有没有做废品的网站,好的品牌设计网站,商务网站建设的应用,服装公司网站背景图目录 背景步骤1、首先创建springboot项目2、引入依赖3、配置文件#xff01;#xff01;#xff01;#xff01;#xff01;#xff08;超级重要#xff01;#xff01;#xff01;根据自己的需要进行配置#xff09;4、相关类我们在服务中进行的白名单中接口的操作如… 目录 背景步骤1、首先创建springboot项目2、引入依赖3、配置文件超级重要根据自己的需要进行配置4、相关类我们在服务中进行的白名单中接口的操作如下 测试存拿 总结 背景
现在想要进行token校验故引入gateway服务。 首先阅读官网知道概念Gateway官网详解
步骤
1、首先创建springboot项目
看整体的目录结构
2、引入依赖 dependencies!--gateway的依赖--dependencygroupIdorg.springframework.cloud/groupIdartifactIdspring-cloud-starter-gateway/artifactId/dependency!--nacos注册与发现--dependencygroupIdcom.alibaba.cloud/groupIdartifactIdspring-cloud-starter-alibaba-nacos-discovery/artifactId/dependency!--nacos配置中心来做配置管理--dependencygroupIdcom.alibaba.cloud/groupIdartifactIdspring-cloud-starter-alibaba-nacos-config/artifactId/dependencydependencygroupIdcom.tfjybj/groupIdartifactIdfewCode-common-redis/artifactIdversion1.0-SNAPSHOT/version/dependencydependencygroupIdjunit/groupIdartifactIdjunit/artifactId/dependency/dependencies3、配置文件超级重要根据自己的需要进行配置
server:port: 8088servlet:context-path: /apispring:cloud:gateway:discovery:locator:enabled: trueroutes:- id: login_routeuri: lb://fewCode-provider-login#uri: http://localhost:8001/predicates:- Path/login/**,/Curriculum/**,/classes/**filters:- RewritePath/(?segment.*),/$\{segment}
leyou:filter: #需要进行过滤的白名单allowPaths:- /login/checkLogin- /login/user- /login/userLogin- /upload/filetokenExpire: 1440这份配置是用于Spring Cloud Gateway的配置文件用于构建API网关。让我来解释一下每个部分的含义
服务器配置
服务器监听端口为8088。 Servlet的上下文路径设置为/api意味着所有API的端点都将具有这个前缀。 Spring Cloud Gateway配置
服务发现定位器启用这意味着网关将使用服务发现来查找后端服务的路由。在动态的微服务环境中非常有用。 路由路由配置指定了网关如何将传入的请求路由到后端服务。在这里定义了一个路由 id: login_route - 这是该路由的唯一标识符。 uri: lb://fewCode-provider-login - 后端服务的URI用于处理具有负载均衡器lb的请求。服务名为fewCode-provider-login网关将使用服务发现来定位该服务。 predicates: 定义了应用此路由的条件。在这里该路由将用于以/login/“、”/Curriculum/“或”/classes/开头的路径的请求。 filters: 对请求应用的过滤器在将其转发到后端服务之前。在这里使用了一个RewritePath过滤器用于删除路径末尾的斜杠。 自定义配置
leyou这似乎是一些与leyou相关的自定义配置用于特定的过滤逻辑。 filter这是一个允许白名单路径的配置。 allowPaths列出的路径将无需任何额外过滤而被允许。这些路径的请求不会受到任何额外的检查。 tokenExpire设置令牌过期的时间限制以分钟为单位这里设置为1440分钟24小时。 总体而言这份配置将Spring Cloud Gateway配置成将传入的请求路由到名为fewCode-provider-login的后端服务前提是请求路径以/login/“、”/Curriculum/“或”/classes/开头。同时它提供了一个白名单允许无需任何额外过滤的路径。
4、相关类
package com.tfjybj.gateway.config;import com.tfjybj.gateway.filter.AuthorizeFilter;
import com.tfjybj.gateway.filter.RenewFilter;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;Configuration
public class FilterConfig {Beanpublic AuthorizeFilter authGatewayFilter() {//配置拦截器参数//order序号设置拦截器执行顺序AuthGatewayFilter为1return new AuthorizeFilter(0);}Beanpublic RenewFilter renewFilter(){// 续约Tokenreturn new RenewFilter(5);}}
package com.tfjybj.gateway.config;import com.tfjybj.gateway.util.FilterProperties;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;/*** 请求白名单**/
Component
public class IgnorePath {Autowiredprivate FilterProperties filterProperties;public boolean isAllowPath(String path) {//遍历白名单for (String allowPath : filterProperties.getAllowPaths()) {//判断是否允许if(path.startsWith(allowPath)){return true;}}return false;}}
package com.tfjybj.gateway.config;import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.reactive.CorsWebFilter;
import org.springframework.web.cors.reactive.UrlBasedCorsConfigurationSource;Configuration
public class LapCorsConfiguration {Beanpublic CorsWebFilter corsWebFilter(){UrlBasedCorsConfigurationSource source new UrlBasedCorsConfigurationSource();CorsConfiguration corsConfiguration new CorsConfiguration();//1、配置跨域corsConfiguration.addAllowedHeader(*);corsConfiguration.addAllowedMethod(*);corsConfiguration.addAllowedOrigin(*);corsConfiguration.setAllowCredentials(true);source.registerCorsConfiguration(/**,corsConfiguration);return new CorsWebFilter(source);}
}
package com.tfjybj.gateway.filter;import com.alibaba.fastjson.JSON;import com.tfjybj.gateway.config.IgnorePath;
