|
@@ -0,0 +1,90 @@
|
|
|
|
|
+package com.zhaozhaonews.wemedia.gateway.filter;
|
|
|
|
|
+
|
|
|
|
|
+import com.zhaozhaonews.wemedia.gateway.util.AppJwtUtil;
|
|
|
|
|
+import io.jsonwebtoken.Claims;
|
|
|
|
|
+import lombok.extern.slf4j.Slf4j;
|
|
|
|
|
+import org.apache.commons.lang.StringUtils;
|
|
|
|
|
+import org.springframework.cloud.gateway.filter.GatewayFilterChain;
|
|
|
|
|
+import org.springframework.cloud.gateway.filter.GlobalFilter;
|
|
|
|
|
+import org.springframework.core.Ordered;
|
|
|
|
|
+import org.springframework.http.HttpStatus;
|
|
|
|
|
+import org.springframework.http.server.reactive.ServerHttpRequest;
|
|
|
|
|
+import org.springframework.http.server.reactive.ServerHttpResponse;
|
|
|
|
|
+import org.springframework.stereotype.Component;
|
|
|
|
|
+import org.springframework.web.server.ServerWebExchange;
|
|
|
|
|
+import reactor.core.publisher.Mono;
|
|
|
|
|
+
|
|
|
|
|
+@Component
|
|
|
|
|
+@Slf4j
|
|
|
|
|
+public class AuthorizeFilter implements Ordered, GlobalFilter {
|
|
|
|
|
+ @Override
|
|
|
|
|
+ public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
|
|
|
|
|
+ log.info("网关...开始过滤...");
|
|
|
|
|
+ //1.获取request和response对象
|
|
|
|
|
+ ServerHttpRequest request = exchange.getRequest();
|
|
|
|
|
+ ServerHttpResponse response = exchange.getResponse();
|
|
|
|
|
+
|
|
|
|
|
+ String path = request.getURI().getPath();
|
|
|
|
|
+ log.info("请求路径: {}", path);
|
|
|
|
|
+
|
|
|
|
|
+ //2.判断是否是登录(修正)
|
|
|
|
|
+ if(path.contains("/login/") || path.endsWith("/login")) {
|
|
|
|
|
+ log.info("自媒体用户登录....放行.....");
|
|
|
|
|
+ return chain.filter(exchange);
|
|
|
|
|
+ }
|
|
|
|
|
+ //3.获取token
|
|
|
|
|
+ String token = request.getHeaders().getFirst("token");
|
|
|
|
|
+
|
|
|
|
|
+ //4.判断token是否存在
|
|
|
|
|
+ if(StringUtils.isBlank(token)){
|
|
|
|
|
+ response.setStatusCode(HttpStatus.UNAUTHORIZED);
|
|
|
|
|
+ return response.setComplete();
|
|
|
|
|
+ }
|
|
|
|
|
+
|
|
|
|
|
+ //5.判断token是否有效
|
|
|
|
|
+ try {
|
|
|
|
|
+ Claims claimsBody = AppJwtUtil.getClaimsBody(token);
|
|
|
|
|
+ //是否是过期
|
|
|
|
|
+ // 0- 有效
|
|
|
|
|
+ // 1- 过期
|
|
|
|
|
+ // 2- 无效
|
|
|
|
|
+ int result = AppJwtUtil.verifyToken(claimsBody);
|
|
|
|
|
+ if(result == 1 || result == 2){
|
|
|
|
|
+ response.setStatusCode(HttpStatus.UNAUTHORIZED); //返回401
|
|
|
|
|
+ return response.setComplete();
|
|
|
|
|
+ }
|
|
|
|
|
+ //---新增代码--start--------------------
|
|
|
|
|
+ //从token的payload获取userId
|
|
|
|
|
+ //是用户登录的时候JWT的payload里面存了id的相关信息
|
|
|
|
|
+ Object userId = claimsBody.get("id");
|
|
|
|
|
+ //将userId放到请求头中
|
|
|
|
|
+ ServerHttpRequest serverHttpRequest = request.mutate() //获取新的请求对象
|
|
|
|
|
+ .headers(httpHeaders -> { //获取请求头对象
|
|
|
|
|
+ //设置请求头,把userId转换为字符串放进header中
|
|
|
|
|
+ httpHeaders.add("userId", userId.toString());
|
|
|
|
|
+ }).build();
|
|
|
|
|
+ //将新的请求对象放入到exchange中
|
|
|
|
|
+ exchange = exchange.mutate().request(serverHttpRequest).build();
|
|
|
|
|
+ //---新增代码--end-------------------------
|
|
|
|
|
+ } catch (Exception e) {
|
|
|
|
|
+ //-----修改异常处理代码--start-------
|
|
|
|
|
+ //异常的原因可能是:token过期、token无效、格式错误等等
|
|
|
|
|
+ log.error("token解析失败",e);
|
|
|
|
|
+ response.setStatusCode(HttpStatus.UNAUTHORIZED); //返回401
|
|
|
|
|
+ return response.setComplete();
|
|
|
|
|
+ //-----修改异常处理代码--start--------------
|
|
|
|
|
+ }
|
|
|
|
|
+
|
|
|
|
|
+ //6.放行
|
|
|
|
|
+ return chain.filter(exchange);
|
|
|
|
|
+ }
|
|
|
|
|
+
|
|
|
|
|
+ /**
|
|
|
|
|
+ * 优先级设置 值越小 优先级越高
|
|
|
|
|
+ * @return
|
|
|
|
|
+ */
|
|
|
|
|
+ @Override
|
|
|
|
|
+ public int getOrder() {
|
|
|
|
|
+ return -10;
|
|
|
|
|
+ }
|
|
|
|
|
+}
|