From 3465f8e6fa1d60f10ade8876980cc97cd410acec Mon Sep 17 00:00:00 2001 From: sxu <602087911@qq.com> Date: Mon, 19 Aug 2024 09:29:36 +0800 Subject: [PATCH] =?UTF-8?q?=E9=98=B2=E9=87=8D=E5=A4=8D=E6=8F=90=E4=BA=A4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../core/exception/BusinessException.java | 28 ++ .../sgzb/common/core/utils/HttpCodeEnum.java | 38 +++ .../annotation/PreventRepeatSubmit.java | 24 ++ .../aspect/PreventRepeatSubmitAspect.java | 71 +++++ .../common/security/utils/RedisCache.java | 269 ++++++++++++++++++ .../material/controller/ToDoController.java | 9 +- .../controller/SysProfileController.java | 1 - 7 files changed, 432 insertions(+), 8 deletions(-) create mode 100644 sgzb-common/sgzb-common-core/src/main/java/com/bonus/sgzb/common/core/exception/BusinessException.java create mode 100644 sgzb-common/sgzb-common-core/src/main/java/com/bonus/sgzb/common/core/utils/HttpCodeEnum.java create mode 100644 sgzb-common/sgzb-common-security/src/main/java/com/bonus/sgzb/common/security/annotation/PreventRepeatSubmit.java create mode 100644 sgzb-common/sgzb-common-security/src/main/java/com/bonus/sgzb/common/security/aspect/PreventRepeatSubmitAspect.java create mode 100644 sgzb-common/sgzb-common-security/src/main/java/com/bonus/sgzb/common/security/utils/RedisCache.java diff --git a/sgzb-common/sgzb-common-core/src/main/java/com/bonus/sgzb/common/core/exception/BusinessException.java b/sgzb-common/sgzb-common-core/src/main/java/com/bonus/sgzb/common/core/exception/BusinessException.java new file mode 100644 index 0000000..e7fe1e9 --- /dev/null +++ b/sgzb-common/sgzb-common-core/src/main/java/com/bonus/sgzb/common/core/exception/BusinessException.java @@ -0,0 +1,28 @@ +package com.bonus.sgzb.common.core.exception; + +import com.bonus.sgzb.common.core.utils.HttpCodeEnum; + +public class BusinessException extends RuntimeException { + + private int code; + //使用枚举构造 + public BusinessException(HttpCodeEnum httpCodeEnum){ + super(httpCodeEnum.getMsg()); + this.code=httpCodeEnum.getCode(); + } + //使用自定义消息体 + public BusinessException(HttpCodeEnum httpCodeEnum, String msg){ + super(msg); + this.code=httpCodeEnum.getCode(); + } + + //根据异常构造 + public BusinessException(HttpCodeEnum httpCodeEnum, Throwable msg){ + super(msg); + this.code=httpCodeEnum.getCode(); + } + + + + +} diff --git a/sgzb-common/sgzb-common-core/src/main/java/com/bonus/sgzb/common/core/utils/HttpCodeEnum.java b/sgzb-common/sgzb-common-core/src/main/java/com/bonus/sgzb/common/core/utils/HttpCodeEnum.java new file mode 100644 index 0000000..3a80e58 --- /dev/null +++ b/sgzb-common/sgzb-common-core/src/main/java/com/bonus/sgzb/common/core/utils/HttpCodeEnum.java @@ -0,0 +1,38 @@ +package com.bonus.sgzb.common.core.utils; + +public enum HttpCodeEnum { + // 成功 + SUCCESS(200, "操作成功"), + // 登录 + NEED_LOGIN(401, "需要登录后操作"), + NO_OPERATOR_AUTH(403, "无权限操作"), + SYSTEM_ERROR(500, "出现错误"), + USERNAME_EXIST(501, "用户名已存在"), + PHONENUMBER_EXIST(502, "手机号已存在"), + EMAIL_EXIST(503, "邮箱已存在"), + REQUIRE_USERNAME(504, "必需填写用户名"), + CONTENT_NOT_NULL(506, "评论内容不能为空"), + FILE_TYPE_ERROR(507, "文件类型错误"), + USERNAME_NOT_NULL(508, "用户名不能为空"), + NICKNAME_NOT_NULL(509, "昵称不能为空"), + PASSWORD_NOT_NULL(510, "密码不能为空"), + EMAIL_NOT_NULL(511, "邮箱不能为空"), + NICKNAME_EXIST(512, "昵称已存在"), + LOGIN_ERROR(505, "用户名或密码错误"), + REPEATE_ERROR(600, "不允许重复提交,请稍候再试"); + int code; + String msg; + + HttpCodeEnum(int code, String errorMessage) { + this.code = code; + this.msg = errorMessage; + } + + public int getCode() { + return code; + } + + public String getMsg() { + return msg; + } +} diff --git a/sgzb-common/sgzb-common-security/src/main/java/com/bonus/sgzb/common/security/annotation/PreventRepeatSubmit.java b/sgzb-common/sgzb-common-security/src/main/java/com/bonus/sgzb/common/security/annotation/PreventRepeatSubmit.java new file mode 100644 index 0000000..943e220 --- /dev/null +++ b/sgzb-common/sgzb-common-security/src/main/java/com/bonus/sgzb/common/security/annotation/PreventRepeatSubmit.java @@ -0,0 +1,24 @@ +package com.bonus.sgzb.common.security.annotation; + +import java.lang.annotation.