亲宝软件园·资讯

展开

springcloud网关头部信息

一一可可 人气:0

后台系统如何获取请求头里的数据

1. 网关层封装数据到head头

@Component
@Slf4j
public class LoginGatewayFilterFactory extends AbstractGatewayFilterFactory {
 
    @Override
    public GatewayFilter apply(Object config) {
        return (exchange, chain) -> {
            // 获取 request
            ServerHttpRequest req = exchange.getRequest();
            URI uri = req.getURI();
            // 日志
            log.info(StringUtils.join("【", req.getMethod(), "】", uri.getHost(), ":", uri.getPort(), ", 【path】", uri.getPath()));
            // 检查请求 uri 是否需要鉴权
            String path = uri.getPath();
            if (StringUtils.equalsAny(path, "/sysLogin")) {
                return chain.filter(exchange);
            }
            // 获取请求的 token
            HttpHeaders reqHeaders = req.getHeaders();
            String token = req.getHeaders().getFirst("token");
            if (StringUtils.isBlank(token)) {
                return FilterUtil.setParamToResponse(exchange, HttpStatus.UNAUTHORIZED, "请先登录");
            }
            // 验证 token
            JWT jwt = JWTUtil.parseToken(token);
            if (jwt == null) {
                log.info(StringUtils.join("[token=", token, "]转换为jwt失败"));
                return FilterUtil.setParamToResponse(exchange, HttpStatus.UNAUTHORIZED, "令牌未识别");
            }
            JSONObject json = jwt.getPayloads();
            if (json == null || json.isEmpty() || json.isNull("key") || json.isNull(JWTPayload.ISSUED_AT)) {
                log.info(StringUtils.join("[token=", token, "]解析异常"));
                return FilterUtil.setParamToResponse(exchange, HttpStatus.UNAUTHORIZED, "令牌未识别");
            }
            String userId = json.get("key", String.class);
            if (StringUtils.isBlank(userId)) {
                return FilterUtil.setParamToResponse(exchange, HttpStatus.UNAUTHORIZED, "令牌未识别");
            }
            boolean verify = jwt.setKey(JwtUtils.createKey(userId)).verify();
            if (!verify) {
                return FilterUtil.setParamToResponse(exchange, HttpStatus.UNAUTHORIZED, "令牌未识别");
            }
            // 过期时间
            long seconds = Instant.now().getEpochSecond() - json.get(JWTPayload.ISSUED_AT, Long.class);
            if (seconds < 0) {
                return FilterUtil.setParamToResponse(exchange, HttpStatus.UNAUTHORIZED, "令牌未识别");
            } else if (seconds >= 1500 && seconds <= 1800) {
                // 自动刷新令牌
                ServerHttpResponse httpResponse = exchange.getResponse();
                HttpHeaders repHeaders = httpResponse.getHeaders();
                repHeaders.set("token", JwtUtils.createToken(userId));
            } else if (seconds > 1800) {
                // 登录超时
                return FilterUtil.setParamToResponse(exchange, HttpStatus.UNAUTHORIZED, "登录超时");
            }
            Consumer<HttpHeaders> headersConsumer = httpHeaders -> {
                for (Map.Entry<String, List<String>> entry : reqHeaders.entrySet()) {
                    httpHeaders.put(entry.getKey(), entry.getValue());
                }
                httpHeaders.add("userId", userId);
            };
            return chain.filter(exchange.mutate().request(req.mutate().headers(headersConsumer).build()).build());
        };
    }
 
}

2. controller层代码实现

    @ApiOperation(value = "添加")
    @PostMapping("")
    public PojoBaseResponse<Boolean> add(@RequestBody @Validated MainRouteDTO vo, @RequestHeader String userId) {
        return ResponseUtils.pojo(mainRouteService.add(vo, userId));
    }

加载全部内容

相关教程
猜你喜欢
用户评论