How SpringBoot combines Aop+Redis to prevent repeated submission of interfaces
In actual development projects, an externally exposed interface often faces many requests. Let us explain the concept of idempotence: The impact of any multiple executions is the same as the impact of one execution. According to this meaning, the final meaning is that the impact on the database can only be one-time and cannot be processed repeatedly. How to ensure its idempotence usually involves the following methods:
1. Establish a unique index in the database to ensure that only one piece of data is ultimately inserted into the database.
2. Token mechanism. Obtain a token before each interface request, and then add this token to the header body of the request the next time. Verification is performed in the background. If the verification passes, the token is deleted. Next The token is judged again for each request.
3. Pessimistic lock or optimistic lock. Pessimistic lock can ensure that other SQL cannot update data every time for update (when the database engine is innodb, the select condition must be a unique index to prevent the entire table from being locked. )
4. Query first and then judge. First, query the database to see if the data exists. If it exists, it proves that the request has been made, and the request is directly rejected. If it does not exist, it proves that it is the first time to come in, and it is directly released.
Why should we prevent repeated submission of interfaces?
For some sensitive operation interfaces, such as new data interfaces and payment interfaces, if the user improperly clicks the submit button multiple times, these interfaces will be requested multiple times, which may eventually lead to system exceptions.
How can the front end be controlled?
The front end can be controlled through js. When the user clicks the submit button,
1. Set the button to be unclickable for a number of seconds.
2. After the button is clicked, a loading prompt box will pop up to avoid clicking again until the interface request returns. After
3. Click the button to jump to a new page
However, please remember, never trust the user’s behavior, because you don’t know what weird operations the user will do, so the most important thing is It still has to be processed on the back end.
Use aop redis for interception processing
1. Create the aspect class RepeatSubmitAspect
Implementation process: After the interface request, the token request path is used as the key value to read data from redis. If the key can be found, It proves that it was submitted repeatedly, and vice versa. If it is not a repeated submission, it will be released directly, and the key will be written into redis, and set to expire within a certain period of time (I set an expiration of 5s here)
In traditional web projects, in order to prevent For repeated submissions, the usual approach is: the backend generates a unique submission token (uuid) and stores it on the server. When the page initiates a request, it carries the secondary token. The backend deletes the token after verifying the request to ensure the uniqueness of the request.
However, the appeal method requires changes to both the front and back ends. If it is in the early stage of the project, it can be achieved. However, in the later stage of the project, many functions have been implemented and it is impossible to make large-scale changes.
Ideas
1. Customize the annotation @NoRepeatSubmit to mark all requests submitted in the Controller
2. Intercept all methods marked with @NoRepeatSubmit through AOP
3. Execute the business method Before, obtain the current user's token or JSessionId current request address as a unique key to obtain the redis distributed lock. If concurrent acquisition is performed at this time, only one thread can obtain it.
4. After the business is executed, release the lock
About Redis distributed lock
Using Redis is for load balancing deployment. If it is a stand-alone project, you can use a local thread-safe Cache to replace Redis
Code
Custom annotation
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
/**
* @ClassName NoRepeatSubmit
* @Description 这里描述
* @Author admin
* @Date 2021/3/2 16:16
*/
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
public @interface NoRepeatSubmit {
/**
* 设置请求锁定时间
*
* @return
*/
int lockTime() default 10;
}AOP
package com.hongkun.aop;
/**
* @ClassName RepeatSubmitAspect
* @Description 这里描述
* @Author admin
* @Date 2021/3/2 16:15
*/
import com.hongkun.until.ApiResult;
import com.hongkun.until.Result;
import com.hongkun.until.RedisLock;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Pointcut;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.util.Assert;
import org.springframework.web.context.request.RequestAttributes;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import javax.servlet.http.HttpServletRequest;
import java.util.UUID;
import java.util.concurrent.TimeUnit;
/**
* @author liucheng
* @since 2020/01/15
* 防止接口重复提交
*/
@Aspect
@Component
public class RepeatSubmitAspect {
private static final Logger LOGGER = LoggerFactory.getLogger(RepeatSubmitAspect.class);
@Autowired
private RedisLock redisLock;
@Pointcut("@annotation(noRepeatSubmit)")
public void pointCut(NoRepeatSubmit noRepeatSubmit) {
}
@Around("pointCut(noRepeatSubmit)")
public Object around(ProceedingJoinPoint pjp, NoRepeatSubmit noRepeatSubmit) throws Throwable {
int lockSeconds = noRepeatSubmit.lockTime();
RequestAttributes ra = RequestContextHolder.getRequestAttributes();
ServletRequestAttributes sra = (ServletRequestAttributes) ra;
