何為請求限流?
請求限流是一種控制API或其他Web服務的流量的技術,它的目的是限制客戶端對服務器發出的請求的數量或速率,以防止服務器過載或回應時間變慢,從而提高系統的可用性和穩定性,
中小型專案請求限流的需求
- 按IP、用戶、全域限流
- 基于不同實作的限流設計(基于Redis或者LRU快取)
- 基于注解標注哪些介面限流
完整限流設計實作在開源專案中:https://github.com/valarchie/AgileBoot-Back-End
注解設計
宣告一個注解類,主要有以下幾個屬性
- key(快取的key)
- time(時間范圍)
- maxCount(時間范圍內最大的請求次數)
- limitType(按IP/用戶/全域進行限流)
- cacheType(基于Redis或者Map來實作限流)
/**
* 限流注解
*
* @author valarchie
*/
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
@Documented
public @interface RateLimit {
/**
* 限流key
*/
String key() default "None";
/**
* 限流時間,單位秒
*/
int time() default 60;
/**
* 限流次數
*/
int maxCount() default 100;
/**
* 限流條件型別
*/
LimitType limitType() default LimitType.GLOBAL;
/**
* 限流使用的快取型別
*/
CacheType cacheType() default CacheType.REDIS;
}
LimitType列舉,我們可以將不同限制型別的邏輯直接放在列舉類當中,推薦將邏輯直接放置在列舉類中,代碼的組織形式會更好,
enum LimitType {
/**
* 默認策略全域限流 不區分IP和用戶
*/
GLOBAL{
@Override
public String generateCombinedKey(RateLimit rateLimiter) {
return rateLimiter.key() + this.name();
}
},
/**
* 根據請求者IP進行限流
*/
IP {
@Override
public String generateCombinedKey(RateLimit rateLimiter) {
String clientIP = ServletUtil.getClientIP(ServletHolderUtil.getRequest());
return rateLimiter.key() + clientIP;
}
},
/**
* 按用戶限流
*/
USER {
@Override
public String generateCombinedKey(RateLimit rateLimiter) {
LoginUser loginUser = AuthenticationUtils.getLoginUser();
if (loginUser == null) {
throw new ApiException(ErrorCode.Client.COMMON_NO_AUTHORIZATION);
}
return rateLimiter.key() + loginUser.getUsername();
}
};
public abstract String generateCombinedKey(RateLimit rateLimiter);
}
CacheType, 主要分為Redis和Map, 后續有新的型別可以新增,
enum CacheType {
/**
* 使用redis做快取
*/
REDIS,
/**
* 使用map做快取
*/
Map
}
RateLimitChecker設計
宣告一個抽象類,然后將具體實作放在實作類中,便于擴展
/**
* @author valarchie
*/
public abstract class AbstractRateLimitChecker {
/**
* 檢查是否超出限流
* @param rateLimiter
*/
public abstract void check(RateLimit rateLimiter);
}
Redis限流實作
/**
* @author valarchie
*/
@Component
@RequiredArgsConstructor
@Slf4j
public class RedisRateLimitChecker extends AbstractRateLimitChecker{
@NonNull
private RedisTemplate<Object, Object> redisTemplate;
private final RedisScript<Long> limitScript = new DefaultRedisScript<>(limitScriptText(), Long.class);
@Override
public void check(RateLimit rateLimiter) {
int maxCount = rateLimiter.maxCount();
String combineKey = rateLimiter.limitType().generateCombinedKey(rateLimiter);
Long currentCount;
try {
currentCount = redisTemplate.execute(limitScript, ListUtil.of(combineKey), maxCount, rateLimiter.time());
log.info("限制請求:{}, 當前請求次數:{}, 快取key:{}", combineKey, currentCount, rateLimiter.key());
} catch (Exception e) {
throw new RuntimeException("redis限流器例外,請確保redis啟動正常");
}
if (currentCount == null) {
throw new RuntimeException("redis限流器例外,請稍后再試");
}
if (currentCount.intValue() > maxCount) {
throw new ApiException(ErrorCode.Client.COMMON_REQUEST_TOO_OFTEN);
}
}
/**
* 限流腳本
*/
private static String limitScriptText() {
return "local key = KEYS[1]\n" +
"local count = tonumber(ARGV[1])\n" +
"local time = tonumber(ARGV[2])\n" +
"local current = redis.call('get', key);\n" +
"if current and tonumber(current) > count then\n" +
" return tonumber(current);\n" +
"end\n" +
"current = redis.call('incr', key)\n" +
"if tonumber(current) == 1 then\n" +
" redis.call('expire', key, time)\n" +
"end\n" +
"return tonumber(current);";
}
}
Map + Guava RateLimiter實作
/**
* @author valarchie
*/
@SuppressWarnings("UnstableApiUsage")
@Component
@RequiredArgsConstructor
@Slf4j
public class MapRateLimitChecker extends AbstractRateLimitChecker{
/**
* 最大僅支持4096個key 超出這個key 限流將可能失效
*/
private final LRUCache<String, RateLimiter> cache = new LRUCache<>(4096);
@Override
public void check(RateLimit rateLimit) {
String combinedKey = rateLimit.limitType().generateCombinedKey(rateLimit);
RateLimiter rateLimiter = cache.get(combinedKey,
() -> RateLimiter.create((double) rateLimit.maxCount() / rateLimit.time())
);
if (!rateLimiter.tryAcquire()) {
throw new ApiException(ErrorCode.Client.COMMON_REQUEST_TOO_OFTEN);
}
log.info("限制請求key:{}, combined key:{}", rateLimit.key(), combinedKey);
}
}
限流切面
我們需要在切面中,讀取限流注解標注的資訊,然后選擇不同的限流實作來進行限流,
/**
* 限流切面處理
*
* @author valarchie
*/
@Aspect
@Component
@Slf4j
@ConditionalOnExpression("'${agileboot.embedded.redis}' != 'true'")
@RequiredArgsConstructor
public class RateLimiterAspect {
@NonNull
private RedisRateLimitChecker redisRateLimitChecker;
@NonNull
private MapRateLimitChecker mapRateLimitChecker;
@Before("@annotation(rateLimiter)")
public void doBefore(JoinPoint point, RateLimit rateLimiter) {
MethodSignature signature = (MethodSignature) point.getSignature();
Method method = signature.getMethod();
log.info("當前限流方法:" + method.toGenericString());
switch (rateLimiter.cacheType()) {
case REDIS:
redisRateLimitChecker.check(rateLimiter);
break;
case Map:
mapRateLimitChecker.check(rateLimiter);
return;
default:
redisRateLimitChecker.check(rateLimiter);
}
}
}
注解使用
以下是我們標注的注解例子,
time=10,maxCount=10表明10秒內最多10次請求,
cacheType=Redis表明使用Redis來實作,
limitType=IP表明基于IP來限流,
/**
* 生成驗證碼
*/
@Operation(summary = "驗證碼")
@RateLimit(key = RateLimitKey.LOGIN_CAPTCHA_KEY, time = 10, maxCount = 10, cacheType = CacheType.REDIS,
limitType = LimitType.IP)
@GetMapping("/captchaImage")
public ResponseDTO<CaptchaDTO> getCaptchaImg() {
CaptchaDTO captchaImg = loginService.generateCaptchaImg();
return ResponseDTO.ok(captchaImg);
}
這是筆者關于中小型專案關于請求限流的實作,如有不足歡迎大家評論指正,
全堆疊技術交流群:1398880
轉載請註明出處,本文鏈接:https://www.uj5u.com/houduan/549610.html
標籤:Java