Java interface anti-brush mechanism

Table of contents

1. Questions

2. Code

---

1. Questions

We all know that sending mobile phone verification codes requires a small amount of money, but if someone maliciously swipes your mobile phone verification code sending interface in a short period of time, it will require even more small money. If you use QQ mailbox to send the verification code , then requesting qq multiple times in a short period of time will also prohibit you from continuing to send, so in order to solve this problem, there is this blog.

Chestnut: The login of csdn has a verification code to prevent brushing. I have also checked other blog sites to see if there are any.

2. Code

All logic code:

For specific other related codes, please refer to: redis integration sends verification code through QQ mailbox

    //发送邮件
    @PostMapping("/email")
    public R sendEmail(@RequestParam("toMail") String toMail) {
        if (!StringUtils.isEmpty(toMail) & toMail != null) {
            String redisCode = (String) redisTemplate.opsForValue().get(AuthServerConstant.SMS_CODE_CACHE_PREFIX + toMail);
            if (!StringUtils.isEmpty(redisCode)) {
                long time = Long.parseLong(redisCode.split("_")[1]);
                if (System.currentTimeMillis() - time < 60000) {
                    //60秒内不能再发
                    return R.error(BizCodeEnume.SMS_CODE_EXCEPTION.getCode(), BizCodeEnume.SMS_CODE_EXCEPTION.getMsg());
                }
            }
            String code = YangUtils.getCode();
            //2.验证码有效时间
            //String code1 = UUID.randomUUID().toString().substring(0, 5)+"_"+System.currentTimeMillis();
            String code2 = code + "_" + System.currentTimeMillis();
            //redis缓存验证码
            redisTemplate.opsForValue().set(AuthServerConstant.SMS_CODE_CACHE_PREFIX + toMail, code2, 10, TimeUnit.MINUTES);
            SimpleMailMessage massage = new SimpleMailMessage();
            massage.setFrom(mailUsername);
            massage.setTo(toMail);
            massage.setSubject("Alice小姐为你服务，请收好你的验证码并及时去指定地方兑换奖品哦----");
            massage.setText(code);//发送内容为验证码
            mailSender.send(massage);
            return R.ok("发送成功!");
        }else {
            return R.error(BizCodeEnume.PHONE_NULL_EXCEPTION.getCode(),BizCodeEnume.PHONE_NULL_EXCEPTION.getMsg());
        }
    }

Its main logic is to store the verification code and mailbox number in redis, and then continue to call this interface after it will first judge whether it is the same mailbox number and continue to call this interface within 60 seconds.

as follows:

            String redisCode = (String) redisTemplate.opsForValue().get(AuthServerConstant.SMS_CODE_CACHE_PREFIX + toMail);
            if (!StringUtils.isEmpty(redisCode)) {
                long time = Long.parseLong(redisCode.split("_")[1]);
                if (System.currentTimeMillis() - time < 60000) {
                    //60秒内不能再发
                    return R.error(BizCodeEnume.SMS_CODE_EXCEPTION.getCode(), BizCodeEnume.SMS_CODE_EXCEPTION.getMsg());
                }
            }

            String code = YangUtils.getCode();
            //2.验证码有效时间
            //String code1 = UUID.randomUUID().toString().substring(0, 5)+"_"+System.currentTimeMillis();
            String code2 = code + "_" + System.currentTimeMillis();
            //redis缓存验证码
            redisTemplate.opsForValue().set(AuthServerConstant.SMS_CODE_CACHE_PREFIX + toMail, code2, 10, TimeUnit.MINUTES);