文章目录
- 前言
- 一、用户服务
- 二、网关服务
- 1. 负载均衡
- 2. 服务调用
- 3. 登录拦截器
- 三、单元测试
- 1. 启动服务
- 2. 用户不存在
- 3. 正常登录
- 总结
前言
在上一章我们使用JWT简单完成了用户认证,【第16章】Spring Cloud之Gateway全局过滤器(安全认证),上一章内容已经太多了,这里单独抽一章出来做个优化,前面的全局过滤器只针对登录接口的用户名密码做了简单校验,这里我们增加网关服务对用户服务的调用,参数检验完成之后我们调用用户服务的用户是否存在接口做判断,
用户存在,则继续执行登录接口,不存在则返回错误信息。
一、用户服务
package org.example.user.controller;
import org.example.common.model.Result;
import org.example.common.util.JwtUtils;
import org.springframework.http.HttpStatus;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
/**
* Create by zjg on 2024/7/21
*/
@RestController
@RequestMapping("/user/")
public class UserController {
List<String> users = List.of("admin");
@RequestMapping("exist")
public Boolean exist(@RequestParam("username") String username){
boolean exist=false;
if(users.contains(username)){
exist=true;
}
return exist;
}
@RequestMapping("login")
public Result<String> login(@RequestParam("username") String username, @RequestParam("password") String password){
String message="用户名/密码不正确";
String admin="admin";
if(admin.equals(username)&&admin.equals(password)){
Map<String, Object> claims=new HashMap<>();
claims.put("username",username);
return new Result<>(HttpStatus.OK.value(), "请求成功",JwtUtils.create(claims));
}
return Result.error(HttpStatus.UNAUTHORIZED.value(), message);
}
}
二、网关服务
登录之前获取用户是否存在
1. 负载均衡
package org.example.gateway;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.cloud.client.discovery.EnableDiscoveryClient;
import org.springframework.cloud.loadbalancer.annotation.LoadBalancerClient;
import org.springframework.cloud.loadbalancer.annotation.LoadBalancerClients;
/**
* Create by zjg on 2024/7/21
*/
@LoadBalancerClients({
@LoadBalancerClient("user-service")
})
@EnableDiscoveryClient
@SpringBootApplication
public class GatewayApplication {
public static void main(String[] args) {
SpringApplication.run(GatewayApplication.class, args);
}
}
2. 服务调用
package org.example.gateway.client;
import jakarta.annotation.Resource;
import org.springframework.stereotype.Service;
import org.springframework.web.reactive.function.client.WebClient;
import reactor.core.publisher.Mono;
/**
* Create by zjg on 2024/7/30
*/
@Service
public class UserService {
@Resource
private WebClient.Builder webClientBuilder;
public Mono<Boolean> exist(String username) {
return webClientBuilder.build().get()
.uri("http://user-service/user/exist?username=" + username).retrieve()
.bodyToMono(Boolean.class);
}
}
3. 登录拦截器
package org.example.gateway.filter;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.example.common.model.Result;
import org.example.common.util.JwtUtils;
import org.example.gateway.client.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.cloud.gateway.filter.GatewayFilterChain;
import org.springframework.cloud.gateway.filter.GlobalFilter;
import org.springframework.core.Ordered;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.http.server.reactive.ServerHttpResponse;
import org.springframework.stereotype.Component;
import org.springframework.util.MultiValueMap;
import org.springframework.util.StringUtils;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Flux;
import reactor.core.publisher.Mono;
import java.util.concurrent.ExecutionException;
/**
* Create by zjg on 2024/7/31
*/
@Component
public class LoginGlobalFilter implements GlobalFilter, Ordered {
@Autowired
UserService userService;
ObjectMapper objectMapper = new ObjectMapper();
@Override
public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
ServerHttpRequest request = exchange.getRequest();
ServerHttpResponse response = exchange.getResponse();
String uri = request.getURI().getPath();
if(uri.equals("/user/login")||uri.equals("/user/login/")){
MultiValueMap<String, String> queryParams = request.getQueryParams();
if(queryParams.containsKey("username")&&queryParams.containsKey("password")){
Mono<Boolean> mono = userService.exist(queryParams.getFirst("username"));
try {
Boolean exist = mono.doOnSuccess((e)->{}).toFuture().get();
if (Boolean.FALSE.equals(exist)) {
response.setStatusCode(HttpStatus.BAD_REQUEST);
Result result = Result.error(HttpStatus.BAD_REQUEST.value(), "登录失败", "用户名不存在!");
return write(response, result);
}
} catch (InterruptedException e) {
throw new RuntimeException(e);
} catch (ExecutionException e) {
throw new RuntimeException(e);
}
return chain.filter(exchange);
}else {
response.setStatusCode(HttpStatus.BAD_REQUEST);
Result result = Result.error(HttpStatus.BAD_REQUEST.value(), "登录失败", "用户名和密码不能为空!");
return write(response,result);
}
}
HttpHeaders headers = request.getHeaders();
String authorization = headers.getFirst("Authorization");
if(Boolean.FALSE.equals(StringUtils.hasText(authorization))||Boolean.FALSE.equals(JwtUtils.verify(authorization.startsWith("Bearer")?authorization.substring(authorization.indexOf("Bearer")+7):authorization))){
response.setStatusCode(HttpStatus.UNAUTHORIZED);
Result result = Result.error(HttpStatus.UNAUTHORIZED.value(), "认证失败", "token验证失败,请重新获取token后重试!");
return write(response,result);
}
request = exchange.getRequest().mutate()
.headers(httpHeaders -> httpHeaders.add("Source-Mark", "Z2F0ZXdheQ==")).build();
return chain.filter(exchange.mutate().request(request).build());
}
public Mono<Void> write(ServerHttpResponse response, Result result) {
try {
response.getHeaders().setContentType(MediaType.APPLICATION_JSON);
return response.writeWith(Flux.just(response.bufferFactory().wrap(objectMapper.writeValueAsBytes(result))));
} catch (JsonProcessingException e) {
return response.setComplete();
}
}
@Override
public int getOrder() {
return -1;
}
}
三、单元测试
1. 启动服务
2. 用户不存在
3. 正常登录
总结
回到顶部
到这里我们就完成了在网关服务中对其他服务的调用和处理,不要走开,后面的内容更精彩!!!
![[Leetcode 215][Medium]-数组中的第K个最大元素-快排/小根堆/堆排序](https://i-blog.csdnimg.cn/direct/3d884cf90a3f4475be8ec284d33d16df.png)
