首页 > 软件编程 > java > Springboot使用token防止重复提交表单

Springboot使用token防止重复提交表单问题

2026-05-20 10:52:18 作者：学习不易

文章主要描述了一个关于用户登录测试的过程,涉及到了DuplicateSubmitToken、DuplicateSubmitExceptionTextConstants和DuplicateSubmitAspect等术语,这些可能是在测试过程中用于防止重复提交的功能或注解

DuplicateSubmitToken

package jyuxuan.openpose.config;

import java.lang.annotation.*;

/**
 * 防止表单重复提交注解
 */
@Retention(RetentionPolicy.RUNTIME)
@Target(ElementType.METHOD)
@Documented
public @interface DuplicateSubmitToken {
    // 一次请求完成之前防止重复提交
    public static final int REQUEST = 1;

    // 一次会话中防止重复提交
    public static final int SESSION = 2;

    // 保存重复提交标记 默认为需要保存
    boolean save() default true;

    // 防止重复提交类型，默认：一次请求完成之前防止重复提交
    int type() default REQUEST;
}

DuplicateSubmitException

package jyuxuan.openpose.config;

/**
 * 自定义异常
 */
public class DuplicateSubmitException extends Exception {

    public DuplicateSubmitException(String msg){
        super(msg);
    }
}

TextConstants

package jyuxuan.openpose.config;

public class TextConstants {
    public static final String REQUEST_REPEAT = "========this is a duplicate submit exception=====";
}

DuplicateSubmitAspect

package jyuxuan.openpose.config;

import lombok.extern.slf4j.Slf4j;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.annotation.*;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

import javax.servlet.http.HttpServletRequest;
import java.util.UUID;

/**
 * 防止表单重复提交拦截器
 */
@Aspect
@Component
@Slf4j
public class DuplicateSubmitAspect {
    public static final String DUPLICATE_TOKEN_KEY = "duplicate_token_key";

    @Pointcut("execution(public * jyuxuan.openpose.controller..*(..))")

    public void webLog() {
    }

    @Before("webLog() && @annotation(token)")
    public void before(final JoinPoint joinPoint, DuplicateSubmitToken token) throws DuplicateSubmitException {
        if (token != null) {
            ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
            HttpServletRequest request = attributes.getRequest();

            boolean isSaveSession = token.save();
            if (isSaveSession) {
                String key = getDuplicateTokenKey(joinPoint);
                Object t = request.getSession().getAttribute(key);
                if (null == t) {
                    String uuid = UUID.randomUUID().toString();
                    request.getSession().setAttribute(key.toString(), uuid);
                    log.info("token-key=" + key);
                    log.info("token-value=" + uuid.toString());
                } else {
                    throw new DuplicateSubmitException(TextConstants.REQUEST_REPEAT);
                }
            }

        }
    }

    /**
     * 获取重复提交key
     * @param joinPoint
     * @return
     */
    public String getDuplicateTokenKey(JoinPoint joinPoint) {
        String methodName = joinPoint.getSignature().getName();
        StringBuilder key = new StringBuilder(DUPLICATE_TOKEN_KEY);
        key.append(",").append(methodName);
        return key.toString();
    }

    @AfterReturning("webLog() && @annotation(token)")
    public void doAfterReturning(JoinPoint joinPoint, DuplicateSubmitToken token) {
        // 处理完请求，返回内容
        log.info("出方法：");
        if (token != null) {
            ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
            HttpServletRequest request = attributes.getRequest();
            boolean isSaveSession = token.save();
            if (isSaveSession) {
                String key = getDuplicateTokenKey(joinPoint);
                Object t = request.getSession().getAttribute(key);
                if (null != t && token.type() == DuplicateSubmitToken.REQUEST) {
                    request.getSession(false).removeAttribute(key);
                }
            }
        }
    }

    /**
     * 异常
     * @param joinPoint
     * @param e
     * @param token
     */
    @AfterThrowing(pointcut = "webLog()&& @annotation(token)", throwing = "e")
    public void doAfterThrowing(JoinPoint joinPoint, Throwable e, DuplicateSubmitToken token) {
        if (null != token
                && e instanceof DuplicateSubmitException == false) {
            //处理处理重复提交本身之外的异常
            ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
            HttpServletRequest request = attributes.getRequest();
            boolean isSaveSession = token.save();
            //获得方法名称
            if (isSaveSession) {
                String key = getDuplicateTokenKey(joinPoint);
                Object t = request.getSession().getAttribute(key);
                if (null != t) {
                    //方法执行完毕移除请求重复标记
                    request.getSession(false).removeAttribute(key);
                    log.info("异常情况--移除标记！");
                }
            }
        }
    }
}

用户登录测试

/**
 * 用户登录
 *
 * @param request
 * @param model
 * @return
 */
@DuplicateSubmitToken(type = DuplicateSubmitToken.SESSION)
@RequestMapping(value = "userLogin", method = RequestMethod.GET)
public String userLogin_(HttpServletRequest request, Model model) {
    String username = request.getParameter("username");
    String password = request.getParameter("password");
    String pwd = userService.userLogin(username);
    String msg;
    if (pwd == null || pwd.equals(""))
        msg = "该用户未注册";
    else if (pwd.equals(password))
        msg = "密码正确";
    else
        msg = "密码错误";
    return "index";
}

总结

以上为个人经验，希望能给大家一个参考，也希望大家多多支持脚本之家。