package com.gateway.config; import com.auth0.jwt.exceptions.AlgorithmMismatchException; import com.auth0.jwt.exceptions.SignatureVerificationException; import com.auth0.jwt.exceptions.TokenExpiredException; import com.fasterxml.jackson.databind.ObjectMapper; import com.gateway.util.JWTConstant; import com.gateway.util.JWTUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.cloud.gateway.filter.GatewayFilter; import org.springframework.cloud.gateway.filter.GatewayFilterChain; import org.springframework.core.Ordered; import org.springframework.http.HttpHeaders; import org.springframework.http.HttpStatus; import org.springframework.http.server.reactive.ServerHttpRequest; import org.springframework.http.server.reactive.ServerHttpResponse; import org.springframework.stereotype.Component; import org.springframework.util.MultiValueMap; import org.springframework.web.server.ServerWebExchange; import reactor.core.publisher.Mono; import java.net.InetSocketAddress; import java.util.HashMap; import java.util.List; import java.util.Map; /** * GatewayFilter 用在單個路由上 * GlobalFilter 用在整個網關之前 */ @Component public class LexueGatewayFilter implements GatewayFilter, Ordered { private static final Logger LOGGER = LoggerFactory.getLogger(LexueGatewayFilter.class); @Override public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) { /* 這個request對象可以獲取更多的內容 比如,如果是使用token驗證的話,就可以判斷它的Header中的Token值了 為了演示方便,我就判斷了它的參數 */ // ServerHttpRequest request = exchange.getRequest(); // MultiValueMap<String, String> queryParams = request.getQueryParams(); // String username = queryParams.getFirst("username"); // if (!username.equals("admin")) { // //不允許訪問,禁止訪問 // ServerHttpResponse response = exchange.getResponse(); // response.setStatusCode(HttpStatus.NOT_ACCEPTABLE); //這個狀態碼是406 // // return exchange.getResponse().setComplete(); // } ServerHttpRequest request = exchange.getRequest(); ServerHttpResponse response = exchange.getResponse(); InetSocketAddress addr = request.getRemoteAddress(); System.out.println("當前訪問的設備的 hostName :" + addr.getHostName()); System.out.println("當前訪問的設備的 address :" + addr.getAddress().toString()); System.out.println("當前訪問的設備的 port :" + addr.getPort()); //TODO 如果是后台管理訪問,放行 // if(addr.getHostName().equals("220.113.124.160")) return chain.filter(exchange); HttpHeaders headers = request.getHeaders(); List<String> strings = headers.get(JWTConstant.TOKEN_NAME); if(strings!=null){ String lexueToken = strings.get(0); if(lexueToken!=null){ try { JWTUtils.verify(lexueToken); //放行 return chain.filter(exchange); } catch (Exception e){ //只要有異常 就返回方法不允許 response.setStatusCode(HttpStatus.METHOD_NOT_ALLOWED); //禁止訪問 return exchange.getResponse().setComplete(); } }else{ //如果lexueToken==null 也不准訪問 return exchange.getResponse().setComplete(); } }else {//沒取到====告知前台,需要登錄 response.setStatusCode(HttpStatus.UNAUTHORIZED); //禁止訪問 return exchange.getResponse().setComplete(); } } /** * 這是Ordered接口的中的方法 * 過濾器有一個優先級的問題,這個值越小,優先級越高 * @return */ @Override public int getOrder() { return 0; } }
package com.gateway.config; import org.springframework.cloud.gateway.filter.GlobalFilter; import org.springframework.cloud.gateway.route.RouteLocator; import org.springframework.cloud.gateway.route.builder.RouteLocatorBuilder; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; @Configuration public class LexueFilterConfiguration { @Bean public RouteLocator routeLocator(RouteLocatorBuilder builder) { return builder.routes() .route(r -> r.path("/api/lexueManager/courseselect/**", "/api/lexueManager/note/**", "/api/lexueManager/problem/**", "/api/lexueManager/task/**", "/api/lexueManager/user/list", "/api/lexueManager/user/list", "/api/lexueManager/user/info/**", "/api/lexueManager/user/save", "/api/lexueManager/user/update", "/api/lexueManager/user/delete", "/api/lexueManager/user/updatePassword", "/api/lexueManager/usertask/**") .filters( //指示在將請求發送到下游之前,要從請求中去除的路徑中的節數 f -> f.stripPrefix(1) .filters(new LexueGatewayFilter()) ) .uri("lb://lexueManager") ) .build(); } }