Zuul搭建
(1)创建网关服务模块cloud-zuul,在pom.xml中引入依赖
<dependencies>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-netflix-eureka-client</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-netflix-zuul</artifactId>
</dependency>
</dependencies>
(2)application.yml配置如下
server:
port: 8002
spring:
application:
name: cloud-zuul
eureka:
client:
serviceUrl:
defaultZone: http://127.0.0.1:6868/eureka/
instance:
prefer-ip-address: true
instance-id: ${spring.cloud.client.ip-address}:${server.port}
status-page-url: http://localhost:8002/eureka//swagger-ui.html
zuul:
routes:
cloud-user:
path: /user/**
serviceId: cloud-user
cloud-patrol:
path: /patrol/**
serviceId: cloud-patrol
#swagger2访问路径配置
cloud-user:
path: /user/**
cloud-patrol:
path: /patrol/**
(3)在启动类中添加@EnableZuulProxy注解开启网关服务
@EnableZuulProxy
@SpringBootApplication
public class CloudZuulApplication {
public static void main(String[] args) {
SpringApplication.run(CloudZuulApplication.class, args);
}
}
(4)分别启动cloud-eureka、cloud-zuul、cloud-user、cloud-patrol服务,访问网址http://localhost:8002/user/1、http://localhost:8002/patrol/1验证网关服务是否搭建成功。
Zuul过滤器
通过Zuul过滤器可以对token进行验证与转发。在网关中由于token已经被验证了一次,头部消息就会变为null,对应服务模块再对其进行取值时是取不到的,此时在Zuul过滤器中对token进行验证的同时还要对token进行转发。
(1)因为要使用到JWT的工具类,需要在cloud-zuul模块的pom.xml中引入公共服务模块cloud-common
<dependency>
<groupId>com.example</groupId>
<artifactId>cloud-common</artifactId>
<version>1.0.0</version>
</dependency>
在application.yml中添加配置
jwt:
config:
key: ghytest
在启动类中配置bean
@EnableZuulProxy
@SpringBootApplication
public class CloudZuulApplication {
public static void main(String[] args) {
SpringApplication.run(CloudZuulApplication.class, args);
}
@Bean
public JwtUtil jwtUtil(){
return new JwtUtil();
}
}
(2)编写过滤器类 PreFilter
/**
* 前置拦截器
*/
@Component
public class PreFilter extends ZuulFilter {
@Autowired
private JwtUtil jwtUtil;
@Override
public String filterType() {//过滤器类型
return "pre";//前置过滤器
}
@Override
public int filterOrder() {
return 0;//优先级,数字越大,优先级越低
}
@Override
public boolean shouldFilter() {
return true;//过滤器开关,true表示开启
}
@Override
public Object run() throws ZuulException {
RequestContext requestContext = RequestContext.getCurrentContext();
HttpServletRequest request = requestContext.getRequest();
if (request.getMethod().equals("OPTIONS")) {
return null;
}
String url = request.getRequestURL().toString();
if (url.indexOf("/login") > 0) {
System.out.println("登陆页面" + url);
return null;
}
String authHeader = (String) request.getHeader("Authorization");//获取头信息
if (authHeader != null && authHeader.startsWith("Bearer ")) {
String token = authHeader.substring(7);
Claims claims = jwtUtil.parseJWT(token);
if (claims != null) {
if ("admin".equals(claims.get("roles"))) {
//token转发
requestContext.addZuulRequestHeader("Authorization", authHeader);
System.out.println("token 验证通过,添加了头信息" + authHeader);
return null;
}
}
}
requestContext.setSendZuulResponse(false);//终止运行(令zuul过滤该请求,不对其进行路由)
requestContext.setResponseStatusCode(401);//http状态码(设置了其返回的错误码)
requestContext.setResponseBody("无权访问");
requestContext.getResponse().setContentType("text/html;charset=UTF‐8");
return null;
}
}
(3)启动服务,验证拦截器是否生效。