import com.tfjybj.gateway.result.ResultMsgEnum;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.cloud.gateway.filter.GatewayFilterChain;
import org.springframework.cloud.gateway.filter.GlobalFilter;
import org.springframework.core.Ordered;
import org.springframework.core.io.buffer.DataBuffer;
import org.springframework.data.redis.core.StringRedisTemplate;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.http.server.reactive.ServerHttpResponse;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Mono;import java.util.HashMap;public class AuthorizeFilter implements GlobalFilter, Ordered {private static final Logger log LogManager.getLogger();Autowiredprivate StringRedisTemplate redisTemplate;Autowiredprivate IgnorePath ignorePath;private final int order;public AuthorizeFilter(int order) {this.order order;}Overridepublic MonoVoid filter(ServerWebExchange exchange, GatewayFilterChain chain) {ServerHttpRequest request exchange.getRequest();HttpHeaders headers request.getHeaders();//获取请求的url路径String path request.getURI().getPath();boolean flagignorePath.isAllowPath(path);if (flag) {log.info(请求在白名单中metaverse.filter: {},path);return chain.filter(exchange);} else {//获取token值String authorization headers.getFirst(Authorization);log.info(Authorization值{}, authorization);authorization authorization.split(Bearer )[1];//判断redis中是否有tokenBoolean aBoolean redisTemplate.hasKey(fewCode:userinfo: authorization);if (aBoolean){return chain.filter(exchange);}else {//声明变量ServerHttpResponse response exchange.getResponse();HashMap map new HashMap();String resp;DataBuffer bodyDataBuffer;//设置响应头response.setStatusCode(HttpStatus.FORBIDDEN);map.put(code, 403);map.put(message, ResultMsgEnum.AUTH_FAILED.getMsg());resp JSON.toJSONString(map);bodyDataBuffer response.bufferFactory().wrap(resp.getBytes());response.getHeaders().add(Content-Type,application/json;charsetUTF-8);return response.writeWith(Mono.just(bodyDataBuffer));}}}Overridepublic int getOrder() {return this.order;}}
package com.tfjybj.gateway.filter;import com.tfjybj.gateway.config.IgnorePath;
import com.tfjybj.gateway.util.FilterProperties;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.cloud.gateway.filter.GatewayFilterChain;
import org.springframework.cloud.gateway.filter.GlobalFilter;
import org.springframework.core.Ordered;
import org.springframework.data.redis.core.StringRedisTemplate;
import org.springframework.http.HttpHeaders;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Mono;import java.util.concurrent.TimeUnit;/*** token续约的逻辑**/
public class RenewFilter implements GlobalFilter, Ordered {private static final Logger log LogManager.getLogger();private final int order;Autowiredprivate StringRedisTemplate stringRedisTemplate;public RenewFilter(int order) {this.order order;}Autowiredprivate IgnorePath ignorePath;Autowiredprivate FilterProperties filterProperties;Overridepublic int getOrder() {return this.order;}Overridepublic MonoVoid filter(ServerWebExchange exchange, GatewayFilterChain chain) {ServerHttpRequest request exchange.getRequest();HttpHeaders headers request.getHeaders();//获取请求的url路径String path request.getURI().getPath();boolean flagignorePath.isAllowPath(path);if (flag) {log.info(请求在白名单中metaverse.filter: {}, path);return chain.filter(exchange);}//token值String authorization headers.getFirst(Authorization);authorization authorization.split(Bearer )[1];log.info(Authorization值{}, authorization);//TOKEN续活//解析TOKEN//根据uuid,延长用户信息String uuid authorization;String key fewCode:userinfo: uuid;stringRedisTemplate.expire(key, filterProperties.getTokenExpire(), TimeUnit.MINUTES);return chain.filter(exchange);}}
package com.tfjybj.gateway.result;public enum ResultMsgEnum {FIND_SUCCESS(查询成功),FIND_FAIL(查询失败),UPDATE_SUCCESS(更新成功),UPDATE_FAIL(更新失败),DELETE_SUCCESS(删除成功),DELETE_FAIL(删除失败),SEND_SUCCESS(发送成功),SEND_FAIL(发送失败),EXECUTE_SUCCESS(执行成功),EXECUTE_FAIL(执行失败),AUTH_FAILED(权限认证失败),AUTH_SUCCESS(权限认证成功);private final String msg;ResultMsgEnum(String msg) {this.msg msg;}public String getMsg() {return msg;}
