28.项目搭建网关

项目搭建网关

一、项目架构

二、创建模块，引入依赖，创建启动类，添加application.yml配置文件

2.1依赖

<dependencies>
    <dependency>
        <groupId>org.springframework.cloud</groupId>
        <artifactId>spring-cloud-starter-gateway</artifactId>
    </dependency>

    <dependency>
        <groupId>com.alibaba.cloud</groupId>
        <artifactId>spring-cloud-starter-alibaba-nacos-discovery</artifactId>
    </dependency>

    <!-- 监控检查-->
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-actuator</artifactId>
    </dependency>

    <!-- nacos配置中心依赖支持
    <dependency>
        <groupId>com.alibaba.cloud</groupId>
        <artifactId>spring-cloud-starter-alibaba-nacos-config</artifactId>
    </dependency>
    -->
    <dependency>
        <groupId>com.itheima</groupId>
        <artifactId>tanhua-commons</artifactId>
        <version>1.0-SNAPSHOT</version>
    </dependency>
</dependencies>

2.2启动类

@SpringBootApplication
public class GatewayApplication {

    public static void main(String[] args) {
        SpringApplication.run(GatewayApplication.class, args);
    }
}

3.跨域问题配置类

package com.itheima.gateway.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.reactive.CorsWebFilter;
import org.springframework.web.cors.reactive.UrlBasedCorsConfigurationSource;
import org.springframework.web.util.pattern.PathPatternParser;

/**
 * 跨域支持
 */
@Configuration
public class CorsConfig {

    @Bean
    public CorsWebFilter corsFilter() {
        CorsConfiguration config = new CorsConfiguration();
        config.addAllowedMethod("*");
        config.addAllowedOrigin("*");
        config.addAllowedHeader("*");
        UrlBasedCorsConfigurationSource source =
                new UrlBasedCorsConfigurationSource(new PathPatternParser());
        source.registerCorsConfiguration("/**", config);
        return new CorsWebFilter(source);
    }
}

2.4application.yml配置文件

server:
  port: 10010
spring:
  profiles:
    active: prod
  application:
    name: tanhua-gateway
  cloud:
    nacos:
      discovery:
        server-addr: 192.168.136.160:8848
    gateway:
      globalcors:
        add-to-simple-url-handler-mapping: true
        corsConfigurations:
          '[/**]':
            allowedHeaders: "*"
            allowedOrigins: "*"
            allowedMethods:
              - GET
              - POST
              - DELETE
              - PUT
              - OPTION
      routes:
        # 探花系统
        - id: tanhua-app-server
          uri: lb://tanhua-app-server
          predicates:
            - Path=/app/**
          filters:
            - StripPrefix= 1
        # 后台系统
        - id: tanhua-admin
          uri: lb://tanhua-admin
          predicates:
            - Path=/admin/**
          filters:
            - StripPrefix= 1
gateway:
  excludedUrls: /user/login,/user/loginVerification,/system/users/verification,/system/users/login

三、统一鉴权

在网关内部可以通过过滤器完成统一鉴权，限流，日志记录等操作

1.定义一个类实现GlobalFilter、Ordered这俩个接口；重写里面的方法

filter：过滤器核心业务

getOrder：执行顺序

package com.tanhua.gateway.filter;

import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.tanhua.commons.utils.JwtUtils;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.cloud.gateway.filter.GatewayFilterChain;
import org.springframework.cloud.gateway.filter.GlobalFilter;
import org.springframework.core.Ordered;
import org.springframework.core.io.buffer.DataBuffer;
import org.springframework.http.HttpStatus;
import org.springframework.http.server.reactive.ServerHttpResponse;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Mono;

import java.util.HashMap;
import java.util.List;
import java.util.Map;

/**
 * 全局过滤器
 * 1.定义一个类实现GlobalFilter接口,Orderd借口
 * 2.重写方法
 */
@Component
public class AuthFilter implements GlobalFilter, Ordered {


    //1.定义不需要处理token的请求，例如获取手机验证码，登录等；用list集合装起来
    @Value("${gateway.excludedUrls}")
    List<String> excludeUrls;

