| | |
|---|
| | | import io.jsonwebtoken.Claims; |
|---|
| | | import reactor.core.publisher.Mono; |
|---|
| | | |
|---|
| | | import javax.annotation.Resource; |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * 网关鉴权 |
|---|
| | | * |
|---|
| | |
|---|
| | | @Autowired |
|---|
| | | private IgnoreWhiteProperties ignoreWhite; |
|---|
| | | |
|---|
| | | @Autowired |
|---|
| | | @Resource |
|---|
| | | private RedisService redisService; |
|---|
| | | |
|---|
| | | |
|---|
| | |
|---|
| | | ServerHttpRequest.Builder mutate = request.mutate(); |
|---|
| | | |
|---|
| | | String url = request.getURI().getPath(); |
|---|
| | | log.info("requestUrl---"+url); |
|---|
| | | // 跳过不需要验证的路径 |
|---|
| | | if (StringUtils.matches(url, ignoreWhite.getWhites())) |
|---|
| | | { |
|---|
| | | return chain.filter(exchange); |
|---|
| | | } |
|---|
| | | String token = getToken(request); |
|---|
| | | log.info("requestToken---"+token); |
|---|
| | | if (StringUtils.isEmpty(token)) |
|---|
| | | { |
|---|
| | | return unauthorizedResponse(exchange, "令牌不能为空"); |
|---|
| | | return unauthorizedResponse(exchange, "需要先登录才能使用该功能"); |
|---|
| | | } |
|---|
| | | Claims claims = JwtUtils.parseToken(token); |
|---|
| | | if (claims == null) |
|---|
| | | { |
|---|
| | | return unauthorizedResponse(exchange, "令牌已过期或验证不正确!"); |
|---|
| | | return unauthorizedResponse(exchange, "需要先登录才能使用该功能!"); |
|---|
| | | } |
|---|
| | | String userkey = JwtUtils.getUserKey(claims); |
|---|
| | | boolean islogin = redisService.hasKey(getTokenKey(userkey)); |
|---|
| | |
|---|
| | | String username = JwtUtils.getUserName(claims); |
|---|
| | | if (StringUtils.isEmpty(userid) || StringUtils.isEmpty(username)) |
|---|
| | | { |
|---|
| | | return unauthorizedResponse(exchange, "令牌验证失败"); |
|---|
| | | return unauthorizedResponse(exchange, "登录验证失败"); |
|---|
| | | } |
|---|
| | | |
|---|
| | | // 设置用户信息到请求 |
|---|
