2 éve · d82983a679
--- a/core-rate-limit/src/main/java/com/qmth/boot/core/rateLimit/entity/RateLimitTarget.java
+++ b/core-rate-limit/src/main/java/com/qmth/boot/core/rateLimit/entity/RateLimitTarget.java
@@ -5,7 +5,7 @@ public enum RateLimitTarget {
 
				     //所有访问者
			
 
				     ALL(""),
			
 
				 
			
 
				-    //按签名区分访问者
			
 
				+    //按用户区分访问者
			
 
				     USER("u"),
			
 
				 
			
 
				     //按设备区分访问者
			
--- a/starter-api/src/main/java/com/qmth/boot/api/interceptor/impl/RateLimitInterceptor.java
+++ b/starter-api/src/main/java/com/qmth/boot/api/interceptor/impl/RateLimitInterceptor.java
@@ -38,9 +38,9 @@ public class RateLimitInterceptor extends AbstractInterceptor {
 
				         String endpoint = request.getServletPath();
			
 
				         String device = getDeviceIdOrIpAddress(request);
			
 
				         String user = getUserIdentity(request);
			
 
				-        // 所有限流规则需要全部匹配才通过
			
 
				-        // 已通过限流堆栈
			
 
				+        // 已通过限流验证堆栈
			
 
				         Deque<RateLimiter> stack = new ArrayDeque<>();
			
 
				+        // 所有限流规则需要全部匹配才通过
			
 
				         for (RateLimitRule rule : ac.getRateLimit()) {
			
 
				             String target = null;
			
 
				             if (rule.getTarget() == RateLimitTarget.DEVICE) {
			
@@ -50,12 +50,15 @@ public class RateLimitInterceptor extends AbstractInterceptor {
 
				             }
			
 
				             RateLimiter limiter = rateLimitService.getRateLimiter(endpoint, target, rule);
			
 
				             if (limiter.acquire()) {
			
 
				+                //限流验证成功则进入堆栈
			
 
				                 stack.push(limiter);
			
 
				             } else {
			
 
				+                //限流验证失败时，已通过的堆栈需要释放
			
 
				                 while (!stack.isEmpty()) {
			
 
				                     stack.pop().release();
			
 
				                 }
			
 
				-                log.warn("Rate limited: endpoint={}, rule={}, target={}", endpoint, rule.toString(), target);
			
 
				+                log.warn("Rate limited: endpoint={}, rule={}, target={}", endpoint, rule.toString(),
			
 
				+                        StringUtils.trimToEmpty(target));
			
 
				                 throw DefaultExceptionEnum.RATE_LIMITED.exception();
			
 
				             }
			
 
				         }
			
@@ -66,9 +69,9 @@ public class RateLimitInterceptor extends AbstractInterceptor {
 
				     @Override
			
 
				     public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler,
			
 
				             Exception ex) {
			
 
				+        //接口请求完成时，已通过的堆栈需要释放
			
 
				         Deque<RateLimiter> stack = RequestUtil.getAttribute(request, ApiConstant.ATTRIBUTE_RATE_LIMITER_STACK);
			
 
				         if (stack != null) {
			
 
				-            log.debug("Rate limit stack size: " + stack.size());
			
 
				             while (!stack.isEmpty()) {
			
 
				                 stack.pop().release();
			
 
				             }
			
@@ -85,6 +88,7 @@ public class RateLimitInterceptor extends AbstractInterceptor {
 
				     }
			
 
				 
			
 
				     private String getUserIdentity(HttpServletRequest request) {
			
 
				+        // 有鉴权信息的情况下，使用签名中的identity作为访问用户标识
			
 
				         AccessEntity accessEntity = RequestUtil.getAttribute(request, ApiConstant.ATTRIBUTE_ACCESS_ENTITY);
			
 
				         if (accessEntity != null) {
			
 
				             return accessEntity.getIdentity();