From f7b1b518525dd2254efea2931a3dc6b447080f89 Mon Sep 17 00:00:00 2001
From: wangwh <2397901735@qq.com>
Date: Sat, 24 Aug 2024 11:25:37 +0800
Subject: [PATCH] 网关去掉开发配置
---
dyh-gateway/src/main/java/cn/huge/gateway/filter/AuthFilter.java | 132 ++++++++++++++++++--------------------------
1 files changed, 54 insertions(+), 78 deletions(-)
diff --git a/dyh-gateway/src/main/java/cn/huge/gateway/filter/AuthFilter.java b/dyh-gateway/src/main/java/cn/huge/gateway/filter/AuthFilter.java
index f4829ee..4396a41 100644
--- a/dyh-gateway/src/main/java/cn/huge/gateway/filter/AuthFilter.java
+++ b/dyh-gateway/src/main/java/cn/huge/gateway/filter/AuthFilter.java
@@ -1,5 +1,6 @@
package cn.huge.gateway.filter;
+import cn.huge.gateway.utils.ReturnBO;
import cn.huge.gateway.utils.SpringContextUtil;
import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTVerifier;
@@ -46,16 +47,14 @@
@Value("${jwt.secret-key}")
private String secretKey;
+ @Value("${jwt.iss-user}")
+ private String issUser;
+
@Value("${jwt.auth-skip-urls}")
private String[] skipAuthUrls;
@Value("${jwt.blacklist-key.format}")
private String jwtBlacklistKeyFormat;
-
- /**
- * jwt用户
- */
- private static String ISSUSER = "HUGEINFO";
@Override
public int getOrder() {
@@ -70,72 +69,51 @@
*/
@Override
public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
- //开发环境不校验
- if (SpringContextUtil.checkDev()){
- return chain.filter(exchange);
- }else {
- String url = exchange.getRequest().getURI().getPath();
- //跳过不需要验证的路径
- List<String> skipAuthUrlList = Arrays.asList(skipAuthUrls);
- Boolean status = false;
- if (!CollectionUtils.isEmpty(skipAuthUrlList)) {
- for (String skipAuthUrl : skipAuthUrlList) {
- if (url.indexOf(skipAuthUrl) != -1) {
- status = true;
- break;
- }
+ String url = exchange.getRequest().getURI().getPath();
+ //跳过不需要验证的路径
+ List<String> skipAuthUrlList = Arrays.asList(skipAuthUrls);
+ Boolean status = false;
+ if (!CollectionUtils.isEmpty(skipAuthUrlList)) {
+ for (String skipAuthUrl : skipAuthUrlList) {
+ if (url.indexOf(skipAuthUrl) != -1) {
+ status = true;
+ break;
}
}
- if (status) {
- return chain.filter(exchange);
+ }
+ if (status) {
+ return chain.filter(exchange);
+ } else {
+ ReturnBO returnBO = new ReturnBO();
+ //从请求头中取出token
+ String token = exchange.getRequest().getHeaders().getFirst("Authorization");
+ //未携带token或token在黑名单内
+ if (StringUtils.isEmpty(token) || isBlackToken(token)) {
+ ServerHttpResponse originalResponse = exchange.getResponse();
+ originalResponse.setStatusCode(HttpStatus.OK);
+ originalResponse.getHeaders().add("Content-Type", "application/json;charset=UTF-8");
+ returnBO.setCode(401);
+ returnBO.setMsg("您尚未登录,请登录后重试!");
+ byte[] response = returnBO.toString().getBytes(StandardCharsets.UTF_8);
+ DataBuffer buffer = originalResponse.bufferFactory().wrap(response);
+ return originalResponse.writeWith(Flux.just(buffer));
} else {
- // todo 运营中心暂时写死token
- if (url.indexOf("dyh-oper") != -1) {
- String userId = "10001";
+ //取出token包含的身份
+ returnBO = verifyJWT(token);
+ if (returnBO.getCode() != 0) {
+ ServerHttpResponse originalResponse = exchange.getResponse();
+ originalResponse.setStatusCode(HttpStatus.OK);
+ originalResponse.getHeaders().add("Content-Type", "application/json;charset=UTF-8");
+ byte[] response = returnBO.toString().getBytes(StandardCharsets.UTF_8);
+ DataBuffer buffer = originalResponse.bufferFactory().wrap(response);
+ return originalResponse.writeWith(Flux.just(buffer));
+ } else {
+ //将现在的request,添加当前身份
