// Vanilla JavaScript實現(xiàn)
const form = document.getElementById('myForm');
const submitBtn = document.getElementById('submitBtn');

form.addEventListener('submit', function(e) {
  // 禁用按鈕
  submitBtn.disabled = true;
  submitBtn.textContent = '提交中...';
  
  // 可選的防止表單默認提交行為
  // e.preventDefault();
  // 在這里執(zhí)行異步提交邏輯
});

// 如果提交失敗需要恢復(fù)按鈕狀態(tài)
function enableSubmitButton() {
  submitBtn.disabled = false;
  submitBtn.textContent = '提交';
}

function MyForm() {
  const [isSubmitting, setIsSubmitting] = useState(false);
  
  const handleSubmit = async (e) => {
    e.preventDefault();
    setIsSubmitting(true);
    
    try {
      await submitFormData();
      // 提交成功后的處理
    } catch (error) {
      // 提交失敗恢復(fù)按鈕狀態(tài)
      setIsSubmitting(false);
    }
  };
  
  return (
    <form onSubmit={handleSubmit}>
      {/* 表單字段 */}
      <button type="submit" disabled={isSubmitting}>
        {isSubmitting ? '提交中...' : '提交'}
      </button>
    </form>
  );
}

/* 加載狀態(tài)樣式 */
.submit-btn.loading {
  position: relative;
  pointer-events: none;
}

.submit-btn.loading::after {
  content: '';
  position: absolute;
  right: 10px;
  top: 50%;
  width: 16px;
  height: 16px;
  margin-top: -8px;
  border: 2px solid rgba(255,255,255,0.3);
  border-radius: 50%;
  border-top-color: #fff;
  animation: spin 1s ease-in-out infinite;
}

@keyframes spin {
  to { transform: rotate(360deg); }
}

// 服務(wù)端生成令牌并注入頁面
const csrfToken = generateToken(); // 存儲在session中
res.render('form-page', { csrfToken });

// 前端表單中包含令牌
<form>
  <input type="hidden" name="_csrf" value="{{csrfToken}}">
  <!-- 其他字段 -->
</form>

// 服務(wù)端驗證
app.post('/submit', (req, res) => {
  const { _csrf } = req.body;
  if (!validateToken(_csrf)) {
    return res.status(400).json({ error: '無效的請求令牌' });
  }
  // 處理有效請求
  invalidateToken(_csrf); // 使令牌失效
});

const pendingRequests = new Set();

async function submitForm(data) {
  // 生成請求唯一標(biāo)識
  const requestKey = JSON.stringify({
    url: '/api/submit',
    data: sanitizeData(data) // 去除可變字段如時間戳
  });
  
  if (pendingRequests.has(requestKey)) {
    throw new Error('請勿重復(fù)提交');
  }
  
  pendingRequests.add(requestKey);
  try {
    const result = await fetch('/api/submit', {
      method: 'POST',
      body: JSON.stringify(data)
    });
    return await result.json();
  } finally {
    pendingRequests.delete(requestKey);
  }
}

let lastSubmitTime = 0;
const MIN_INTERVAL = 5000; // 5秒內(nèi)不允許重復(fù)提交

function handleSubmit() {
  const now = Date.now();
  if (now - lastSubmitTime < MIN_INTERVAL) {
    alert('操作過于頻繁，請稍后再試');
    return;
  }
  
  lastSubmitTime = now;
  // 繼續(xù)提交邏輯
}

<template>
  <form @submit.prevent="handleSubmit">
    <!-- 表單內(nèi)容 -->
    <button 
      type="submit" 
      :disabled="isSubmitting"
      :class="{ 'loading': isSubmitting }"
    >
      <span v-if="!isSubmitting">提交</span>
      <span v-else>處理中...</span>
    </button>
  </form>
</template>

<script>
export default {
  data() {
    return {
      isSubmitting: false,
      lastSubmitTime: 0
    }
  },
  methods: {
    async handleSubmit() {
      // 5秒內(nèi)不允許重復(fù)提交
      if (Date.now() - this.lastSubmitTime < 5000) {
        this.$toast.warning('請勿頻繁提交');
        return;
      }
      
      this.isSubmitting = true;
      this.lastSubmitTime = Date.now();
      
      try {
        await this.$http.post('/api/submit', this.formData);
        this.$toast.success('提交成功');
      } catch (error) {
        this.isSubmitting = false;
        this.$toast.error('提交失敗');
      } finally {
        this.isSubmitting = false;
      }
    }
  }
}
</script>

import { Component } from '@angular/core';
import { FormBuilder, Validators } from '@angular/forms';

