一,zuul作为过滤器实现身份校验
网关连接redis校验令牌
2 3 import com.alibaba.fastjson.JSON; 4 import com.netflix.zuul.ZuulFilter; 5 import com.netflix.zuul.context.RequestContext; 6 import com.netflix.zuul.exception.ZuulException; 7 8 import com.xuecheng.filesystem.framework.model.response.CommonCode; 9 import com.xuecheng.filesystem.framework.model.response.ResponseResult; 10 import com.xuecheng.govern.gateway.service.LoginService; 11 import org.springframework.beans.factory.annotation.Autowired; 12 import org.springframework.stereotype.Component; 13 import org.springframework.util.StringUtils; 14 15 import javax.servlet.http.HttpServletRequest; 16 17 @Component 18 public class LoginFilter extends ZuulFilter { 19 20 @Autowired 21 private LoginService loginService; 22 23 @Override 24 public String filterType() { 25 return "pre"; 26 } 27 28 @Override 29 public int filterOrder() { 30 return 0; 31 } 32 33 @Override 34 public boolean shouldFilter() { 35 return true; 36 } 37 38 /** 39 * 验证登录信息 40 * @return 41 * @throws ZuulException 42 */ 43 @Override 44 public Object run() throws ZuulException { 45 46 RequestContext requestContext = RequestContext.getCurrentContext(); 47 HttpServletRequest request = requestContext.getRequest(); 48 49 //1. 判断cookie中jti是否存在 50 String jti = loginService.getJtiFromCookie(request); 51 if (StringUtils.isEmpty(jti)){ 52 //拒绝访问 53 this.accessRefused(); 54 } 55 56 57 //2. 判断redis中的token是否过期 58 boolean result = loginService.getTokenFromRedis(jti); 59 if (!result){ 60 //过期 61 this.accessRefused(); 62 } 63 64 //3. 判断header中是否存在Authorization 65 String headerValue=loginService.getHeaderInfo(request); 66 if (StringUtils.isEmpty(headerValue)){ 67 this.accessRefused(); 68 } 69 70 return null; 71 } 72 73 private void accessRefused() { 74 75 RequestContext requestContext = RequestContext.getCurrentContext(); 76 //设置拒绝访问 77 requestContext.setSendZuulResponse(false); 78 //设置响应码 79 requestContext.setResponseStatusCode(200); 80 //设置contenttype 81 requestContext.getResponse().setContentType("application/json;charset=utf-8"); 82 //设置响应内容 83 ResponseResult responseResult = new ResponseResult(CommonCode.UNAUTHENTICATED); 84 String jsonString = JSON.toJSONString(responseResult); 85 86 requestContext.setResponseBody(jsonString); 87 } 88 }
service
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.data.redis.core.StringRedisTemplate; import org.springframework.stereotype.Service; import org.springframework.util.StringUtils; import javax.servlet.http.HttpServletRequest; import java.util.Map; @Service public class LoginService { @Autowired private StringRedisTemplate stringRedisTemplate; /** * 从cookie中获取数据 * @param request * @return */ public String getJtiFromCookie(HttpServletRequest request) { Map<String, String> map = CookieUtil.readCookie(request, "uid"); String jti = map.get("uid"); return jti; } /** * 从redis中获取令牌信息是否过期 * @param jti * @return */ public boolean getTokenFromRedis(String jti) { String key = "user_token:"+jti; Long expire = stringRedisTemplate.getExpire(key); return expire>0; } /** * 从header中获取数据 * @param request * @return */ public String getHeaderInfo(HttpServletRequest request) { String headerValue = request.getHeader("Authorization"); if (StringUtils.isEmpty(headerValue)){ return null; } if (!headerValue.startsWith("Bearer ")){ return null; } return headerValue; } }
实现功能
出现的问题:客户端不同,cookie不同
postman
和浏览器保存的令牌不同