+ String userId = (String) returnBO.getData();
ServerHttpRequest mutableReq = null;
exchange.getRequest().mutate().header("Authorization-userId", userId).build();
ServerWebExchange mutableExchange = exchange.mutate().request(mutableReq).build();
return chain.filter(mutableExchange);
- } else {
- //从请求头中取出token
- String token = exchange.getRequest().getHeaders().getFirst("Authorization");
- //未携带token或token在黑名单内
- if (StringUtils.isEmpty(token) || isBlackToken(token)) {
- ServerHttpResponse originalResponse = exchange.getResponse();
- originalResponse.setStatusCode(HttpStatus.OK);
- originalResponse.getHeaders().add("Content-Type", "application/json;charset=UTF-8");
- byte[] response = "{\"code\": \"401\",\"msg\": \"用户未登录,请进行登录!\"}"
- .getBytes(StandardCharsets.UTF_8);
- DataBuffer buffer = originalResponse.bufferFactory().wrap(response);
- return originalResponse.writeWith(Flux.just(buffer));
- } else {
- //取出token包含的身份
- Map<String, Object> result = verifyJWT(token);
- int code = (int) result.get("code");
- if (code != 0) {
- ServerHttpResponse originalResponse = exchange.getResponse();
- originalResponse.setStatusCode(HttpStatus.OK);
- originalResponse.getHeaders().add("Content-Type", "application/json;charset=UTF-8");
- String responseResult = "{\"code\": \"" + code + "\", \"msg\": \"" + result.get("msg") + "\"}";
- byte[] response = responseResult.getBytes(StandardCharsets.UTF_8);
- DataBuffer buffer = originalResponse.bufferFactory().wrap(response);
- return originalResponse.writeWith(Flux.just(buffer));
- } else {
- //将现在的request,添加当前身份
- String userId = (String) result.get("userId");
- ServerHttpRequest mutableReq = null;
- String custId = (String) result.get("custId");
- if (StringUtils.isNotEmpty(custId)) {
- URI uri = exchange.getRequest().getURI();
- URI newUri = assembleUri(uri, custId);
- exchange.getRequest().mutate().uri(newUri).header("Authorization-userId", userId).header("Authorization-custId", custId).build();
- } else {
- exchange.getRequest().mutate().header("Authorization-userId", userId).build();
- }
- ServerWebExchange mutableExchange = exchange.mutate().request(mutableReq).build();
- return chain.filter(mutableExchange);
- }
- }
}
}
}
@@ -146,35 +124,33 @@
* @param token 授权信息
* @return Map
*/
- private Map<String, Object> verifyJWT(String token){
- Map<String, Object> result = new HashMap<>();
+ private ReturnBO verifyJWT(String token){
+ ReturnBO returnBO = new ReturnBO();
try {
Algorithm algorithm = Algorithm.HMAC256(secretKey);
JWTVerifier verifier = JWT.require(algorithm)
- .withIssuer(ISSUSER)
+ .withIssuer(issUser)
.build();
DecodedJWT jwt = verifier.verify(token);
String userId = jwt.getClaim("userId").asString();
if (userId.isEmpty()){
- result.put("code", 401);
- result.put("msg", "登录用户已失效,请重新登录");
+ returnBO.setCode(401);
+ returnBO.setMsg("您尚未登录,请登录后重试!");
}else{
- result.put("code", 0);
- result.put("userId", userId);
- String custId = jwt.getClaim("custId").asString();
- result.put("custId", custId);
+ returnBO.setCode(0);
+ returnBO.setData(userId);
}
} catch (JWTVerificationException e){
log.error("AuthFilter方法[verifyJWT]调用异常:"+e, e);
if (e.getMessage().indexOf("The Token has expired") != -1){
- result.put("code", 401);
- result.put("msg", "登录用户已失效,请重新登录!");
+ returnBO.setCode(401);
+ returnBO.setMsg("您尚未登录,请登录后重试!");
}else{
- result.put("code", 401);
- result.put("msg", "登录用户已失效,请重新登录");
+ returnBO.setCode(401);
+ returnBO.setMsg("您尚未登录,请登录后重试!");
}
}
- return result;
+ return returnBO;
}
/**
--
Gitblit v1.8.0