简单的登录网关-蒲公英云

简单的登录网关

灰太狼 2022-11-22 00:16 196阅读 0赞

import com.alibaba.fastjson.JSON;
import com.hikari.cloud.base.entity.BaseResult;
import com.hikari.cloud.base.entity.ReturnCode;
import com.hikari.cloud.zuul.service.LoginFilterService;
import com.netflix.zuul.ZuulFilter;
import com.netflix.zuul.context.RequestContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
@Component
public class LoginFilter extends ZuulFilter { 
    @Autowired
    LoginFilterService loginFilterService;
    private Logger logger = LoggerFactory.getLogger(this.getClass());
    @Override
    public String filterType() { 
        // 登录校验的过滤级别，肯定是第一层过滤
        return "pre";
    }
    @Override
    public int filterOrder() { 
        // 执行顺序为1，值越小执行顺行越靠前
        return 1;
    }
    @Override
    public boolean shouldFilter() { 
        // 默认此类过滤器时false，不开启的，需要改为true
        return true;
    }
    /**
     * 登录校验过滤器，执行逻辑的方法
     *
     * @return
     */
    @Override
    public Object run() { 
        // 登录校验逻辑
        // 1）获取zuul提供的请求上下文对象（即是请求全部内容）
        RequestContext currentContext = RequestContext.getCurrentContext();
        // 2) 从上下文中获取request对象
        HttpServletRequest request = currentContext.getRequest();
        logger.error(String.format("%s AccessUserNameFilter request to %s", request.getMethod(), request.getRequestURL().toString()));
        //请求url拦截
        if (request.getRequestURL().toString().contains("/login") ||
                request.getRequestURL().toString().contains("/appLogin") ||
                request.getRequestURL().toString().contains("/file/getFile") ||
                request.getRequestURL().toString().contains("/foreign") ||
                request.getRequestURL().toString().contains("/common/file")) return null;
        // 3) 从请求中获取token
        String token = request.getParameter("token");
        // 4) 判断（如果没有token，认为用户还没有登录，返回401状态码）
        logger.error("===token=====" + token);
//        logger.error("===getParameterMap====="+JSON.toJSONString(request.getParameterMap()));
        boolean isValid = loginFilterService.checkToken(token);
        if (!isValid) { 
            currentContext.setSendZuulResponse(false);
            HttpServletResponse response = currentContext.getResponse();
            try { 
                response.setHeader("Content-type", "text/json;charset=UTF-8");
                response.setCharacterEncoding("UTF-8");
                response.setHeader("Access-Control-Allow-Origin", "*");
                response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
                response.setHeader("Access-Control-Max-Age", "3600");
                response.setHeader("Access-Control-Allow-Headers", "x-requested-with");
                response.getWriter().write(JSON.toJSONString(BaseResult.result().setReturnCode(ReturnCode.CODE_1000)));
            } catch (IOException e) { 
                e.printStackTrace();
            }
            logger.error("===========验证未通过=========");
        } else { 
            logger.error("===========验证通过=========");
        }
        // 如果校验通过，可以考虑吧用户信息放入上下文，继续向后执行
        return null;
    }
}