*; + +/** + * 自定义注解防止表单重复提交 + * + */ +@Inherited +@Target({ElementType.METHOD, ElementType.TYPE}) +@Retention(RetentionPolicy.RUNTIME) +@Documented +public @interface PreventRepeatSubmit +{ + /** + * 间隔时间(s),小于此时间视为重复提交 + */ + public int interval() default 3; + + /** + * 提示消息 + */ + public String message() default "不允许重复提交,请稍候再试"; +} diff --git a/sgzb-common/sgzb-common-security/src/main/java/com/bonus/sgzb/common/security/aspect/PreventRepeatSubmitAspect.java b/sgzb-common/sgzb-common-security/src/main/java/com/bonus/sgzb/common/security/aspect/PreventRepeatSubmitAspect.java new file mode 100644 index 0000000..0ae33a1 --- /dev/null +++ b/sgzb-common/sgzb-common-security/src/main/java/com/bonus/sgzb/common/security/aspect/PreventRepeatSubmitAspect.java @@ -0,0 +1,71 @@ +package com.bonus.sgzb.common.security.aspect; + +import com.alibaba.fastjson2.JSON; +import com.bonus.sgzb.common.core.exception.BusinessException; +import com.bonus.sgzb.common.core.utils.HttpCodeEnum; +import com.bonus.sgzb.common.security.annotation.PreventRepeatSubmit; +import com.bonus.sgzb.common.security.utils.RedisCache; +import org.aspectj.lang.ProceedingJoinPoint; +import org.aspectj.lang.annotation.Around; +import org.aspectj.lang.annotation.Aspect; +import org.aspectj.lang.annotation.Pointcut; +import org.aspectj.lang.reflect.MethodSignature; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; +import org.springframework.web.context.request.RequestContextHolder; +import org.springframework.web.context.request.ServletRequestAttributes; + +import javax.servlet.http.HttpServletRequest; +import java.lang.reflect.Method; +import java.util.concurrent.TimeUnit; + +@Aspect +@Component +public class PreventRepeatSubmitAspect { + private static final Logger LOG = LoggerFactory.getLogger(PreventRepeatSubmitAspect.class); + private static final String header = "Authorization"; + + @Autowired + private RedisCache redisCache; + + // 定义一个切入点 + @Pointcut("@annotation(com.bonus.sgzb.common.security.annotation.PreventRepeatSubmit)") + public void preventRepeatSubmit() { + + } + + @Around("preventRepeatSubmit()") + public Object checkPrs(ProceedingJoinPoint pjp) throws Throwable { + LOG.info("进入preventRepeatSubmit切面"); + //得到request对象 + HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest(); + String requestURI = request.getRequestURI(); + LOG.info("防重复提交的请求地址:{} ,请求方式:{}",requestURI,request.getMethod()); + LOG.info("防重复提交拦截到的类名:{} ,方法:{}",pjp.getTarget().getClass().getSimpleName(),pjp.getSignature().getName()); + + //获取请求参数 + Object[] args = pjp.getArgs(); + String argStr = JSON.toJSONString(args); + //这里替换是为了在redis可视化工具中方便查看 + argStr=argStr.replace(":","#"); + // 唯一值(没有消息头则使用请求地址) + String submitKey = request.getHeader(header).trim(); + // 唯一标识(指定key + url +参数+token) + String cacheRepeatKey = "repeat_submit:" + requestURI+":" +argStr+":"+ submitKey; + MethodSignature ms = (MethodSignature) pjp.getSignature(); + Method method=ms.getMethod(); + PreventRepeatSubmit preventRepeatSubmit=method.getAnnotation(PreventRepeatSubmit.class); + int interval = preventRepeatSubmit.interval(); + LOG.info("获取到preventRepeatSubmit的有效期时间"+interval); + //redis分布式锁 + Boolean aBoolean = redisCache.setNxCacheObject(cacheRepeatKey, 1, preventRepeatSubmit.interval(), TimeUnit.SECONDS); + //aBoolean为true则证明没有重复提交 + if(!aBoolean){ + throw new BusinessException(HttpCodeEnum.REPEATE_ERROR); + } + return pjp.proceed(); + } + +} diff --git a/sgzb-common/sgzb-common-security/src/main/java/com/bonus/sgzb/common/security/utils/RedisCache.java