anti-replay-attack

Demo project for Spring Boot

License

License

Categories

Categories

Ant Build Tools
GroupId

GroupId

com.github.winjaychan
ArtifactId

ArtifactId

anti-replay-attack
Last Version

Last Version

0.3.0
Release Date

Release Date

Type

Type

pom
Description

Description

anti-replay-attack
Demo project for Spring Boot
Project URL

Project URL

https://github.com/winjaychan/anti-replay-attack
Source Code Management

Source Code Management

https://github.com/winjaychan/anti-replay-attack

Download anti-replay-attack

How to add to project

<!-- https://jarcasting.com/artifacts/com.github.winjaychan/anti-replay-attack/ -->
<dependency>
    <groupId>com.github.winjaychan</groupId>
    <artifactId>anti-replay-attack</artifactId>
    <version>0.3.0</version>
    <type>pom</type>
</dependency>
// https://jarcasting.com/artifacts/com.github.winjaychan/anti-replay-attack/
implementation 'com.github.winjaychan:anti-replay-attack:0.3.0'
// https://jarcasting.com/artifacts/com.github.winjaychan/anti-replay-attack/
implementation ("com.github.winjaychan:anti-replay-attack:0.3.0")
'com.github.winjaychan:anti-replay-attack:pom:0.3.0'
<dependency org="com.github.winjaychan" name="anti-replay-attack" rev="0.3.0">
  <artifact name="anti-replay-attack" type="pom" />
</dependency>
@Grapes(
@Grab(group='com.github.winjaychan', module='anti-replay-attack', version='0.3.0')
)
libraryDependencies += "com.github.winjaychan" % "anti-replay-attack" % "0.3.0"
[com.github.winjaychan/anti-replay-attack "0.3.0"]

Dependencies

compile (2)

Group / Artifact Type Version
org.projectlombok : lombok Optional jar
org.springframework.boot : spring-boot-configuration-processor Optional jar

test (1)

Group / Artifact Type Version
org.springframework.boot : spring-boot-starter-test jar

Project Modules

  • core
  • example-userid-attack
  • starter

anti-replay-attack

介绍

配置化统一处理重放攻击,可支持restful风格中的PathVariable变量

使用说明

常规使用
  1. 在pom.xml增加starter依赖

    <dependency>
        <groupId>org.winjay</groupId>
        <artifactId>anti-replay-attack-spring-boot-starter</artifactId>
        <version>0.3.0</version>
     </dependency>
  2. 定义接口拦截(以下实例使用AOP)

    @Aspect
    @Component
    @Slf4j
    public class ReplayAttackAspect {
    
    //    @Pointcut("@annotation(org.springframework.web.bind.annotation.RestController)")
        @Pointcut("execution(* org.winjay.antireplayattack.controller.*.*(..))")
        public void pointCut(){}
    
        @Before("pointCut()")
        public void handle(JoinPoint joinPoint){
            boolean result = RateLimiterManager.getInstance().applyRateLimit("userid", "123");
            log.info("result is {}", result);
        }
    }
  3. 调用RateLimiterManager.getInstance().applyRateLimit()说明

    参数:可传入业务 属性值,如按用户对拉口进行限制请求次数,可传入当前用户标识

    返回值:true:未达到限制上限制,false: 达到限制上限值

扩展使用
  1. 实现自定义处理器

    @Slf4j
    public class CustomerRateLimiter implements IRateLimiter {
        @Override
        public boolean apply(RateLimitRequestEntity rateLimitRequestEntity, RateLimitInterfaceDef rateLimitInterfaceDef) {
            // 处理逻辑
        }
    }
  2. 注册Bean

    @Configuration
    @EnableConfigurationProperties({RateLimitConfig.class})
    public class RateLimitAutoConfigure {
        @Bean
        @ConditionalOnProperty(value = "config.rate-limit.type", havingValue = "custome-type")
        public CustomerRateLimiter customerRateLimiter(){
            return new CustomerRateLimiter();
        }
    }
  3. 配置中心配置

    properties配置

    config.rate-limit.type=custome-type	

    yaml配置

    config:
      rate-limit:
        type: custome-type

Versions

Version
0.3.0
0.0.2