package com.backendsys.aspect; import com.backendsys.exception.CustException; import com.backendsys.modules.common.config.redis.utils.RedisUtil; import com.backendsys.modules.common.config.security.utils.HttpRequestUtil; import jakarta.servlet.http.HttpServletRequest; import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; import org.aspectj.lang.JoinPoint; import org.aspectj.lang.annotation.Aspect; import org.aspectj.lang.annotation.Before; import org.aspectj.lang.reflect.MethodSignature; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.data.redis.core.RedisTemplate; import org.springframework.stereotype.Component; import java.lang.reflect.Method; import java.util.concurrent.TimeUnit; /** * 限流 * @RateLimiting(key = "systemLoginWithPhone") * @RateLimiting(key = "systemLoginWithPhone", duration = 2, limit = 10) */ @Slf4j @Aspect @Component @RequiredArgsConstructor public class RateLimitingAspect { @Autowired private RedisUtil redisUtil; @Autowired private HttpRequestUtil httpRequestUtil; /** * 带有注解的方法之前执行 * - duration: 限流周期 (秒) (默认1秒内) * - limit: 限流次数 (默认1秒5次) */ @SuppressWarnings("unchecked") @Before("@annotation(rateLimiting)") public void doBefore(RateLimiting rateLimiting) { // 限流标识: 方法名-IP-用户ID String key = "ratelimit-" + rateLimiting.key() + "-" + httpRequestUtil.getIpAddr() + '-' + httpRequestUtil.getUserId(); String lockKey = "lock-" + key; // 已锁定 Integer isLocked = redisUtil.getCacheObject(lockKey); if (isLocked != null) throw new CustException("访问过于频繁,请稍后再试!"); // 未达到限流次数,自增 long value = redisUtil.increment(key, 1); if (value > rateLimiting.limit()) { System.out.println("接口限流: " + key); redisUtil.setCacheObject(lockKey, 1, rateLimiting.lockDuration(), TimeUnit.SECONDS); throw new CustException("访问过于频繁,请稍后再试!"); } // 第一次请求设置过期时间 if (value == 1) redisUtil.expire(key, rateLimiting.duration(), TimeUnit.SECONDS); } }