SpringCloudGateway自定义全局过滤器实现登录验证
1、首先自定义一个类,实现GlobalFilter和Ordered接口2、重写filter和getOrder方法3、在filter方法中,使用参数exchange获取请求对象和响应对象ServerHttpRequest request = exchange.getRequest();ServerHttpResponse response = exchange.getResponse();4、使用请
·
1、首先自定义一个类,实现GlobalFilter和Ordered接口
2、重写filter和getOrder方法
3、在filter方法中,使用参数exchange获取请求对象和响应对象
ServerHttpRequest request = exchange.getRequest();
ServerHttpResponse response = exchange.getResponse();
4、使用请求对象request,分别获取请求的路径和请求参数中token的值
// 获取请求路径
String path = request.getPath().toString();
// 获取请求参数中token的值
String token = request.getQueryParams().getFirst("token");
5、定义静态常量
private static final String PATH = "/login";
private static final String CHARSET_NAME = "utf-8";
private static final String ADMIN = "admin";
6、进行判断请求路径中是否有login或者请求参数token的值是否为admin
// 判断是否请求的login页面
if (path.contains(PATH)) {
// 请求路径中含有/login,则放行
return chain.filter(exchange);
// 没有访问登录页面,判断请求参数中token的值是否为admin
} else if(!token.isEmpty() && ADMIN.equals(token)){
// 若请求参数token的值为admin,则放行
return chain.filter(exchange);
// 请求路径中没有login,并且请求参数的token的值不为admin,进行拦截
} else {
// 响应结果,响应数据为JSON数据
HashMap data = new HashMap();
DataBuffer buffer = null;
try {
data.put("code",404);
data.put("msg","请先登录");
byte[] bytes = JSON.toJSONString(data).getBytes(CHARSET_NAME);
buffer = response.bufferFactory().wrap(bytes);
response.setStatusCode(HttpStatus.UNAUTHORIZED);
response.getHeaders().add("Content-Type","application/json;charset=UTF-8");
}catch (Exception e) {
e.printStackTrace();
}
return response.writeWith(Mono.just(buffer));
}
整体代码如下所示:
package com.lyq.apigateway.filter;
import com.alibaba.fastjson.JSON;
import org.springframework.cloud.gateway.filter.GatewayFilterChain;
import org.springframework.cloud.gateway.filter.GlobalFilter;
import org.springframework.core.Ordered;
import org.springframework.core.io.buffer.DataBuffer;
import org.springframework.http.HttpStatus;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.http.server.reactive.ServerHttpResponse;
import org.springframework.stereotype.Component;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Mono;
import java.util.HashMap;
/**
* @program: springcloud-nacos-077
* @description: 全局过滤器
* @author: Lv Yongqi
* @create: 2021-07-08 19:10
**/
@Component
public class AuthGlobalFilter implements GlobalFilter, Ordered {
private static final String PATH = "/login";
private static final String CHARSET_NAME = "utf-8";
private static final String ADMIN = "admin";
@Override
public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
ServerHttpRequest request = exchange.getRequest();
ServerHttpResponse response = exchange.getResponse();
// 获取请求路径,
String path = request.getPath().toString();
// 获取请求参数中token的值
String token = request.getQueryParams().getFirst("token");
// 判断是否请求的login页面
if (path.contains(PATH)) {
return chain.filter(exchange);
// 没有访问登录页面,判断用户是否有token
} else if(!token.isEmpty() && ADMIN.equals(token)){
return chain.filter(exchange);
} else {
// 响应结果,
HashMap data = new HashMap();
DataBuffer buffer = null;
try {
data.put("code",404);
data.put("msg","请先登录");
byte[] bytes = JSON.toJSONString(data).getBytes(CHARSET_NAME);
buffer = response.bufferFactory().wrap(bytes);
response.setStatusCode(HttpStatus.UNAUTHORIZED);
response.getHeaders().add("Content-Type","application/json;charset=UTF-8");
}catch (Exception e) {
e.printStackTrace();
}
return response.writeWith(Mono.just(buffer));
}
}
/**
* 权重,值越小优先级越高
* @return
*/
@Override
public int getOrder() {
return 0;
}
}
权威|前沿|技术|干货|国内首个API全生命周期开发者社区
更多推荐
4
0- 0
已为社区贡献1条内容
所有评论(0)