@Component
@Slf4j
public class AuthorizeFilter implements GlobalFilter , Ordered {
@Override
public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
ServerHttpRequest request = exchange.getRequest();
ServerHttpResponse response = exchange.getResponse();
//1,判断是不是登录操作,如果是,就直接方行
String uri = request.getURI().getPath();
if(StringUtils.isNotBlank(uri) && uri.contains("/login")){
return chain.filter(exchange);
}
//2,判断是否有token
String token = request.getHeaders().getFirst("token");
if (StringUtils.isBlank(token)){
response.setStatusCode(HttpStatus.UNAUTHORIZED);
return response.setComplete();
}
boolean flag = true;
try {
//判断token是否过期
Claims claims = AppJwtUtil.getClaimsBody(token);
//解析token结果,判断是否为空
int result = AppJwtUtil.verifyToken(claims);
if (result==1 || result==2){
flag=false;
}
} catch (Exception e) {
e.printStackTrace();
flag = false;
}
log.warn("token是否有效{}",flag);
if (flag){
return chain.filter(exchange);
}else {
response.setStatusCode(HttpStatus.UNAUTHORIZED);
return response.setComplete();
}
}
//执行优先级,-1表示最高
@Override
public int getOrder() {
return -1;
}
}