1. 网关请求处理流程

2. 网关过滤器

3. 网关实现登录校验

@Component
// 参数构造器
@RequiredArgsConstructor
public class AuthGlobalFilter implements GlobalFilter, Ordered {private final AuthProperties authProperties;private final JwtTool jwtTool;private final AntPathMatcher antPathMatcher = new AntPathMatcher();@Overridepublic Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {// 1.获取requestServerHttpRequest request = exchange.getRequest();// 2.判断是否需要做登录拦截if(isExclude(request.getPath().toString())) {// 放行return chain.filter(exchange);}// 3.获取tokenList<String> authorization = request.getHeaders().get("authorization");String token = null;if(!CollUtils.isEmpty(authorization)) {token = authorization.get(0);}// 4.校验并解析tokenLong userId = null;try {userId = jwtTool.parseToken(token);} catch (UnauthorizedException e) {// 无效，则拦截ServerHttpResponse response = exchange.getResponse();response.setRawStatusCode(401);// 直接拦截return response.setComplete();}// 5.传递信息,写在请求头中// System.out.println("userId: " + userId);String userInfo = userId.toString();ServerWebExchange swe = exchange.mutate().request(builder -> builder.header("user-info", userInfo)).build();// 6.放行return chain.filter(swe);}public boolean isExclude(String path) {for (String excludePath : authProperties.getExcludePaths()) {if (antPathMatcher.match(excludePath, path)) {return true;}}return false;}@Overridepublic int getOrder() {return 0;}
}

4. 服务拦截器

将微服务连接器写在common模块。

1. 拦截器配置

public class UserInfoInterceptor implements HandlerInterceptor{@Overridepublic boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {// 1.获取 userIdString userId = request.getHeader("user-info");// 2.是否为空if (StrUtil.isNotBlank(userId)) {UserContext.setUser(Long.valueOf(userId));}return true;}@Overridepublic void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {UserContext.removeUser();}
}

2. 注册为Bean
   网关底层不是基于SpringMVC，注入SpringMVC会报错。给MvcConfig注入设置为具有SpringMVC的核心组件DispatcherServlet的类。

// 还要被扫描到
@Configuration
@ConditionalOnClass(DispatcherServlet.class)
public class MvcConfig implements WebMvcConfigurer {@Overridepublic void addInterceptors(InterceptorRegistry registry) {registry.addInterceptor(new UserInfoInterceptor());}
}

3. common模块和微服务不在同一个包下，需要在resources/META-INF/spring.factories下添加文件的路径。

org.springframework.boot.autoconfigure.EnableAutoConfiguration=\com.hmall.common.config.MyBatisConfig,\com.hmall.common.config.MvcConfig,\com.hmall.common.config.JsonConfig

5. OpenFeign传递用户信息

微服务之间的相互调用不会经过网关，因此不会保存用户信息。
使用OpenFeign的拦截器。将用户信息写入请求头中。

public class DefaultFeignConfig {@Beanpublic Logger.Level feignLogLevel() {return Logger.Level.FULL;}@Beanpublic RequestInterceptor userInfoRequestInterceptor() {return new RequestInterceptor() {@Overridepublic void apply(RequestTemplate requestTemplate) {Long userId = UserContext.getUser();if (userId!=null) {requestTemplate.header("user-info", userId.toString());}}};}
}