HttpServletRequest request = sra.getRequest();
Assert.notNull(request, "request can not null");
// 此处可以用token或者JSessionId
String token = request.getHeader("token");
String path = request.getServletPath();
String key = getKey(token, path);
String clientId = getClientId();
boolean isSuccess = redisLock.lock(key, clientId, lockSeconds,TimeUnit.SECONDS);
LOGGER.info("tryLock key = [{}], clientId = [{}]", key, clientId);
if (isSuccess) {
LOGGER.info("tryLock success, key = [{}], clientId = [{}]", key, clientId);
// 获取锁成功
Object result;
try {
// 执行进程
result = pjp.proceed();
} finally {
// 解锁
redisLock.unlock(key, clientId);
LOGGER.info("releaseLock success, key = [{}], clientId = [{}]", key, clientId);
}
return result;
} else {
// 获取锁失败,认为是重复提交的请求
LOGGER.info("tryLock fail, key = [{}]", key);
return ApiResult.success(200, "重复请求,请稍后再试", null);
}
}
private String getKey(String token, String path) {
return "00000"+":"+token + path;
}
private String getClientId() {
return UUID.randomUUID().toString();
}
}The above is the detailed content of How SpringBoot combines Aop+Redis to prevent repeated submission of interfaces. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1359
52
Solution to 0x80242008 error when installing Windows 11 10.0.22000.100
May 08, 2024 pm 03:50 PM
1. Start the [Start] menu, enter [cmd], right-click [Command Prompt], and select Run as [Administrator]. 2. Enter the following commands in sequence (copy and paste carefully): SCconfigwuauservstart=auto, press Enter SCconfigbitsstart=auto, press Enter SCconfigcryptsvcstart=auto, press Enter SCconfigtrustedinstallerstart=auto, press Enter SCconfigwuauservtype=share, press Enter netstopwuauserv , press enter netstopcryptS
Golang API caching strategy and optimization
May 07, 2024 pm 02:12 PM
The caching strategy in GolangAPI can improve performance and reduce server load. Commonly used strategies are: LRU, LFU, FIFO and TTL. Optimization techniques include selecting appropriate cache storage, hierarchical caching, invalidation management, and monitoring and tuning. In the practical case, the LRU cache is used to optimize the API for obtaining user information from the database. The data can be quickly retrieved from the cache. Otherwise, the cache can be updated after obtaining it from the database.
Caching mechanism and application practice in PHP development
May 09, 2024 pm 01:30 PM
In PHP development, the caching mechanism improves performance by temporarily storing frequently accessed data in memory or disk, thereby reducing the number of database accesses. Cache types mainly include memory, file and database cache. Caching can be implemented in PHP using built-in functions or third-party libraries, such as cache_get() and Memcache. Common practical applications include caching database query results to optimize query performance and caching page output to speed up rendering. The caching mechanism effectively improves website response speed, enhances user experience and reduces server load.
How to upgrade Win11 English 21996 to Simplified Chinese 22000_How to upgrade Win11 English 21996 to Simplified Chinese 22000
May 08, 2024 pm 05:10 PM
First you need to set the system language to Simplified Chinese display and restart. Of course, if you have changed the display language to Simplified Chinese before, you can just skip this step. Next, start operating the registry, regedit.exe, directly navigate to HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlNlsLanguage in the left navigation bar or the upper address bar, and then modify the InstallLanguage key value and Default key value to 0804 (if you want to change it to English en-us, you need First set the system display language to en-us, restart the system and then change everything to 0409) You must restart the system at this point.
How to use Redis cache in PHP array pagination?
May 01, 2024 am 10:48 AM
Using Redis cache can greatly optimize the performance of PHP array paging. This can be achieved through the following steps: Install the Redis client. Connect to the Redis server. Create cache data and store each page of data into a Redis hash with the key "page:{page_number}". Get data from cache and avoid expensive operations on large arrays.
How to find the update file downloaded by Win11_Share the location of the update file downloaded by Win11
May 08, 2024 am 10:34 AM
1. First, double-click the [This PC] icon on the desktop to open it. 2. Then double-click the left mouse button to enter [C drive]. System files will generally be automatically stored in C drive. 3. Then find the [windows] folder in the C drive and double-click to enter. 4. After entering the [windows] folder, find the [SoftwareDistribution] folder. 5. After entering, find the [download] folder, which contains all win11 download and update files. 6. If we want to delete these files, just delete them directly in this folder.
PHP Redis caching applications and best practices
May 04, 2024 am 08:33 AM
Redis is a high-performance key-value cache. The PHPRedis extension provides an API to interact with the Redis server. Use the following steps to connect to Redis, store and retrieve data: Connect: Use the Redis classes to connect to the server. Storage: Use the set method to set key-value pairs. Retrieval: Use the get method to obtain the value of the key.
Why does an error occur when installing an extension using PECL in a Docker environment? How to solve it?
Apr 01, 2025 pm 03:06 PM
Causes and solutions for errors when using PECL to install extensions in Docker environment When using Docker environment, we often encounter some headaches...
