Spring Cloud Gateway 使用 Token 验证

46次阅读

共计 2599 个字符,预计需要花费 7 分钟才能阅读完成。

引入依赖
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-dependencies</artifactId>
<version>${spring-cloud.version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>

<dependencies>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-gateway</artifactId>
</dependency>
</dependencies>
自定义过滤器
可以继承 AbstractGatewayFilterFactory 或实现 GlobalFilter 实现过滤请求功能
GatewayFilter
GatewayFilter 只能指定路径上应用
import org.springframework.cloud.gateway.filter.GatewayFilter;
import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory;
import org.springframework.http.HttpStatus;
import org.springframework.http.server.reactive.ServerHttpResponse;
import org.springframework.stereotype.Component;

@Component
public class AuthGatewayFilterFactory extends AbstractGatewayFilterFactory<AuthGatewayFilterFactory.Config> {

public AuthGatewayFilterFactory() {
super(Config.class);
}

@Override
public GatewayFilter apply(Config config) {
return (exchange, chain) -> {
System.out.println(“Welcome to AuthFilter.”);
String token = exchange.getRequest().getHeaders().getFirst(“sign”);
if (Config.secret.equals(token)) {
return chain.filter(exchange);
}
ServerHttpResponse response = exchange.getResponse();
response.setStatusCode(HttpStatus.UNAUTHORIZED);
return response.setComplete();
};
}

static class Config {
static String secret = “1234”;
}
}
spring:
cloud:
gateway:
routes:
– id: service2_route
uri: http://127.0.0.1:8082
predicates:
– Path=/s2/**
filters:
– StripPrefix=1 # 去掉路径的 n 个前缀
– Auth=true # 输入过滤器类的名称前缀
GlobalFilter
GlobalFilter 可以在全局应用
import org.springframework.cloud.gateway.filter.GatewayFilterChain;
import org.springframework.cloud.gateway.filter.GlobalFilter;
import org.springframework.core.Ordered;
import org.springframework.http.HttpStatus;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.http.server.reactive.ServerHttpResponse;
import org.springframework.stereotype.Component;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Mono;

@Component
public class AuthGlobalFilter implements GlobalFilter, Ordered {
@Override
public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
System.out.println(“Welcome to AuthGlobalFilter.”);
ServerHttpRequest request = exchange.getRequest();
String sign = request.getHeaders().get(“sign”).get(0);
String token = “1234”;
if(token.equals(sign)) {
return chain.filter(exchange);
}
ServerHttpResponse response = exchange.getResponse();
response.setStatusCode(HttpStatus.UNAUTHORIZED);
return response.setComplete();
}

@Override
public int getOrder() {
return 0;
}
}

正文完
 0