId) {
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_JSON);
headers.set("Authorization", "yourToken");
Map<String, Object> body = new HashMap<>();
body.put("userId", userId);
return new HttpEntity<>(body, headers);
}
}
成功防止重复提交,控制台日志如下,可以看到十个线程的启动时间几乎同时,只有一个请求提交成功了
执行多线程测试
Thread:pool-1-thread-1, time:1553949617194
Thread:pool-1-thread-10, time:1553949617194
Thread:pool-1-thread-7, time:1553949617194
Thread:pool-1-thread-3, time:1553949617194
Thread:pool-1-thread-9, time:1553949617195
Thread:pool-1-thread-4, time:1553949617194
Thread:pool-1-thread-2, time:1553949617194
Thread:pool-1-thread-8, time:1553949617195
Thread:pool-1-thread-6, time:1553949617194
Thread:pool-1-thread-5, time:1553949617194
2019-03-30 20:40:17.425 INFO 3668 --- [io-8000-exec-10] o.a.c.c.C.[Tomcat].[localhost].[/] : Initializing Spring DispatcherServlet 'dispatcherServlet'
2019-03-30 20:40:17.425 INFO 3668 --- [io-8000-exec-10] o.s.web.servlet.DispatcherServlet : Initializing Servlet 'dispatcherServlet'
2019-03-30 20:40:17.437 INFO 3668 --- [io-8000-exec-10] o.s.web.servlet.DispatcherServlet : Completed initialization in 12 ms
2019-03-30 20:40:17.806 INFO 3668 --- [io-8000-exec-10] com.gitee.taven.aop.RepeatSubmitAspect : tryLock key = [yourToken/submit], clientId = [dfa7e9f8-fe1d-441b-8f92-d3eda08c1ff6]
2019-03-30 20:40:17.807 INFO 3668 --- [io-8000-exec-10] com.gitee.taven.aop.RepeatSubmitAspect : tryLock success, key = [yourToken/submit], clientId = [dfa7e9f8-fe1d-441b-8f92-d3eda08c1ff6]
2019-03-30 20:40:17.823 INFO 3668 --- [nio-8000-exec-3] com.gitee.taven.aop.RepeatSubmitAspect : tryLock key = [yourToken/submit], clientId = [0f01c757-61f6-4929-a19a-97d99cd3fa35]
2019-03-30 20:40:17.823 INFO 3668 --- [nio-8000-exec-3] com.gitee.taven.aop.RepeatSubmitAspect : tryLock fail, key = [yourToken/submit]
2019-03-30 20:40:17.885 INFO 3668 --- [nio-8000-exec-4] com.gitee.taven.aop.RepeatSubmitAspect : tryLock key = [yourToken/submit], clientId = [1a7b133c-d96f-4ec4-93f9-5d43bbd8f2d5]
2019-03-30 20:40:17.885 INFO 3668 --- [nio-8000-exec-4] com.gitee.taven.aop.RepeatSubmitAspect : tryLock fail, key = [yourToken/submit]
2019-03-30 20:40:17.887 INFO 3668 --- [nio-8000-exec-5] com.gitee.taven.aop.RepeatSubmitAspect : tryLock key = [yourToken/submit], clientId = [6d2280c6-cf2a-48e3-adc0-d11cf5c7d8bf]
2019-03-30 20:40:17.887 INFO 3668 --- [nio-8000-exec-5] com.gitee.taven.aop.RepeatSubmitAspect : tryLock fail, key = [yourToken/submit]
2019-03-30 20:40:17.890 INFO 3668 --- [nio-8000-exec-6] com.gitee.taven.aop.RepeatSubmitAspect : tryLock key = [yourToken/submit], clientId = [db147df8-5889-48fd-840b-bd6343ff7013]
