affaan-m-springboot-patterns
1
总安装量
1
周安装量
#52334
全站排名
安装命令
npx skills add https://smithery.ai
Agent 安装分布
claude-code
1
Skill 文档
Spring Boot å¼å模å¼
ç¨äºå¯æ©å±ãç产级æå¡ç Spring Boot æ¶æå API 模å¼ã
REST API ç»æ
@RestController
@RequestMapping("/api/markets")
@Validated
class MarketController {
private final MarketService marketService;
MarketController(MarketService marketService) {
this.marketService = marketService;
}
@GetMapping
ResponseEntity<Page<MarketResponse>> list(
@RequestParam(defaultValue = "0") int page,
@RequestParam(defaultValue = "20") int size) {
Page<Market> markets = marketService.list(PageRequest.of(page, size));
return ResponseEntity.ok(markets.map(MarketResponse::from));
}
@PostMapping
ResponseEntity<MarketResponse> create(@Valid @RequestBody CreateMarketRequest request) {
Market market = marketService.create(request);
return ResponseEntity.status(HttpStatus.CREATED).body(MarketResponse.from(market));
}
}
ä»åºæ¨¡å¼ (Spring Data JPA)
public interface MarketRepository extends JpaRepository<MarketEntity, Long> {
@Query("select m from MarketEntity m where m.status = :status order by m.volume desc")
List<MarketEntity> findActive(@Param("status") MarketStatus status, Pageable pageable);
}
带äºå¡çæå¡å±
@Service
public class MarketService {
private final MarketRepository repo;
public MarketService(MarketRepository repo) {
this.repo = repo;
}
@Transactional
public Market create(CreateMarketRequest request) {
MarketEntity entity = MarketEntity.from(request);
MarketEntity saved = repo.save(entity);
return Market.from(saved);
}
}
DTO åéªè¯
public record CreateMarketRequest(
@NotBlank @Size(max = 200) String name,
@NotBlank @Size(max = 2000) String description,
@NotNull @FutureOrPresent Instant endDate,
@NotEmpty List<@NotBlank String> categories) {}
public record MarketResponse(Long id, String name, MarketStatus status) {
static MarketResponse from(Market market) {
return new MarketResponse(market.id(), market.name(), market.status());
}
}
å¼å¸¸å¤ç
@ControllerAdvice
class GlobalExceptionHandler {
@ExceptionHandler(MethodArgumentNotValidException.class)
ResponseEntity<ApiError> handleValidation(MethodArgumentNotValidException ex) {
String message = ex.getBindingResult().getFieldErrors().stream()
.map(e -> e.getField() + ": " + e.getDefaultMessage())
.collect(Collectors.joining(", "));
return ResponseEntity.badRequest().body(ApiError.validation(message));
}
@ExceptionHandler(AccessDeniedException.class)
ResponseEntity<ApiError> handleAccessDenied() {
return ResponseEntity.status(HttpStatus.FORBIDDEN).body(ApiError.of("Forbidden"));
}
@ExceptionHandler(Exception.class)
ResponseEntity<ApiError> handleGeneric(Exception ex) {
// Log unexpected errors with stack traces
return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR)
.body(ApiError.of("Internal server error"));
}
}
ç¼å
éè¦å¨é
置类ä¸ä½¿ç¨ @EnableCachingã
@Service
public class MarketCacheService {
private final MarketRepository repo;
public MarketCacheService(MarketRepository repo) {
this.repo = repo;
}
@Cacheable(value = "market", key = "#id")
public Market getById(Long id) {
return repo.findById(id)
.map(Market::from)
.orElseThrow(() -> new EntityNotFoundException("Market not found"));
}
@CacheEvict(value = "market", key = "#id")
public void evict(Long id) {}
}
å¼æ¥å¤ç
éè¦å¨é
置类ä¸ä½¿ç¨ @EnableAsyncã
@Service
public class NotificationService {
@Async
public CompletableFuture<Void> sendAsync(Notification notification) {
// send email/SMS
return CompletableFuture.completedFuture(null);
}
}
æ¥å¿è®°å½ (SLF4J)
@Service
public class ReportService {
private static final Logger log = LoggerFactory.getLogger(ReportService.class);
public Report generate(Long marketId) {
log.info("generate_report marketId={}", marketId);
try {
// logic
} catch (Exception ex) {
log.error("generate_report_failed marketId={}", marketId, ex);
throw ex;
}
return new Report();
}
}
ä¸é´ä»¶ / è¿æ»¤å¨
@Component
public class RequestLoggingFilter extends OncePerRequestFilter {
