用户认证和网关整合

service_gateway/pom.xml

@@ -11,6 +11,7 @@
 
     <artifactId>service_gateway</artifactId>
     <dependencies>
+
         <dependency>
             <groupId>org.springframework.cloud</groupId>
             <artifactId>spring-cloud-starter-gateway</artifactId>
@@ -22,6 +23,17 @@
             <artifactId>spring-cloud-starter-alibaba-nacos-discovery</artifactId>
         </dependency>
 
+        <dependency>
+            <groupId>com.atguigu</groupId>
+            <artifactId>service-util</artifactId>
+            <version>0.0.1-SNAPSHOT</version>
+        </dependency>
+        <dependency>
+            <groupId>com.atguigu</groupId>
+            <artifactId>common-util</artifactId>
+            <version>0.0.1-SNAPSHOT</version>
+        </dependency>
+
     </dependencies>
 
 </project>
\ No newline at end of file

service_gateway/src/main/java/com/atguigu/yygh/gateway/filter/AuthGlobalFilter.java

+package com.atguigu.yygh.gateway.filter;
+
+import com.alibaba.fastjson.JSONObject;
+import com.atguigu.yygu.common.helper.JwtHelper;
+import com.atguigu.yygu.common.result.Result;
+import com.atguigu.yygu.common.result.ResultCodeEnum;
+import org.springframework.cloud.gateway.filter.GatewayFilterChain;
+import org.springframework.cloud.gateway.filter.GlobalFilter;
+import org.springframework.core.Ordered;
+import org.springframework.core.io.buffer.DataBuffer;
+import org.springframework.http.server.reactive.ServerHttpRequest;
+import org.springframework.http.server.reactive.ServerHttpResponse;
+import org.springframework.stereotype.Component;
+import org.springframework.util.AntPathMatcher;
+import org.springframework.util.StringUtils;
+import org.springframework.web.server.ServerWebExchange;
+import reactor.core.publisher.Mono;
+
+import java.nio.charset.StandardCharsets;
+import java.util.List;
+
+/**
+ * <p>
+ * 全局Filter，统一处理会员登录与外部不允许访问的服务
+ * </p>
+ *
+ * @author qy
+ * @since 2019-11-21
+ */
+@Component
+public class AuthGlobalFilter implements GlobalFilter, Ordered {
+
+    private AntPathMatcher antPathMatcher = new AntPathMatcher();
+
+    @Override
+    public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
+        ServerHttpRequest request = exchange.getRequest();
+        String path = request.getURI().getPath();   //访问的接口路径
+        System.out.println("==="+path);
+
+        //内部服务接口，不允许外部访问
+        if(antPathMatcher.match("/**/inner/**", path)) {
+            ServerHttpResponse response = exchange.getResponse();
+            return out(response, ResultCodeEnum.PERMISSION);
+        }
+
+        Long userId = this.getUserId(request);
+        //api接口，异步请求，校验用户必须登录
+        if(antPathMatcher.match("/api/**/auth/**", path)) {
+            if(StringUtils.isEmpty(userId)) {
+                ServerHttpResponse response = exchange.getResponse();
+                return out(response, ResultCodeEnum.LOGIN_AUTH);
+            }
+        }
+        return chain.filter(exchange);
+    }
+
+    @Override
+    public int getOrder() {
+        return 0;
+    }
+
+    /**
+     * api接口鉴权失败返回数据
+     * @param response
+     * @return
+     */
+    private Mono<Void> out(ServerHttpResponse response, ResultCodeEnum resultCodeEnum) {
+        Result result = Result.build(null, resultCodeEnum);
+        byte[] bits = JSONObject.toJSONString(result).getBytes(StandardCharsets.UTF_8);
+        DataBuffer buffer = response.bufferFactory().wrap(bits);
+        //指定编码，否则在浏览器中会中文乱码
+        response.getHeaders().add("Content-Type", "application/json;charset=UTF-8");
+        return response.writeWith(Mono.just(buffer));
+    }
+
+    /**
+     * 获取当前登录用户id
+     * @param request
+     * @return
+     */
+    private Long getUserId(ServerHttpRequest request) {
+        String token = "";
+        List<String> tokenList = request.getHeaders().get("token");
+        if(null  != tokenList) {
+            token = tokenList.get(0);
+        }
+        if(!StringUtils.isEmpty(token)) {
+            return JwtHelper.getUserId(token);
+        }
+        return null;
+    }
+}