拦截器-防重复提交

为了保证接口幂等性，需要前后端都要做处理。

1 前端-提交按钮置灰，不再请求接口。

2 后盾-防重复提交。

package com.jiutong.zqp.manage.interceptor;

import groovy.util.logging.Slf4j;
import org.apache.commons.lang.StringUtils;
import org.apache.shiro.SecurityUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.data.redis.core.ValueOperations;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.Objects;
import java.util.concurrent.TimeUnit;

/**
 * bi 防重复提交
 * @author zhouq
 */
@Slf4j
public class RedisResubmitInterceptor implements HandlerInterceptor {

    private static final String RESUBMIT_TOKEN;

    static {
        RESUBMIT_TOKEN = "bi_resubmit_token_";
    }

    protected Logger logger = LoggerFactory.getLogger(getClass());

    @Autowired
    private RedisTemplate redisTemplate;

    private String[] NOT_INTERCEPT_URL = {"newOrders/orderStatusCount", "newOrders/getBuyerOrders","/views","/resources"};

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        Object shrioUser = null;
        try {
            //获取登入用户ID
            shrioUser = SecurityUtils.getSubject().getSession().getAttribute("adminUid");
        } catch (Exception e) {
        }
        if (shrioUser == null) {
            return true;
        }
        Integer userId = (Integer)shrioUser;
        if (userId == null || Objects.equals(userId, 0)) {
            return true;
        }
        //获取请求路径
        String methodFullName = request.getRequestURI() + "_" + userId;

        //其他请求不做防重复提交
        for (String url:  NOT_INTERCEPT_URL) {
            if (StringUtils.indexOf(methodFullName, url) > 0) {
                return true;
            }
        }
        //路径加密
        String resubmitTokenKey = RESUBMIT_TOKEN + MD5.MD5Encode(methodFullName);
        logger.debug("resubmitTokenKey lock key: " + resubmitTokenKey);
        //redis模版k-v 键值操作
        ValueOperations<String, String> valueOps = redisTemplate.opsForValue();
        //redis 如果resubmitTokenKey相同,自增
        long count = valueOps.increment(resubmitTokenKey, 1);
        // 如果等于1，说明是第一个请求，如果该KEY的数值大于1，说明是第一次请求处理未完成，重复提交的请求，不做处理
        if (count == 1) {
            // 设置有效期
            redisTemplate.expire(resubmitTokenKey, 30, TimeUnit.SECONDS);
            logger.debug("resubmitTokenKey get lock, key: " + resubmitTokenKey + " , expire in 20 seconds.");
            return true;
        } else {
            //判断日志级别
            if (logger.isDebugEnabled()) {
                String desc = String.valueOf(valueOps.get(resubmitTokenKey));
                logger.debug("resubmitTokenKey key: " + resubmitTokenKey + " locked by another business：" + desc);
            }
            return false;
        }

    }

    @Override
    public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception {

    }

    @Override
    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
        Object shrioUser = null;
        try {
            shrioUser = SecurityUtils.getSubject().getSession().getAttribute("adminUid");
        } catch (Exception e) {
        }
        if (shrioUser == null) {
            return ;
        }
        Integer userId = (Integer)shrioUser;
        String methodFullName = request.getRequestURI() + "_" + userId;
        String resubmitTokenKey = RESUBMIT_TOKEN + MD5.MD5Encode(methodFullName);
        //响应成功，删除缓存
        redisTemplate.delete(resubmitTokenKey);
    }


}