From 521704e00f169dbb96d5909e4e5857e6dccc65ab Mon Sep 17 00:00:00 2001
From: Junjie <540245094@qq.com>
Date: 星期二, 21 十月 2025 15:04:53 +0800
Subject: [PATCH] #
---
src/main/java/com/zy/common/config/AdminInterceptor.java | 22 ++++++++++++++++++----
1 files changed, 18 insertions(+), 4 deletions(-)
diff --git a/src/main/java/com/zy/common/config/AdminInterceptor.java b/src/main/java/com/zy/common/config/AdminInterceptor.java
index 04ca10f..6c12489 100644
--- a/src/main/java/com/zy/common/config/AdminInterceptor.java
+++ b/src/main/java/com/zy/common/config/AdminInterceptor.java
@@ -4,6 +4,8 @@
import com.core.annotations.ManagerAuth;
import com.core.common.BaseRes;
import com.core.common.Cools;
+import com.google.common.util.concurrent.RateLimiter;
+import com.zy.common.model.annotations.RateLimit;
import com.zy.common.utils.Http;
import com.zy.system.entity.Permission;
import com.zy.system.entity.RolePermission;
@@ -12,6 +14,7 @@
import com.zy.system.service.*;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
+import org.springframework.http.HttpStatus;
import org.springframework.lang.Nullable;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
@@ -21,6 +24,7 @@
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.lang.reflect.Method;
+import java.util.concurrent.TimeUnit;
/**
* Created by vincent on 2019-06-13
@@ -41,11 +45,23 @@
@Autowired
private RolePermissionService rolePermissionService;
+ private final RateLimiter rateLimiter = RateLimiter.create(10);// 榛樿姣忕鏈�澶氬鐞� 10 涓姹�
+
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
cors(response);
if (handler instanceof org.springframework.web.servlet.resource.ResourceHttpRequestHandler) {
return true;
+ }
+ HandlerMethod handlerMethod = (HandlerMethod) handler;
+ Method method = handlerMethod.getMethod();
+ if (method.isAnnotationPresent(RateLimit.class)){
+ RateLimit annotation = method.getAnnotation(RateLimit.class);
+ rateLimiter.setRate(annotation.value());
+ if (!rateLimiter.tryAcquire(annotation.value(), TimeUnit.SECONDS)) {
+ response.setStatus(HttpStatus.TOO_MANY_REQUESTS.value());
+ return false;
+ }
}
// super璐﹀彿
String token = request.getHeader("token");
@@ -54,7 +70,7 @@
if (deToken!=null){
long timestamp = Long.parseLong(deToken.substring(0, 13));
// 1澶╁悗杩囨湡
- if (System.currentTimeMillis() - timestamp > 86400000){
+ if (System.currentTimeMillis() - timestamp > 64800000){
Http.response(response, BaseRes.DENIED);
return false;
}
@@ -66,8 +82,6 @@
}
// 璺ㄥ煙璁剧疆
// response.setHeader("Access-Control-Allow-Origin", "*");
- HandlerMethod handlerMethod = (HandlerMethod) handler;
- Method method = handlerMethod.getMethod();
if (method.isAnnotationPresent(ManagerAuth.class)){
ManagerAuth annotation = method.getAnnotation(ManagerAuth.class);
if (annotation.value().equals(ManagerAuth.Auth.CHECK)){
@@ -99,7 +113,7 @@
String deToken = Cools.deTokn(token, user.getPassword());
long timestamp = Long.parseLong(deToken.substring(0, 13));
// 1澶╁悗杩囨湡
- if (System.currentTimeMillis() - timestamp > 86400000){
+ if (System.currentTimeMillis() - timestamp > 64800000){
Http.response(response, BaseRes.DENIED);
return false;
}
--
Gitblit v1.9.1