@Component({
  selector: 'app-my-form',
  template: `
    <form [formGroup]="form" (ngSubmit)="onSubmit()" #formRef="ngForm">
      <!-- 表單字段 -->
      <button 
        type="submit" 
        [disabled]="form.invalid || isSubmitting"
      >
        <span *ngIf="!isSubmitting">提交</span>
        <span *ngIf="isSubmitting">處理中...</span>
      </button>
    </form>
  `
})
export class MyFormComponent {
  form = this.fb.group({
    // 表單控件定義
  });
  
  isSubmitting = false;
  private submitLock = false;

  constructor(private fb: FormBuilder) {}

  onSubmit() {
    if (this.submitLock) return;
    
    this.submitLock = true;
    this.isSubmitting = true;
    
    this.service.submit(this.form.value).subscribe({
      next: () => {
        // 成功處理
      },
      error: () => {
        this.submitLock = false;
        this.isSubmitting = false;
      },
      complete: () => {
        this.isSubmitting = false;
      }
    });
  }
}

// 請求攔截器
axios.interceptors.request.use(config => {
  if (config.method?.toUpperCase() === 'POST') {
    const requestKey = `${config.url}-${JSON.stringify(config.data)}`;
    if (window.activeRequests?.has(requestKey)) {
      throw new axios.Cancel('重復(fù)請求已取消');
    }
    
    window.activeRequests = window.activeRequests || new Set();
    window.activeRequests.add(requestKey);
    config.cancelToken = new axios.CancelToken(cancel => {
      config.cancel = cancel;
    });
  }
  return config;
});

// 響應(yīng)攔截器
axios.interceptors.response.use(
  response => {
    if (response.config.method?.toUpperCase() === 'POST') {
      const requestKey = `${response.config.url}-${JSON.stringify(response.config.data)}`;
      window.activeRequests?.delete(requestKey);
    }
    return response;
  },
  error => {
    if (error.config?.method?.toUpperCase() === 'POST') {
      const requestKey = `${error.config.url}-${JSON.stringify(error.config.data)}`;
      window.activeRequests?.delete(requestKey);
    }
    return Promise.reject(error);
  }
);

const activeRequests = new Map();

async function safeFetch(url, options = {}) {
  // 生成請求指紋
  const requestKey = `${url}-${JSON.stringify(options)}`;
  
  if (activeRequests.has(requestKey)) {
    throw new Error('重復(fù)請求已被阻止');
  }
  
  activeRequests.set(requestKey, true);
  try {
    const response = await fetch(url, options);
    if (!response.ok) throw new Error('請求失敗');
    return await response.json();
  } finally {
    activeRequests.delete(requestKey);
  }
}

/* 按鈕狀態(tài)變化動畫 */
.submit-btn {
  transition: 
    background-color 0.3s ease,
    opacity 0.3s ease;
}

.submit-btn:disabled {
  opacity: 0.7;
  background-color: #ccc;
  cursor: not-allowed;
}

/* 加載指示器 */
.loading-indicator {
  display: inline-block;
  width: 16px;
  height: 16px;
  border: 2px solid rgba(255,255,255,0.3);
  border-radius: 50%;
  border-top-color: #fff;
  animation: spin 1s ease-in-out infinite;
  margin-left: 8px;
  vertical-align: middle;
}

// 提交成功后重定向到結(jié)果頁
async function handleSubmit() {
  try {
    await submitForm();
    // 替換當(dāng)前歷史記錄，防止后退重復(fù)提交
    window.location.replace('/success-page');
  } catch (error) {
    // 錯誤處理
  }
}

// 或使用框架路由
// React Router示例
const navigate = useNavigate();
const handleSubmit = async () => {
  await submitForm();
  navigate('/success', { replace: true }); // 替換當(dāng)前歷史記錄
};

// 客戶端生成唯一請求ID
const requestId = generateUUID(); // 如: '7b1f29b3-7a7d-4d9e-bd5e-5d5d5d5d5d5d'

// 包含在請求中
await fetch('/api/order', {
  method: 'POST',
  headers: {
    'X-Request-ID': requestId
  },
  body: JSON.stringify(orderData)
});

// 服務(wù)端處理
app.post('/api/order', async (req, res) => {
  const requestId = req.headers['x-request-id'];
  if (await isRequestProcessed(requestId)) {
    return res.status(200).json(await getCachedResponse(requestId));
  }
  
  // 處理新請求
  const result = await processOrder(req.body);
  await cacheRequest(requestId, result);
  res.json(result);
});

// 客戶端獲取數(shù)據(jù)時同時獲取版本號
const { data, version } = await fetch('/api/resource/123');

// 提交更新時帶上版本號
await fetch('/api/resource/123', {
  method: 'PUT',
  body: JSON.stringify({
    ...updatedData,
    version // 當(dāng)前版本號
  })
});

// 服務(wù)端驗證
app.put('/api/resource/:id', (req, res) => {
  const currentVersion = getCurrentVersion(req.params.id);
  if (currentVersion !== req.body.version) {
    return res.status(409).json({ 
      error: '數(shù)據(jù)已被修改，請刷新后重試' 
    });
  }
  // 處理更新...
});

class FormSubmitHandler {
  constructor(formId, options = {}) {
    this.form = document.getElementById(formId);
    this.submitBtn = this.form.querySelector('[type="submit"]');
    this.minInterval = options.minInterval || 5000;
    this.lastSubmitTime = 0;
    this.pendingRequest = null;
    
    this.init();
  }
  
  init() {
    this.form.addEventListener('submit', this.handleSubmit.bind(this));
  }
  
  async handleSubmit(e) {
    e.preventDefault();
    
