Spring Cloud Gateway使用Token验证详解

2024-11-04 技术教程

引入依赖

<dependencyManagement> <dependencies> <dependency> <groupId>org.springframework.cloud</groupId> <artifactId>spring-cloud-dependencies</artifactId> <version>${spring-cloud.version}</version> <type>pom</type> <scope>import</scope> </dependency> </dependencies></dependencyManagement><dependencies> <dependency> <groupId>org.springframework.cloud</groupId> <artifactId>spring-cloud-starter-gateway</artifactId> </dependency></dependencies>

自定义过滤器

可以继承 AbstractGatewayFilterFactory 或实现 GlobalFilter 实现过滤请求功能

GatewayFilter

GatewayFilter 只能指定路径上应用

import org.springframework.cloud.gateway.filter.GatewayFilter;import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory;import org.springframework.http.HttpStatus;import org.springframework.http.server.reactive.ServerHttpResponse;import org.springframework.stereotype.Component;@Componentpublic class AuthGatewayFilterFactory extends AbstractGatewayFilterFactory<AuthGatewayFilterFactory.Config> { public AuthGatewayFilterFactory() { super(Config.class); } @Override public GatewayFilter apply(Config config) { return (exchange, chain) -> { System.out.println("Welcome to AuthFilter."); String token = exchange.getRequest().getHeaders().getFirst("sign"); if (Config.secret.equals(token)) { return chain.filter(exchange); } ServerHttpResponse response = exchange.getResponse(); response.setStatusCode(HttpStatus.UNAUTHORIZED); return response.setComplete(); }; } static class Config { static String secret = "1234"; }}

spring: cloud: gateway: routes: - id: service2_route uri: http://127.0.0.1:8082 predicates: - Path=/s2/** filters: - StripPrefix=1 # 去掉路径的 n 个前缀 - Auth=true # 输入过滤器类的名称前缀

GlobalFilter

GlobalFilter 可以在全局应用

import org.springframework.cloud.gateway.filter.GatewayFilterChain;import org.springframework.cloud.gateway.filter.GlobalFilter;import org.springframework.core.Ordered;import org.springframework.http.HttpStatus;import org.springframework.http.server.reactive.ServerHttpRequest;import org.springframework.http.server.reactive.ServerHttpResponse;import org.springframework.stereotype.Component;import org.springframework.web.server.ServerWebExchange;import reactor.core.publisher.Mono;@Componentpublic class AuthGlobalFilter implements GlobalFilter, Ordered { @Override public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) { System.out.println("Welcome to AuthGlobalFilter."); ServerHttpRequest request = exchange.getRequest(); String sign = request.getHeaders().get("sign").get(0); String token = "1234"; if(token.equals(sign)) { return chain.filter(exchange); } ServerHttpResponse response = exchange.getResponse(); response.setStatusCode(HttpStatus.UNAUTHORIZED); return response.setComplete(); } @Override public int getOrder() { return 0; }}

以上就是本文的全部内容，希望对大家的学习有所帮助，也希望大家多多支持亿速云。