Spring注解方式防止重复提交原理详解

@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
public @interface Token {
  boolean save() default false;
  boolean remove() default false;
}

public class TokenInterceptor extends HandlerInterceptorAdapter {

@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response,   handler) throws Exception {
  if (handler instanceof HandlerMethod) {
    HandlerMethod handlerMethod = (HandlerMethod) handler;
    Method method = handlerMethod.getMethod();
    Token annotation = method.getAnnotation(Token.class);
    if (annotation != null) {
      boolean needSaveSession = annotation.save();
      if (needSaveSession) {
        request.getSession(false).setAttribute(\"token\", UUID.randomUUID().toString());
      }
      boolean needRemoveSession = annotation.remove();
      if (needRemoveSession) {
        if (isRepeatSubmit(request)) {
          return false;
        }
        request.getSession(false).removeAttribute(\"token\");
      }
    }
    return true;
  } else {
    return super.preHandle(request, response, handler);
  }
}

private boolean isRepeatSubmit(HttpServletRequest request) {
  String serverToken = (String) request.getSession(false).getAttribute(\"token\");
  if (serverToken == null) {
    return true;
  }
  String clinetToken = request.getParameter(\"token\");
  if (clinetToken == null) {
    return true;
  }
  if (!serverToken.equals(clinetToken)) {
    return true;
  }
  return false;
}
}

<mvc:interceptors> 
 <!-- 使用bean定义一个Interceptor，直接定义在mvc:interceptors根下面的Interceptor将拦截所有的请求 --> 
    <mvc:interceptor> 
      <mvc:mapping path=\"/**\"/> 
      <!-- 定义在mvc:interceptor下面的表示是对特定的请求才进行拦截的 --> 
      <bean class=\"****包名****.TokenInterceptor\"/> 
    </mvc:interceptor> 
</mvc:interceptors>


@RequestMapping(\"/add.jspf\")
@Token(save=true)
public String add() {
  //省略
  return TPL_  + \"index\";
}
 
@RequestMapping(\"/save.jspf\")
@Token(remove=true)
public void save() {
 //省略
}

@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
@Documented
@Inherited
public @interface LocalLock {

  /**
   * @author fly
   */
  String key() default \"\";

  /**
   * 过期时间 TODO 由于用的 guava 暂时就忽略这属性吧 集成 redis 需要用到
   *
   * @author fly
   */
  int expire() default 5;
}

@Aspect
@Configuration
public class LockMethodInterceptor {

  private static final Cache<String,  > CACHES = CacheBuilder.newBuilder()
      // 最大缓存 100 个
      .maximumSize(1000)
      // 设置写缓存后 5 秒钟过期
      .expireAfterWrite(5, TimeUnit.SECONDS)
      .build();

  @Around(\"execution(public * *(..)) && @annotation(com.demo.testduplicate.Test1.LocalLock)\")
  public   interceptor(ProceedingJoinPoint pjp) {
    MethodSignature signature = (MethodSignature) pjp.getSignature();
    Method method = signature.getMethod();
    LocalLock localLock = method.getAnnotation(LocalLock.class);
    String key = getKey(localLock.key(), pjp.getArgs());
    if (!StringUtils.isEmpty(key)) {
      if (CACHES.getIfPresent(key) != null) {
        throw new RuntimeException(\"请勿重复请求\");
      }
      // 如果是第一次请求,就将 key 当前对象压入缓存中
      CACHES.put(key, key);
    }
    try {
      return pjp.proceed();
    } catch (Throwable throwable) {
      throw new RuntimeException(\"服务器异常\");
    } finally {
      // TODO 为了演示效果,这里就不调用 CACHES.invalidate(key); 代码了
    }
  }

  /**
   * key 的生成策略,如果想灵活可以写成接口与实现类的方式（TODO 后续讲解）
   *
   * @param keyExpress 表达式
   * @param args    参数
   * @return 生成的key
   */
  private String getKey(String keyExpress,  [] args) {
    for (int i = 0; i < args.length; i++) {
      keyExpress = keyExpress.replace(\"arg[\" + i + \"]\", args[i].toString());
    }
    return keyExpress;
  }
}

@RestController
@RequestMapping(\"/books\")
public class BookController {

 @LocalLock(key = \"book:arg[0]\")
 @GetMapping
 public String save(@RequestParam String token) {
  return \"success - \" + token;
 }
}