zuul 不仅只是路由,可以自定义过滤器来实现服务验证。
实现案例:自定义过滤器,校验头部是否带有 token,如果 token=drunck 通过校验, 若不存在或者不为 drunck 则返回提示 tonken 错误。
拓展:一般情况下,可以采用 JWT 规范来做 token 的校验 JWT:https://jwt.io/
1、自定义过滤器
package com.drunck.education.custom;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.util.ReflectionUtils;
import com.netflix.zuul.ZuulFilter;
import com.netflix.zuul.context.RequestContext;
public class CustomPreFilter extends ZuulFilter {
@Override
public String filterType() {
}
@Override
public int filterOrder() {
return 1;
}
@Override
public boolean shouldFilter() {
return true;
}
@Override
public Object run() {
RequestContext ctx = RequestContext.getCurrentContext(); HttpServletRequest request = ctx.getRequest();
String token = request.getHeader("token");
if (!"drunck".equals(token)) {
HttpServletResponse response = ctx.getResponse();
try {
PrintWriter writer = response.getWriter(); writer.println("token is error");
writer.close();
} catch (IOException e) { ReflectionUtils.rethrowRuntimeException(e);
}
}
System.out.println("请求路径为:" + request.getRequestURI()); return null;
}
}
2、注册自定义的过滤器
@Bean public CustomPreFilter sessionPreFilter() {
return new CustomPreFilter();
}
3、测试,使用 post man
访问:http://localhost:9876/spring-cloud-provider/api/user/1