2019-03-30 20:40:17.891 INFO 3668 --- [nio-8000-exec-6] com.gitee.taven.aop.RepeatSubmitAspect : tryLock fail, key = [yourToken/submit]
2019-03-30 20:40:17.892 INFO 3668 --- [nio-8000-exec-1] com.gitee.taven.aop.RepeatSubmitAspect : tryLock key = [yourToken/submit], clientId = [9d37f2c6-a4b2-4545-8d68-9c107bcbf1a5]
2019-03-30 20:40:17.896 INFO 3668 --- [nio-8000-exec-7] com.gitee.taven.aop.RepeatSubmitAspect : tryLock key = [yourToken/submit], clientId = [6ef16866-d86b-443b-b226-c9ffe5798579]
2019-03-30 20:40:17.896 INFO 3668 --- [nio-8000-exec-7] com.gitee.taven.aop.RepeatSubmitAspect : tryLock fail, key = [yourToken/submit]
2019-03-30 20:40:17.905 INFO 3668 --- [nio-8000-exec-9] com.gitee.taven.aop.RepeatSubmitAspect : tryLock key = [yourToken/submit], clientId = [fab5fdf3-3ec8-4d4a-b946-1c641f8f3900]
2019-03-30 20:40:17.905 INFO 3668 --- [nio-8000-exec-9] com.gitee.taven.aop.RepeatSubmitAspect : tryLock fail, key = [yourToken/submit]
2019-03-30 20:40:17.892 INFO 3668 --- [nio-8000-exec-1] com.gitee.taven.aop.RepeatSubmitAspect : tryLock fail, key = [yourToken/submit]
2019-03-30 20:40:17.938 INFO 3668 --- [nio-8000-exec-8] com.gitee.taven.aop.RepeatSubmitAspect : tryLock key = [yourToken/submit], clientId = [3ebd5063-540b-406b-9222-c5546d6cff0b]
2019-03-30 20:40:17.938 INFO 3668 --- [nio-8000-exec-8] com.gitee.taven.aop.RepeatSubmitAspect : tryLock fail, key = [yourToken/submit]
2019-03-30 20:40:17.944 INFO 3668 --- [nio-8000-exec-2] com.gitee.taven.aop.RepeatSubmitAspect : tryLock key = [yourToken/submit], clientId = [8f6e86d6-ebcf-4fa3-a99b-0db8ece9ab17]
2019-03-30 20:40:17.945 INFO 3668 --- [nio-8000-exec-2] com.gitee.taven.aop.RepeatSubmitAspect : tryLock fail, key = [yourToken/submit]
Thread:pool-1-thread-5,{"code":200,"message":"重复请求,请稍后再试","data":null}
Thread:pool-1-thread-3,{"code":200,"message":"重复请求,请稍后再试","data":null}
Thread:pool-1-thread-1,{"code":200,"message":"重复请求,请稍后再试","data":null}
Thread:pool-1-thread-6,{"code":200,"message":"重复请求,请稍后再试","data":null}
Thread:pool-1-thread-8,{"code":200,"message":"重复请求,请稍后再试","data":null}
Thread:pool-1-thread-2,{"code":200,"message":"重复请求,请稍后再试","data":null}
Thread:pool-1-thread-9,{"code":200,"message":"重复请求,请稍后再试","data":null}
Thread:pool-1-thread-7,{"code":200,"message":"重复请求,请稍后再试","data":null}
Thread:pool-1-thread-4,{"code":200,"message":"重复请求,请稍后再试","data":null}
2019-03-30 20:40:22.826 INFO 3668 --- [io-8000-exec-10] com.gitee.taven.aop.RepeatSubmitAspect : releaseLock success, key = [yourToken/submit], clientId = [dfa7e9f8-fe1d-441b-8f92-d3eda08c1ff6]
Thread:pool-1-thread-10,{"code":200,"message":"成功","data":"userId9"}
本节demo
戳这里 ==> Gitee
build项目之后,启动本地redis,运行项目自动执行测试方法