}
package com.tfjybj.gateway.util;import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.stereotype.Component;import java.util.List;Component
RefreshScope
ConfigurationProperties(prefix leyou.filter)
public class FilterProperties {public void setAllowPaths(ListString allowPaths) {this.allowPaths allowPaths;}public ListString getAllowPaths() {return allowPaths;}private ListString allowPaths;/*** token过期时间*/private Integer tokenExpire;public Integer getTokenExpire() {return tokenExpire;}public void setTokenExpire(Integer tokenExpire) {this.tokenExpire tokenExpire;}
}
package com.tfjybj.gateway;import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;SpringBootApplication
//EnableDiscoveryClientpublic class GatewayApplication {public static void main(String[] args) {SpringApplication.run(GatewayApplication.class, args);}}
我们在服务中进行的白名单中接口的操作如下
主要是根据传过来的信息生成token然后以键值对的形式存入redis中方便后续通过redis根据token拿人的信息
RestController
RequestMapping(/login)
public class LoginController {Autowiredprivate Actor actorInfo;ApiOperation(学生登录验证)RequestMapping(valuecheckLogin,method RequestMethod.POST)Transactional(rollbackFor Exception.class)public Actor checkLoginInfo(RequestBody Actor actor){return actorInfo.notifyStudentCheckLoginInfo(actor);}
}public Actor notifyStudentCheckLoginInfo(Actor student){Actor actor;for (Actor studentInfo:allStudent){actorstudentInfo.checkLoginInfo(student);if (!ObjectUtils.isEmpty(actor)){//生成UUIDString uuid CreateUUID.createUUID();//存入redissaveRedis(uuid, actor);//生成token封装到请求头putHeader(uuid);return actor;}}return null;}public class CreateUUID {public CreateUUID() {}public static String createUUID() {String preUuid UUID.randomUUID().toString();String newUUID preUuid.replace(-, );return newUUID;}
}private void saveRedis(String uuid, Object userInfo) {//拼接keyuser信息序列化存入redis,过期时间在nacos中设置String key fewCode:userinfo: uuid;String userJson JSONObject.toJSONString(userInfo);redisTemplate.opsForValue().set(key, userJson);redisTemplate.expire(key, 1440, TimeUnit.MINUTES);}private void putHeader(String token) {ServletRequestAttributes sra (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();HttpServletResponse response sra.getResponse();response.setHeader(Authorization, token);}测试
存 将断点打到这里可以观察到我们要请求的服务IP端口号还有url地址如下 相当手动访问 调通后存入redis中如下 拿
然后拿着根据token获取信息 package com.tfjybj.login.service.impl;import com.alibaba.fastjson.JSONObject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.StringRedisTemplate;
import org.springframework.stereotype.Service;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;Service
public class AnalysisTokenService {Autowiredprivate StringRedisTemplate redisTemplate;/*** 获取当前登陆人id** return*/public String getUserId() {JSONObject userData getUserData();return userData.get(id).toString();}/*** 获取用户code** return*/public String getUserAccount() {JSONObject userData getUserData();return userData.get(account).toString();}/*** 获取当前登陆人name** return*/public String getUserName() {JSONObject userData getUserData();return userData.get(name).toString();}public JSONObject getUserData() {//从请求头获取tokenServletRequestAttributes sra (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();String token sra.getRequest().getHeader(Authorization);token token.split(Bearer )[1];//解析tokenJSONObject userJson this.analysisToken(token);return userJson;}public JSONObject analysisToken (String token){//解析tokenString key fewCode:userinfo:token;String userInfoStr redisTemplate.opsForValue().get(key);JSONObject userJson JSONObject.parseObject(userInfoStr);
// String data jsonObject.get(data).toString();
// JSONObject userJson JSONObject.parseObject(data);return userJson;}}
总结
1、搞懂gateway是干嘛的 2、知道配置文件中各个参数是什么
