后台系统如何获取请求头里的数据
1. 网关层封装数据到head头
@Component
@Slf4j
public class LoginGatewayFilterFactory extends AbstractGatewayFilterFactory {
@Override
public GatewayFilter apply(Object config) {
return (exchange, chain) -> {
// 获取 request
ServerHttpRequest req = exchange.getRequest();
URI uri = req.getURI();
// 日志
log.info(StringUtils.join("【", req.getMethod(), "】", uri.getHost(), ":", uri.getPort(), ", 【path】", uri.getPath()));
// 检查请求 uri 是否需要鉴权
String path = uri.getPath();
if (StringUtils.equalsAny(path, "/sysLogin")) {
return chain.filter(exchange);
}
// 获取请求的 token
HttpHeaders reqHeaders = req.getHeaders();
String token = req.getHeaders().getFirst("token");
if (StringUtils.isBlank(token)) {
return FilterUtil.setParamToResponse(exchange, HttpStatus.UNAUTHORIZED, "请先登录");
}
// 验证 token
JWT jwt = JWTUtil.parseToken(token);
if (jwt == null) {
log.info(StringUtils.join("[token=", token, "]转换为jwt失败"));
return FilterUtil.setParamToResponse(exchange, HttpStatus.UNAUTHORIZED, "令牌未识别");
}
JSONObject json = jwt.getPayloads();
if (json == null || json.isEmpty() || json.isNull("key") || json.isNull(JWTPayload.ISSUED_AT)) {
log.info(StringUtils.join("[token=", token, "]解析异常"));
return FilterUtil.setParamToResponse(exchange, HttpStatus.UNAUTHORIZED, "令牌未识别");
}
String userId = json.get("key", String.class);
if (StringUtils.isBlank(userId)) {
return FilterUtil.setParamToResponse(exchange, HttpStatus.UNAUTHORIZED, "令牌未识别");
}
boolean verify = jwt.setKey(JwtUtils.createKey(userId)).verify();
if (!verify) {
return FilterUtil.setParamToResponse(exchange, HttpStatus.UNAUTHORIZED, "令牌未识别");
}
// 过期时间
long seconds = Instant.now().getEpochSecond() - json.get(JWTPayload.ISSUED_AT, Long.class);
if (seconds < 0) {
return FilterUtil.setParamToResponse(exchange, HttpStatus.UNAUTHORIZED, "令牌未识别");
} else if (seconds >= 1500 && seconds <= 1800) {
// 自动刷新令牌
ServerHttpResponse httpResponse = exchange.getResponse();
HttpHeaders repHeaders = httpResponse.getHeaders();
repHeaders.set("token", JwtUtils.createToken(userId));
} else if (seconds > 1800) {
// 登录超时
return FilterUtil.setParamToResponse(exchange, HttpStatus.UNAUTHORIZED, "登录超时");
}
Consumer<HttpHeaders> headersConsumer = httpHeaders -> {
for (Map.Entry<String, List<String>> entry : reqHeaders.entrySet()) {
httpHeaders.put(entry.getKey(), entry.getValue());
}
httpHeaders.add("userId", userId);
};
return chain.filter(exchange.mutate().request(req.mutate().headers(headersConsumer).build()).build());
};
}
}2. controller层代码实现
@ApiOperation(value = "添加")
@PostMapping("")
public PojoBaseResponse<Boolean> add(@RequestBody @Validated MainRouteDTO vo, @RequestHeader String userId) {
return ResponseUtils.pojo(mainRouteService.add(vo, userId));
}
