Spring Cloud Gateway Token验证 Spring Cloud Gateway使用Token验证详解
乡间一壶凉白开 人气:6引入依赖
<dependencyManagement> <dependencies> <dependency> <groupId>org.springframework.cloud</groupId> <artifactId>spring-cloud-dependencies</artifactId> <version>${spring-cloud.version}</version> <type>pom</type> <scope>import</scope> </dependency> </dependencies> </dependencyManagement> <dependencies> <dependency> <groupId>org.springframework.cloud</groupId> <artifactId>spring-cloud-starter-gateway</artifactId> </dependency> </dependencies>
自定义过滤器
可以继承 AbstractGatewayFilterFactory 或实现 GlobalFilter 实现过滤请求功能
GatewayFilter
GatewayFilter 只能指定路径上应用
import org.springframework.cloud.gateway.filter.GatewayFilter; import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory; import org.springframework.http.HttpStatus; import org.springframework.http.server.reactive.ServerHttpResponse; import org.springframework.stereotype.Component; @Component public class AuthGatewayFilterFactory extends AbstractGatewayFilterFactory<AuthGatewayFilterFactory.Config> { public AuthGatewayFilterFactory() { super(Config.class); } @Override public GatewayFilter apply(Config config) { return (exchange, chain) -> { System.out.println("Welcome to AuthFilter."); String token = exchange.getRequest().getHeaders().getFirst("sign"); if (Config.secret.equals(token)) { return chain.filter(exchange); } ServerHttpResponse response = exchange.getResponse(); response.setStatusCode(HttpStatus.UNAUTHORIZED); return response.setComplete(); }; } static class Config { static String secret = "1234"; } }
spring: cloud: gateway: routes: - id: service2_route uri: http://127.0.0.1:8082 predicates: - Path=/s2/** filters: - StripPrefix=1 # 去掉路径的 n 个前缀 - Auth=true # 输入过滤器类的名称前缀
GlobalFilter
GlobalFilter 可以在全局应用
import org.springframework.cloud.gateway.filter.GatewayFilterChain; import org.springframework.cloud.gateway.filter.GlobalFilter; import org.springframework.core.Ordered; import org.springframework.http.HttpStatus; import org.springframework.http.server.reactive.ServerHttpRequest; import org.springframework.http.server.reactive.ServerHttpResponse; import org.springframework.stereotype.Component; import org.springframework.web.server.ServerWebExchange; import reactor.core.publisher.Mono; @Component public class AuthGlobalFilter implements GlobalFilter, Ordered { @Override public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) { System.out.println("Welcome to AuthGlobalFilter."); ServerHttpRequest request = exchange.getRequest(); String sign = request.getHeaders().get("sign").get(0); String token = "1234"; if(token.equals(sign)) { return chain.filter(exchange); } ServerHttpResponse response = exchange.getResponse(); response.setStatusCode(HttpStatus.UNAUTHORIZED); return response.setComplete(); } @Override public int getOrder() { return 0; } }
加载全部内容