隨着spring cloud版本的更新,現現在Spring cloud gateway已經替代zuul來實現路由轉發,攔截的功能了。java
使用方法,只有實現GlobalFilter便可,由於業務須要,攔截全部通過api gateway的api,並驗證其token是否合法,而後進行返回401或者繼續轉發到其餘的微服務,但須要將token解析並將解析出的user放到header中轉發下去。spring
使用方式:api
@Component public class AuthSignatureFilter implements GlobalFilter, Ordered { static Logger logger = LoggerFactory.getLogger(AuthSignatureFilter.class); /** * 全局過濾器 核心方法 * @param exchange * @param chain * @return */ @Override public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) { logger.info("request = {}",JSONArray.toJSONString( exchange.getRequest()) ); String token = exchange.getRequest().getQueryParams().getFirst("Authroization"); if (token == null||token.isEmpty()){ //若是token不合法,直接返回401 exchange.getResponse().setStatusCode(HttpStatus.UNAUTHORIZED); return exchange.getResponse().setComplete(); } //向headers中放文件,記得build ServerHttpRequest request = exchange.getRequest().mutate().header("X-User", "guanguan").build(); //將如今的request 變成 exchange對象 return chain.filter(exchange.mutate().request(request).build()); } @Override public int getOrder() { return -200; //數字越低優先級越高 } }