一、核心概念
- Route(路由):网关的基本构建块,包含 ID、目标 URI、Predicate、Filter
- Predicate(断言):匹配请求条件(路径、Header、参数等)
- Filter(过滤器):对请求进行前置/后置处理(鉴权、限流、日志等)
二、快速搭建
<!-- pom.xml -->
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-gateway</artifactId>
</dependency>
# application.yml
server:
port: 8080
spring:
application:
name: api-gateway
cloud:
gateway:
routes:
- id: user-service
uri: lb://user-service
predicates:
- Path=/api/users/**
filters:
- StripPrefix=1
- id: order-service
uri: lb://order-service
predicates:
- Path=/api/orders/**
filters:
- StripPrefix=1
discovery:
locator:
enabled: true # 自动发现服务三、自定义全局过滤器(JWT 鉴权)
@Component
public class AuthGlobalFilter implements GlobalFilter, Ordered {
@Override
public Mono<Void> filter(ServerWebExchange exchange,
GatewayFilterChain chain) {
String path = exchange.getRequest().getPath().value();
// 白名单路径跳过鉴权
if (path.startsWith("/api/auth/login") ||
path.startsWith("/api/auth/register")) {
return chain.filter(exchange);
}
String token = exchange.getRequest()
.getHeaders().getFirst("Authorization");
if (token == null || !token.startsWith("Bearer ")) {
exchange.getResponse().setStatusCode(HttpStatus.UNAUTHORIZED);
return exchange.getResponse().setComplete();
}
// 验证 JWT(简化示例)
try {
String jwt = token.substring(7);
Claims claims = Jwts.parser()
.setSigningKey("secret-key").parseClaimsJws(jwt).getBody();
String userId = claims.getSubject();
ServerHttpRequest request = exchange.getRequest()
.mutate().header("X-User-Id", userId).build();
return chain.filter(exchange.mutate().request(request).build());
} catch (Exception e) {
exchange.getResponse().setStatusCode(HttpStatus.UNAUTHORIZED);
return exchange.getResponse().setComplete();
}
}
@Override
public int getOrder() { return -100; }
}四、自定义 GatewayFilter(限流)
@Component
public class RateLimitFilter implements GatewayFilter, Ordered {
private final RateLimiter rateLimiter = RateLimiter.create(100);
@Override
public Mono<Void> filter(ServerWebExchange exchange,
GatewayFilterChain chain) {
if (!rateLimiter.tryAcquire()) {
exchange.getResponse().setStatusCode(HttpStatus.TOO_MANY_REQUESTS);
return exchange.getResponse().setComplete();
}
return chain.filter(exchange);
}
@Override
public int getOrder() { return 0; }
}
# 在路由中使用自定义过滤器
spring.cloud.gateway.routes[0].filters:
- name: RateLimit
args:
redis-rate-limiter.replenishRate: 10
redis-rate-limiter.burstCapacity: 20五、跨域配置
@Configuration
public class CorsConfig {
@Bean
public CorsWebFilter corsWebFilter() {
CorsConfiguration config = new CorsConfiguration();
config.addAllowedOrigin("*");
config.addAllowedHeader("*");
config.addAllowedMethod("*");
config.setAllowCredentials(true);
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**", config);
return new CorsWebFilter(source);
}
}六、网关 vs Nginx
# Nginx:反向代理 + 负载均衡
# 适合:静态资源、SSL 终止、四层/七层负载均衡
# Spring Cloud Gateway:业务网关
# 适合:动态路由、JWT 鉴权、限流、熔断、灰度发布
# 生产推荐:Nginx(前置)+ Gateway(后置)
# 请求链路:Client → Nginx → Gateway → Microservice