private static final Logger log = LoggerFactory.getLogger(RequestLoggingFilter.class);
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
FilterChain filterChain) throws ServletException, IOException {
long start = System.currentTimeMillis();
try {
filterChain.doFilter(request, response);
} finally {
long duration = System.currentTimeMillis() - start;
log.info("req method={} uri={} status={} durationMs={}",
request.getMethod(), request.getRequestURI(), response.getStatus(), duration);
}
}
}
å页åæåº
PageRequest page = PageRequest.of(pageNumber, pageSize, Sort.by("createdAt").descending());
Page<Market> results = marketService.list(page);
容éçå¤é¨è°ç¨
public <T> T withRetry(Supplier<T> supplier, int maxRetries) {
int attempts = 0;
while (true) {
try {
return supplier.get();
} catch (Exception ex) {
attempts++;
if (attempts >= maxRetries) {
throw ex;
}
try {
Thread.sleep((long) Math.pow(2, attempts) * 100L);
} catch (InterruptedException ie) {
Thread.currentThread().interrupt();
throw ex;
}
}
}
}
éçéå¶ (è¿æ»¤å¨ + Bucket4j)
å®å
¨é¡»ç¥ï¼é»è®¤æ
åµä¸ X-Forwarded-For 头æ¯ä¸å¯ä¿¡çï¼å 为客æ·ç«¯å¯ä»¥ä¼ªé å®ã
ä»
å¨ä»¥ä¸æ
åµä¸ä½¿ç¨è½¬å头ï¼
- æ¨çåºç¨ç¨åºä½äºå¯ä¿¡çåå代çï¼nginxãAWS ALB çï¼ä¹å
- æ¨å·²å°
ForwardedHeaderFilter注å为 bean - æ¨å·²å¨åºç¨å±æ§ä¸é
ç½®äº
server.forward-headers-strategy=NATIVEæFRAMEWORK - æ¨ç代çé
置为è¦çï¼èé追å ï¼
X-Forwarded-For头
å½ ForwardedHeaderFilter 被æ£ç¡®é
ç½®æ¶ï¼request.getRemoteAddr() å°èªå¨ä»è½¬åç头ä¸è¿åæ£ç¡®ç客æ·ç«¯ IPã
没ææ¤é
ç½®æ¶ï¼è¯·ç´æ¥ä½¿ç¨ request.getRemoteAddr()ââå®è¿åçæ¯ç´æ¥è¿æ¥ç IPï¼è¿æ¯å¯ä¸å¯ä¿¡çå¼ã
@Component
public class RateLimitFilter extends OncePerRequestFilter {
private final Map<String, Bucket> buckets = new ConcurrentHashMap<>();
/*
* SECURITY: This filter uses request.getRemoteAddr() to identify clients for rate limiting.
*
* If your application is behind a reverse proxy (nginx, AWS ALB, etc.), you MUST configure
* Spring to handle forwarded headers properly for accurate client IP detection:
*
* 1. Set server.forward-headers-strategy=NATIVE (for cloud platforms) or FRAMEWORK in
* application.properties/yaml
* 2. If using FRAMEWORK strategy, register ForwardedHeaderFilter:
*
* @Bean
* ForwardedHeaderFilter forwardedHeaderFilter() {
* return new ForwardedHeaderFilter();
* }
*
* 3. Ensure your proxy overwrites (not appends) the X-Forwarded-For header to prevent spoofing
* 4. Configure server.tomcat.remoteip.trusted-proxies or equivalent for your container
*
* Without this configuration, request.getRemoteAddr() returns the proxy IP, not the client IP.
* Do NOT read X-Forwarded-For directlyâit is trivially spoofable without trusted proxy handling.
*/
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
FilterChain filterChain) throws ServletException, IOException {
// Use getRemoteAddr() which returns the correct client IP when ForwardedHeaderFilter
// is configured, or the direct connection IP otherwise. Never trust X-Forwarded-For
// headers directly without proper proxy configuration.
String clientIp = request.getRemoteAddr();
Bucket bucket = buckets.computeIfAbsent(clientIp,
k -> Bucket.builder()
.addLimit(Bandwidth.classic(100, Refill.greedy(100, Duration.ofMinutes(1))))
.build());
if (bucket.tryConsume(1)) {
filterChain.doFilter(request, response);
} else {
response.setStatus(HttpStatus.TOO_MANY_REQUESTS.value());
}
}
}
åå°ä½ä¸
ä½¿ç¨ Spring ç @Scheduled æä¸éåï¼å¦ KafkaãSQSãRabbitMQï¼éæãä¿æå¤çç¨åºæ¯å¹ççåå¯è§å¯çã
å¯è§æµæ§
- éè¿ Logback ç¼ç å¨è¿è¡ç»æåæ¥å¿è®°å½ (JSON)
- ææ ï¼Micrometer + Prometheus/OTel
- 追踪ï¼å¸¦æ OpenTelemetry æ Brave å端ç Micrometer Tracing
ç产ç¯å¢é»è®¤è®¾ç½®
- ä¼å 使ç¨æé å½æ°æ³¨å ¥ï¼é¿å åæ®µæ³¨å ¥
- å¯ç¨
spring.mvc.problemdetails.enabled=true以è·å¾ RFC 7807 é误 (Spring Boot 3+) - æ ¹æ®å·¥ä½è´è½½é ç½® HikariCP è¿æ¥æ± 大å°ï¼è®¾ç½®è¶ æ¶
- 对æ¥è¯¢ä½¿ç¨
@Transactional(readOnly = true) - å¨éå½çå°æ¹éè¿
@NonNullåOptional强å¶æ§è¡ç©ºå¼å®å ¨
è®°ä½ï¼ä¿ææ§å¶å¨ç²¾ç®ãæå¡ä¸æ³¨ãä»åºç®åï¼å¹¶éä¸å¤çé误ã为å¯ç»´æ¤æ§åå¯æµè¯æ§è¿è¡ä¼åã