    @Override
    public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {

        //1.排除掉不需要校验的请求路径
        //获取当前请求路径
        String currentPath = exchange.getRequest().getURI().getPath();
        if(excludeUrls.contains(currentPath)){
            //放行，不需要校验
            return chain.filter(exchange);
        }
        //2.获取token并校验
        String token = exchange.getRequest().getHeaders().getFirst("Authorization");

        if(!StringUtils.isEmpty(token)){
           token  =  token.replaceAll("Bearer ", "");
        }

        boolean result = JwtUtils.verifyToken(token);

        if(!result){
            //3.校验失败，响应错误状态码
            Map<String, Object> responseData = new HashMap<>();
            responseData.put("errCode", 401);
            responseData.put("errMessage", "用户未登录");
            return responseError(exchange.getResponse(),responseData);
        }

        //放行
        return chain.filter(exchange);
    }



    //响应错误数据
    private Mono<Void> responseError(ServerHttpResponse response, Map<String, Object> responseData){
        // 将信息转换为 JSON
        ObjectMapper objectMapper = new ObjectMapper();
        byte[] data = new byte[0];
        try {
            data = objectMapper.writeValueAsBytes(responseData);
        } catch (JsonProcessingException e) {
            e.printStackTrace();
        }
        // 输出错误信息到页面
        DataBuffer buffer = response.bufferFactory().wrap(data);
        response.setStatusCode(HttpStatus.UNAUTHORIZED);
        response.getHeaders().add("Content-Type", "application/json;charset=UTF-8");
        return response.writeWith(Mono.just(buffer));
    }


    /**
     * 设置过滤器的执行顺序
     * @return
     */
    public int getOrder() {
        return Ordered.LOWEST_PRECEDENCE;
    }
}

四、nacos配置管理

将配置交给Nacos管理的步骤

①在Nacos中添加配置文件

②在微服务中引入nacos的config依赖

③在微服务中添加bootstrap.yml，配置nacos地址、当前环境、服务名称、文件后缀名。这些决定了程序启动时去nacos读取哪个文件

bootstrap.yml文件，这个文件是引导文件，优先级高于application.yml

1.引入Nacos的配置管理客户端依赖

<dependency>
    <groupId>com.alibaba.cloudgroupId>
    <artifactId>spring-cloud-starter-alibaba-nacos-configartifactId>
dependency>

2、在resource目录添加一个bootstrap.yml文件，这个文件是引导文件，优先级高于application.yml

spring:
  profiles:
    active: prod  #多环境配置，开发、测试、生产
  application:
    name: tanhua-gateway
  cloud:
    nacos:
      discovery:   #服务注册发现
        server-addr: 192.168.1.8:8848
      config:     #配置管理
        server-addr: 192.168.1.8:8848
        file-extension: yml

3.然后在nacos管理页面添加配置，项目启动的时候会读取bootstrap.yml找到nacos地址，完成服务注册；以及会拉取配置

server:
  port: 10010
spring:
  cloud:
    gateway:
      globalcors:
        add-to-simple-url-handler-mapping: true
        corsConfigurations:
          '[/**]':
            allowedHeaders: "*"
            allowedOrigins: "*"
            allowedMethods:
              - GET
              - POST
              - DELETE
              - PUT
              - OPTION
      routes:
        # 用户微服务
        - id: tanhua-app-server
          uri: lb://tanhua-app-server
          predicates:
            - Path=/app/**
          filters:
            - StripPrefix= 1
        # 文章微服务
        - id: tanhua-admin
          uri: lb://tanhua-admin
          predicates:
            - Path=/admin/**
          filters:
            - StripPrefix= 1
gateway:
  excludedUrls: /user/login,/user/loginVerification,/system/users/verification,/system/users/login

   - StripPrefix= 1
    # 文章微服务
    - id: tanhua-admin
      uri: lb://tanhua-admin
      predicates:
        - Path=/admin/**
      filters:
        - StripPrefix= 1

gateway:
excludedUrls: /user/login,/user/loginVerification,/system/users/verification,/system/users/login