b/sgzb-common/sgzb-common-security/src/main/java/com/bonus/sgzb/common/security/utils/RedisCache.java new file mode 100644 index 0000000..6826c62 --- /dev/null +++ b/sgzb-common/sgzb-common-security/src/main/java/com/bonus/sgzb/common/security/utils/RedisCache.java @@ -0,0 +1,269 @@ +package com.bonus.sgzb.common.security.utils; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.data.redis.core.BoundSetOperations; +import org.springframework.data.redis.core.HashOperations; +import org.springframework.data.redis.core.RedisTemplate; +import org.springframework.data.redis.core.ValueOperations; +import org.springframework.stereotype.Component; + +import java.util.*; +import java.util.concurrent.TimeUnit; + +/** + * spring redis 工具类 + * + **/ +@Component +public class RedisCache +{ + @Autowired + public RedisTemplate redisTemplate; + + //添加分布式锁 + public Boolean setNxCacheObject(final String key, final T value,long lt,TimeUnit tu) + { + return redisTemplate.opsForValue().setIfAbsent(key,value,lt,tu); + } + + /** + * 缓存基本的对象,Integer、String、实体类等 + * + * @param key 缓存的键值 + * @param value 缓存的值 + */ + public void setCacheObject(final String key, final T value) + { + redisTemplate.opsForValue().set(key, value); + } + + /** + * 缓存基本的对象,Integer、String、实体类等 + * + * @param key 缓存的键值 + * @param value 缓存的值 + * @param timeout 时间 + * @param timeUnit 时间颗粒度 + */ + public void setCacheObject(final String key, final T value, final Integer timeout, final TimeUnit timeUnit) + { + redisTemplate.opsForValue().set(key, value, timeout, timeUnit); + } + + /** + * 设置有效时间 + * + * @param key Redis键 + * @param timeout 超时时间 + * @return true=设置成功;false=设置失败 + */ + public boolean expire(final String key, final long timeout) + { + return expire(key, timeout, TimeUnit.SECONDS); + } + + /** + * 设置有效时间 + * + * @param key Redis键 + * @param timeout 超时时间 + * @param unit 时间单位 + * @return true=设置成功;false=设置失败 + */ + public boolean expire(final String key, final long timeout, final TimeUnit unit) + { + return redisTemplate.expire(key, timeout, unit); + } + + /** + * 获取有效时间 + * + * @param key Redis键 + * @return 有效时间 + */ + public long getExpire(final String key) + { + return redisTemplate.getExpire(key); + } + + /** + * 判断 key是否存在 + * + * @param key 键 + * @return true 存在 false不存在 + */ + public Boolean hasKey(String key) + { + return redisTemplate.hasKey(key); + } + + /** + * 获得缓存的基本对象。 + * + * @param key 缓存键值 + * @return 缓存键值对应的数据 + */ + public T getCacheObject(final String key) + { + ValueOperations operation = redisTemplate.opsForValue(); + return operation.get(key); + } + + /** + * 删除单个对象 + * + * @param key + */ + public boolean deleteObject(final String key) + { + return redisTemplate.delete(key); + } + + /** + * 删除集合对象 + * + * @param collection 多个对象 + * @return + */ + public boolean deleteObject(final Collection collection) + { + return redisTemplate.delete(collection) > 0; + } + + /** + * 缓存List数据 + * + * @param key 缓存的键值 + * @param dataList 待缓存的List数据 + * @return 缓存的对象 + */ + public long setCacheList(final String key, final List dataList) + { + Long count = redisTemplate.opsForList().rightPushAll(key, dataList); + return count == null ? 0 : count; + } + + /** + * 获得缓存的list对象 + * + * @param key 缓存的键值 + * @return 缓存键值对应的数据 + */ + public List getCacheList(final String key) + { + return redisTemplate.opsForList().range(key, 0, -1); + } + + /** + * 缓存Set + * + * @param key 缓存键值 + * @param dataSet 缓存的数据 + * @return 缓存数据的对象 + */ + public BoundSetOperations setCacheSet(final String key, final Set dataSet) + { + BoundSetOperations setOperation = redisTemplate.boundSetOps(key); + Iterator it = dataSet.iterator(); + while (it.hasNext()) + { + setOperation.add(it.next()); + } + return setOperation; + } + + /** + * 获得缓存的set + * + * @param key + * @return + */ + public Set getCacheSet(final String key) + { + return