SpringCloud Gateway网关 全局过滤器[AntPathMatcher 某些路径url禁止访问] 实现用户鉴权

前提:先保证Gateway网关项目 和 Nacos注册中心 等可以正常访问和调用,搭建方法可查看博文

SpringCloud Gateway网关 项目创建 及 整合Nacos开发_spring gateway如何设置工程名称-CSDN博客

类似的全局鉴权方案,参考如下:
SpringCloud Gateway网关 全局过滤器[header token] 实现用户鉴权_gateway添加鉴权过滤器-CSDN博客

核心代码如下:

复制代码
import org.springframework.cloud.gateway.filter.GatewayFilterChain;
import org.springframework.cloud.gateway.filter.GlobalFilter;
import org.springframework.core.Ordered;
import org.springframework.core.io.buffer.DataBuffer;
import org.springframework.core.io.buffer.DataBufferFactory;
import org.springframework.http.HttpStatus;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.http.server.reactive.ServerHttpResponse;
import org.springframework.stereotype.Component;
import org.springframework.util.AntPathMatcher;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Mono;

import java.nio.charset.StandardCharsets;


@Component
public class GlobalAuthFilter implements GlobalFilter, Ordered {

    private AntPathMatcher antPathMatcher = new AntPathMatcher();

    @Override
    public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
        ServerHttpRequest serverHttpRequest = exchange.getRequest();
        String path = serverHttpRequest.getURI().getPath();
        
        // 判断路径中是否包含 system,如果包含system,则不允许访问
        if (antPathMatcher.match("/**/system/**", path)) {

            ServerHttpResponse response = exchange.getResponse();
            response.getHeaders().add("Content-Type", "application/json;charset=UTF-8");
            response.setStatusCode(HttpStatus.FORBIDDEN);
            DataBufferFactory dataBufferFactory = response.bufferFactory();
            DataBuffer dataBuffer = dataBufferFactory.wrap("无权限".getBytes(StandardCharsets.UTF_8));
            return response.writeWith(Mono.just(dataBuffer));

            //设置状态码 未授权401
            //exchange.getResponse().setStatusCode(HttpStatus.UNAUTHORIZED);
            //个人理解,终止输出访问
            //return exchange.getResponse().setComplete();
        }
        return chain.filter(exchange);
    }

    /**
     * 优先级提到最高
     *
     * @return
     */
    @Override
    public int getOrder() {
        return 0;
    }
}
相关推荐
lllsure1 天前
【Docker】镜像
java·spring cloud·docker
波波烤鸭1 天前
深入理解 Gateway 网关:原理、源码解析与最佳实践
java·spring·gateway
DO_Community1 天前
DigitalOcean Kubernetes 现已支持 Gateway API 托管服务
容器·kubernetes·gateway
T_Ghost1 天前
SpringCloud微服务网关Gateway
spring cloud·微服务·gateway
hzzzzzo02 天前
微服务核心组件实战:Nacos 与 Ribbon 的应用
spring cloud·微服务·ribbon·nacos·架构
Gu Gu Study2 天前
Spring运行程序RabbitMQ并没有自动创建队列的问题解决
java·spring cloud·rabbitmq
麦兜*2 天前
Docker 部署 MongoDB:单节点与副本集的最佳实践
java·spring boot·mongodb·spring cloud·docker·容器·maven
曾经的三心草2 天前
springcloud二-Sentinel
spring·spring cloud·sentinel
齐 飞2 天前
Spring Cloud Alibaba快速入门03-OpenFeign进阶用法
spring boot·后端·spring cloud
椰椰椰耶2 天前
[Spring Cloud][3]从零开始简单工程搭建实践详解,远程调用
java·数据库·spring cloud