Gateway
统一网关GateWay
- 实现身份认证和权限校验
- 服务路由、负载均衡
- 请求限流
Mavne依赖
- 引入Nacos服务发现依赖
<!-- nacos服务发现依赖-->
<dependency>
<groupId>com.alibaba.cloud</groupId>
<artifactId>spring-cloud-starter-alibaba-nacos-discovery</artifactId>
</dependency>
- gateway服务依赖
<!-- 网关gateway依赖-->
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-gateway</artifactId>
</dependency>
配置文件
server:
port: 10010
spring:
application:
name: gateway
cloud:
nacos:
server-addr: localhost:9998 # Nacos地址
gateway:
routes:
- id: user-service # 路由标识,必须唯一
uri: lb://userservice # 负载均衡,路由的目标地址
predicates: # 路由断言 判断请求是否符合规则
- Path=/user/** # 判断路径是是否以/user开头
- id: order-service
uri: lb://orderservice
predicates:
- Path=/order/**
直接通过网关进行访问
Route Predicate Factories
- The After Route Predicate Factory
再次访问直接404
GatewayFilter
GatewayFilter是网关中提供的一种过滤器,可以对进入网关的请求和微服务返回的响应做处理
添加请求头信息(局部过滤器)
服务端处理代码
/**
* 路径: /user/110
*
* @param id 用户id
* @return 用户
*/
@GetMapping("/{id}")
public User queryById(@PathVariable("id") Long id, @RequestHeader(value = "Truth",required = false) String truth) {
log.info("truth: " + truth);
return userService.queryById(id);
}
控制台接收信息
全局过滤器
GlobalFilter
前面介绍到的Filter工厂的逻辑都是Spring写死的,而GlobalFilter的逻辑需要自己写代码实现
package cn.pickle.gateway;
import org.springframework.cloud.gateway.filter.GatewayFilterChain;
import org.springframework.cloud.gateway.filter.GlobalFilter;
import org.springframework.core.Ordered;
import org.springframework.core.annotation.Order;
import org.springframework.http.HttpStatus;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.stereotype.Component;
import org.springframework.util.MultiValueMap;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Mono;
/**
* @author Pickle
* @version V1.0
* @date 2022/12/11 14:52
*/
//order 规定过滤器的执行顺序,值越小优先级越高
@Order(value = -1)
@Component
public class AuthorizeFilter implements GlobalFilter {
@Override
public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
//1. Get request parameters
final ServerHttpRequest request = exchange.getRequest();
final MultiValueMap<String, String> params = request.getQueryParams();
//2. Get the Authorization in the request parameter
final String auth = params.getFirst("authorization");
//3. Determine whether the parameter value is equal to admin
if("admin".equals(auth)){
//4. true -- let go
return chain.filter(exchange);
}
//5. false -- intercept
//5.1 set status code 401
exchange.getResponse().setStatusCode(HttpStatus.UNAUTHORIZED);
return exchange.getResponse().setComplete();
}
}
其中优先级还可以通过实现Ordered中的getOrder方法实现
package cn.pickle.gateway;
import org.springframework.cloud.gateway.filter.GatewayFilterChain;
import org.springframework.cloud.gateway.filter.GlobalFilter;
import org.springframework.core.Ordered;
import org.springframework.core.annotation.Order;
import org.springframework.http.HttpStatus;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.stereotype.Component;
import org.springframework.util.MultiValueMap;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Mono;
/**
* @author Pickle
* @version V1.0
* @date 2022/12/11 14:52
*/
//order 规定过滤器的执行顺序,值越小优先级越高
//@Order(value = -1)
@Component
public class AuthorizeFilter implements GlobalFilter, Ordered{
@Override
public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
//1. Get request parameters
final ServerHttpRequest request = exchange.getRequest();
final MultiValueMap<String, String> params = request.getQueryParams();
//2. Get the Authorization in the request parameter
final String auth = params.getFirst("authorization");
//3. Determine whether the parameter value is equal to admin
if("admin".equals(auth)){
//4. true -- let go
return chain.filter(exchange);
}
//5. false -- intercept
//5.1 set status code 401
exchange.getResponse().setStatusCode(HttpStatus.UNAUTHORIZED);
return exchange.getResponse().setComplete();
}
@Override
public int getOrder() {
return -1;
}
}
测试访问
过滤器的执行顺序
当过滤器的Order值相等时,会按照defaultFilter > 路由过滤器 > GlobalFilter的顺序执行
CORS(Cross-origin resource sharing)跨域配置
支持CORS请求的浏览器一旦发现ajax请求跨域,会对请求做一些特殊处理,对于已经实现CORS接口的服务端,接受请求,并做出回应。
有一种情况比较特殊,如果我们发送的跨域请求为“非简单请求”,浏览器会在发出此请求之前首先发送一个请求类型为OPTIONS的“预检请求”,验证请求源是否为服务端允许源,这些对于开发这来说是感觉不到的,由浏览器代理。
globalcors: # 全局的跨域处理
add-to-simple-url-handler-mapping: true # 解决options请求被拦截问题
corsConfigurations:
'[/**]':
allowedOrigins: # 允许哪些网站的跨域请求
- "http://localhost:5500"
- "http://www.pickle.com"
allowedMethods: # 允许的跨域ajax的请求方式
- "GET"
- "POST"
- "DELETE"
- "PUT"
- "OPTIONS"
allowedHeaders: "*" # 允许在请求中携带的头信息
allowCredentials: true # 是否允许携带cookie
maxAge: 360000 # 这次跨域检测的有效期
配置之前
配置之后
浙公网安备 33010602011771号