redisTemplate.opsForSet().members(key); + } + + /** + * 缓存Map + * + * @param key + * @param dataMap + */ + public void setCacheMap(final String key, final Map dataMap) + { + if (dataMap != null) { + redisTemplate.opsForHash().putAll(key, dataMap); + } + } + + /** + * 获得缓存的Map + * + * @param key + * @return + */ + public Map getCacheMap(final String key) + { + return redisTemplate.opsForHash().entries(key); + } + + /** + * 往Hash中存入数据 + * + * @param key Redis键 + * @param hKey Hash键 + * @param value 值 + */ + public void setCacheMapValue(final String key, final String hKey, final T value) + { + redisTemplate.opsForHash().put(key, hKey, value); + } + + /** + * 获取Hash中的数据 + * + * @param key Redis键 + * @param hKey Hash键 + * @return Hash中的对象 + */ + public T getCacheMapValue(final String key, final String hKey) + { + HashOperations opsForHash = redisTemplate.opsForHash(); + return opsForHash.get(key, hKey); + } + + /** + * 获取多个Hash中的数据 + * + * @param key Redis键 + * @param hKeys Hash键集合 + * @return Hash对象集合 + */ + public List getMultiCacheMapValue(final String key, final Collection hKeys) + { + return redisTemplate.opsForHash().multiGet(key, hKeys); + } + + /** + * 删除Hash中的某条数据 + * + * @param key Redis键 + * @param hKey Hash键 + * @return 是否成功 + */ + public boolean deleteCacheMapValue(final String key, final String hKey) + { + return redisTemplate.opsForHash().delete(key, hKey) > 0; + } + + /** + * 获得缓存的基本对象列表 + * + * @param pattern 字符串前缀 + * @return 对象列表 + */ + public Collection keys(final String pattern) + { + return redisTemplate.keys(pattern); + } +} diff --git a/sgzb-modules/sgzb-material/src/main/java/com/bonus/sgzb/material/controller/ToDoController.java b/sgzb-modules/sgzb-material/src/main/java/com/bonus/sgzb/material/controller/ToDoController.java index 258b7f4..b056eaa 100644 --- a/sgzb-modules/sgzb-material/src/main/java/com/bonus/sgzb/material/controller/ToDoController.java +++ b/sgzb-modules/sgzb-material/src/main/java/com/bonus/sgzb/material/controller/ToDoController.java @@ -1,23 +1,17 @@ package com.bonus.sgzb.material.controller; -import com.bonus.sgzb.common.core.utils.poi.ExcelUtil; import com.bonus.sgzb.common.core.web.controller.BaseController; import com.bonus.sgzb.common.core.web.domain.AjaxResult; import com.bonus.sgzb.common.core.web.page.TableDataInfo; -import com.bonus.sgzb.common.log.annotation.Log; -import com.bonus.sgzb.common.log.enums.BusinessType; -import com.bonus.sgzb.material.domain.AgreementInfo; +import com.bonus.sgzb.common.security.annotation.PreventRepeatSubmit; import com.bonus.sgzb.material.domain.ToDoBean; -import com.bonus.sgzb.material.service.AgreementInfoService; import com.bonus.sgzb.material.service.ToDoService; import com.bonus.sgzb.material.vo.NoticeInfoVO; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.*; -import javax.servlet.http.HttpServletResponse; import java.util.List; /** @@ -45,6 +39,7 @@ public class ToDoController extends BaseController { } @ApiOperation(value = "代办事件下拉") + @PreventRepeatSubmit @PostMapping("/getTaskType") public AjaxResult getTaskType(ToDoBean bean){ return toDoService.getTaskType(bean); diff --git a/sgzb-modules/sgzb-system/src/main/java/com/bonus/sgzb/system/controller/SysProfileController.java b/sgzb-modules/sgzb-system/src/main/java/com/bonus/sgzb/system/controller/SysProfileController.java index 0643d5e..d98f596 100644 --- a/sgzb-modules/sgzb-system/src/main/java/com/bonus/sgzb/system/controller/SysProfileController.java +++ b/sgzb-modules/sgzb-system/src/main/java/com/bonus/sgzb/system/controller/SysProfileController.java @@ -4,7 +4,6 @@ import java.io.File; import java.io.FileOutputStream; import java.io.InputStream; import java.util.Arrays; - import cn.hutool.core.util.IdUtil; import com.bonus.sgzb.common.core.constant.Constants; import com.bonus.sgzb.common.core.domain.R;