spring boot中的拦截器限制用户访问接口次数

@Service
public class AccessInterceptor  extends HandlerInterceptorAdapter{

@Autowired
RedisService redisService;

@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
throws Exception {
if(handler instanceof HandlerMethod) {
User user = getUser(request, response);
UserContext.setUser(user);
HandlerMethod hm = (HandlerMethod)handler;
AccessLimit accessLimit = hm.getMethodAnnotation(AccessLimit.class);//请求的方法是否带有accesslimit注解
if(accessLimit == null) {
return true;
}
//如果有判断每请求一次缓存中当前用户key的count+1.直到最大限制禁止访问此接口
int seconds = accessLimit.seconds();
int maxCount = accessLimit.maxCount();
boolean needLogin = accessLimit.needLogin();
String key = request.getRequestURI();
if(needLogin) {
if(user == null) {
render(response, CodeMsg.SESSION_ERROR);
return false;
}
key += "_" + user.getId();
}else {
//do nothing
}
AccessKey ak = AccessKey.withExpire(seconds);
Integer count = redisService.get(ak, key, Integer.class);
if(count  == null) {
redisService.set(ak, key, 1);
}else if(count < maxCount) {
redisService.incr(ak, key);
}else {
render(response, CodeMsg.ACCESS_LIMIT_REACHED);
return false;
}
}
return true;
}
//返回前台
private void render(HttpServletResponse response, CodeMsg cm)throws Exception {
response.setContentType("application/json;charset=UTF-8");
OutputStream out = response.getOutputStream();
String str  = JSON.toJSONString(Result.error(cm));
out.write(str.getBytes("UTF-8"));
out.flush();
out.close();
}

//用户带来的redis key值可能在cookie中或者参数中
private User getUser(HttpServletRequest request, HttpServletResponse response) {
String paramToken = request.getParameter(MiaoshaUserService.COOKI_NAME_TOKEN);
String cookieToken = getCookieValue(request, UserService.COOKI_NAME_TOKEN);
if(StringUtils.isEmpty(cookieToken) && StringUtils.isEmpty(paramToken)) {
return null;
}
String token = StringUtils.isEmpty(paramToken)?cookieToken:paramToken;
return userService.getByToken(response, token);
}

private String getCookieValue(HttpServletRequest request, String cookiName) {
Cookie[]  cookies = request.getCookies();
if(cookies == null || cookies.length <= 0){
return null;
}
for(Cookie cookie : cookies) {
if(cookie.getName().equals(cookiName)) {
return cookie.getValue();
}
}
return null;
}

}

/**
* 在mvc配置拦截器
* @param registry
*/
@Configuration
//等价于<mvc:annotation-driven/>
@EnableWebMvc
public class MVCConfiguration extends WebMvcConfigurerAdapter implements ApplicationContextAware {
@Override
public void addInterceptors(InterceptorRegistry registry) {
String interceptPath = "";
//注册拦截器
InterceptorRegistration loginIR = registry.addInterceptor(new AccessInterceptor  ());
//配置拦截路径
loginIR.addPathPatterns(interceptPath);
//注册其他拦截器
InterceptorRegistration permissionIR = registry.addInterceptor(new UserPermissionInterceptor());
//配置拦截路径
permissionIR.addPathPatterns(interceptPath);
//配置不拦截路径
permissionIR.excludePathPatterns("");
}

//将数据存在当前线程中，当前线程安全
public class UserContext {

private static ThreadLocal<User> userHolder = new ThreadLocal<User>();

public static void setUser(User user) {
userHolder.set(user);
}

public static User getUser() {
return userHolder.get();
}

}

//自定义限制注解,加载controller url 上
@Retention(RUNTIME)
@Target(METHOD)
public @interface AccessLimit {
int seconds();
int maxCount();
boolean needLogin() default true;
}