springcloud2 gateway 之三：使用filter作权限验证

时间 2020-06-21 标签 springcloud2 springcloud gateway 之三使用 filter 权限验证

springcloud2 gateway 之一：简单样例
http://www.javashuo.com/article/p-nkplpein-np.htmljava

springcloud2 gateway 之二：转发调用eureka客户端服务
https://blog.csdn.net/haveqing/article/details/88427571react

文件结构web

1、GatewayConfig.javaspring

package com.urthink.upfs.springcloudgateway.config;

import com.urthink.upfs.springcloudgateway.filter.TokenFilter;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

@Configuration
public class GatewayConfig {

    @Bean
    public TokenFilter tokenFilter(){
        return new TokenFilter();
    }
}

2、TokenFilter.java数据库

每个GlobalFilter都做用在每个router上，可以知足大多数的需求。可是若是遇到业务上的定制，可能须要编写知足本身需求的GlobalFilter。在下面的案例中将讲述如何编写本身GlobalFilter，该GlobalFilter会校验请求中是否包含了请求参数“token”，如何不包含请求参数“token”则不转发路由，不然执行正常的逻辑。代码以下：架构

package com.urthink.upfs.springcloudgateway.filter;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.cloud.gateway.filter.GatewayFilterChain;
import org.springframework.cloud.gateway.filter.GlobalFilter;
import org.springframework.core.Ordered;
import org.springframework.http.HttpStatus;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Mono;

/**
 * gateway全局过滤器
 * https://blog.csdn.net/forezp/article/details/85057268
 */
public class TokenFilter implements GlobalFilter, Ordered {

    Logger logger= LoggerFactory.getLogger( TokenFilter.class );
    @Override
    public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
        String token = exchange.getRequest().getQueryParams().getFirst("token");
        if (token == null || token.isEmpty()) {
            logger.info( "token is empty..." );
            exchange.getResponse().setStatusCode(HttpStatus.UNAUTHORIZED);
            return exchange.getResponse().setComplete();
        }
        return chain.filter(exchange);
    }

    @Override
    public int getOrder() {
        return -100;
    }
}

在上面的TokenFilter须要实现GlobalFilter和Ordered接口，这和实现GatewayFilter很相似。而后根据ServerWebExchange获取ServerHttpRequest，而后根据ServerHttpRequest中是否含有参数token，若是没有则完成请求，终止转发，不然执行正常的逻辑。app

3、访问ide

http://localhost:8080/app2/demo/test1微服务

返回 401 Unauthorizedspa

http://localhost:8080/app2/demo/test1?token=tokendata

正常返回数据

既然gateway已经链接到eureka，就能够经过feign调用其余服务，作更复杂的权限验证了，而没必要直接连数据库。

参考：

spring cloud gateway之filter篇
https://blog.csdn.net/forezp/article/details/85057268

Spring-Cloud-Gateway之过滤器GatewayFilter
https://www.jianshu.com/p/eb3a67291050

spring cloud gateway 2 深刻了解 - filter
https://www.jianshu.com/p/5e40bbc95eb9

微服务架构spring cloud - Gateway过滤器（十二）
https://blog.csdn.net/m0_37834471/article/details/82621337