网关配置类,拦截和解析token


@Component
@Slf4j
public class AuthorizeFilter implements GlobalFilter , Ordered {
    @Override
    public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
        ServerHttpRequest request = exchange.getRequest();
        ServerHttpResponse response = exchange.getResponse();

        //1,判断是不是登录操作,如果是,就直接方行
        String uri = request.getURI().getPath();
        if(StringUtils.isNotBlank(uri) && uri.contains("/login")){
            return chain.filter(exchange);
        }

        //2,判断是否有token
        String token = request.getHeaders().getFirst("token");
        if (StringUtils.isBlank(token)){
            response.setStatusCode(HttpStatus.UNAUTHORIZED);
            return response.setComplete();
        }

        boolean flag = true;
        try {
            //判断token是否过期
            Claims claims = AppJwtUtil.getClaimsBody(token);
            //解析token结果,判断是否为空
            int result = AppJwtUtil.verifyToken(claims);
            if (result==1 || result==2){
                flag=false;
            }
        } catch (Exception e) {
            e.printStackTrace();
           flag = false;
        }
        log.warn("token是否有效{}",flag);

        if (flag){

            return chain.filter(exchange);
        }else {
            response.setStatusCode(HttpStatus.UNAUTHORIZED);
            return response.setComplete();
        }
    }

    //执行优先级,-1表示最高
    @Override
    public int getOrder() {
        return -1;
    }
}

posted @ 2023-09-20 11:13 liyongliang的博客阅读(26) 评论(0) 收藏举报

刷新页面返回顶部

liyongliangs

网关配置类,拦截和解析token

公告