Spring Cloud Gateway使用Token验证详解

<dependencymanagement>

   <dependencies>

     <dependency>

       <groupid>org.springframework.cloud</groupid>

       <artifactid>spring-cloud-dependencies</artifactid>

       <version>${spring-cloud.version}</version>

       <type>pom</type>

       <scope> import </scope>

     </dependency>

   </dependencies>

</dependencymanagement>

<dependencies>

   <dependency>

     <groupid>org.springframework.cloud</groupid>

     <artifactid>spring-cloud-starter-gateway</artifactid>

   </dependency>

</dependencies>

import org.springframework.cloud.gateway.filter.gatewayfilter;

import org.springframework.cloud.gateway.filter.factory.abstractgatewayfilterfactory;

import org.springframework.http.httpstatus;

import org.springframework.http.server.reactive.serverhttpresponse;

import org.springframework.stereotype测试数据ponent;

@component

public class authgatewayfilterfactory extends abstractgatewayfilterfactory<authgatewayfilterfactory.config> {

   public authgatewayfilterfactory() {

     super (config. class );

   }

   @override

   public gatewayfilter apply(config config) {

     return (exchange, chain) -> {

       system.out.println( "welcome to authfilter." );

       string token = exchange.getrequest().getheaders().getfirst( "sign" );

       if (config.secret.equals(token)) {

         return chain.filter(exchange);

       }

       serverhttpresponse response = exchange.getresponse();

       response.setstatuscode(httpstatus.unauthorized);

       return response.setcomplete();

     };

   }

   static class config {

     static string secret = "1234" ;

   }

}

spring:

  cloud:

   gateway:

    routes:

    - id: service2_route

     uri: http: //127.0.0.1:8082

     predicates:

     - path=/s2/**

     filters:

     - stripprefix= 1 # 去掉路径的 n 个前缀

     - auth= true # 输入过滤器类的名称前缀

import org.springframework.cloud.gateway.filter.gatewayfilterchain;

import org.springframework.cloud.gateway.filter.globalfilter;

import org.springframework.core.ordered;

import org.springframework.http.httpstatus;

import org.springframework.http.server.reactive.serverhttprequest;

import org.springframework.http.server.reactive.serverhttpresponse;

import org.springframework.stereotype测试数据ponent;

import org.springframework.web.server.serverwebexchange;

import reactor.core.publisher.mono;

@component

public class authglobalfilter implements globalfilter, ordered {

   @override

   public mono< void > filter(serverwebexchange exchange, gatewayfilterchain chain) {

     system.out.println( "welcome to authglobalfilter." );

     serverhttprequest request = exchange.getrequest();

     string sign = request.getheaders().get( "sign" ).get( 0 );

     string token = "1234" ;

     if (token.equals(sign)) {

       return chain.filter(exchange);

     }

     serverhttpresponse response = exchange.getresponse();

     response.setstatuscode(httpstatus.unauthorized);

     return response.setcomplete();

   }

   @override

   public int getorder() {

     return 0 ;

   }

}