    // 1. 檢查時間間隔
    const now = Date.now();
    if (now - this.lastSubmitTime < this.minInterval) {
      this.showError('操作過于頻繁，請稍后再試');
      return;
    }
    
    // 2. 禁用按鈕
    this.disableForm();
    
    try {
      // 3. 生成請求唯一標(biāo)識
      const requestKey = this.generateRequestKey();
      if (window.activeFormRequests?.has(requestKey)) {
        throw new Error('重復(fù)請求已取消');
      }
      
      window.activeFormRequests = window.activeFormRequests || new Set();
      window.activeFormRequests.add(requestKey);
      
      // 4. 執(zhí)行提交
      this.lastSubmitTime = now;
      this.pendingRequest = this.submitFormData();
      await this.pendingRequest;
      
      // 5. 成功處理
      this.showSuccess();
      this.redirectAfterSuccess();
      
    } catch (error) {
      if (error.message !== '重復(fù)請求已取消') {
        this.showError(error.message || '提交失敗');
      }
    } finally {
      // 6. 恢復(fù)表單
      this.enableForm();
      this.pendingRequest = null;
    }
  }
  
  disableForm() {
    this.submitBtn.disabled = true;
    this.submitBtn.classList.add('loading');
    this.form.querySelectorAll('input, select, textarea').forEach(el => {
      el.disabled = true;
    });
  }
  
  enableForm() {
    this.submitBtn.disabled = false;
    this.submitBtn.classList.remove('loading');
    this.form.querySelectorAll('input, select, textarea').forEach(el => {
      el.disabled = false;
    });
  }
  
  async submitFormData() {
    const formData = new FormData(this.form);
    const response = await fetch(this.form.action, {
      method: this.form.method,
      body: formData
    });
    
    if (!response.ok) {
      throw new Error(await response.text());
    }
    
    return response.json();
  }
  
  generateRequestKey() {
    return `${this.form.action}-${this.form.method}-${Array.from(new FormData(this.form)).toString()}`;
  }
  
  showError(message) {
    // 實現(xiàn)錯誤提示顯示邏輯
  }
  
  showSuccess() {
    // 實現(xiàn)成功提示顯示邏輯
  }
  
  redirectAfterSuccess() {
    // 提交成功后跳轉(zhuǎn)或重置表單
  }
}

// 使用示例
new FormSubmitHandler('myForm', { minInterval: 3000 });

describe('表單重復(fù)提交防御', () => {
  let form, handler;
  
  beforeEach(() => {
    document.body.innerHTML = `
      <form id="testForm">
        <input name="username">
        <button type="submit">提交</button>
      </form>
    `;
    form = document.getElementById('testForm');
    form.addEventListener('submit', e => e.preventDefault());
  });
  
  it('提交時應(yīng)禁用按鈕', async () => {
    const handler = new FormSubmitHandler('testForm');
    const submitBtn = form.querySelector('button');
    
    form.dispatchEvent(new Event('submit'));
    expect(submitBtn.disabled).toBe(true);
  });
  
  it('5秒內(nèi)應(yīng)阻止重復(fù)提交', async () => {
    const handler = new FormSubmitHandler('testForm', { minInterval: 5000 });
    const mockSubmit = jest.spyOn(handler, 'submitFormData');
    
    // 第一次提交
    form.dispatchEvent(new Event('submit'));
    // 立即嘗試第二次提交
    form.dispatchEvent(new Event('submit'));
    
    expect(mockSubmit).toHaveBeenCalledTimes(1);
  });
  
  it('請求完成應(yīng)恢復(fù)按鈕狀態(tài)', async () => {
    const handler = new FormSubmitHandler('testForm');
    const submitBtn = form.querySelector('button');
    
    // 模擬快速提交
    form.dispatchEvent(new Event('submit'));
    await Promise.resolve(); // 模擬異步完成
    
    expect(submitBtn.disabled).toBe(false);
  });
});

describe('表單提交', () => {
  it('應(yīng)防止重復(fù)提交', () => {
    cy.intercept('POST', '/api/submit', {
      delay: 1000,
      body: { success: true }
    }).as('submitRequest');
    
    cy.visit('/form-page');
    cy.get('form').submit();
    cy.get('button[type="submit"]').should('be.disabled');
    
    // 嘗試重復(fù)提交
    cy.get('form').submit();
    cy.get('@submitRequest.all').should('have.length', 1);
    
    // 等待請求完成
    cy.wait('@submitRequest');
    cy.get('button[type="submit"]').should('not.be.disabled');
  });
});