- 本文springboot版本:
2.0.2.RELEASE
,springcloud版本:Finchley.RC1
项目使用zuul做api网关,需要在zuul中拦截请求,做统一的权限验证。
用户传来token,zuul拦截下来解析出用户信息,添加到本次请求中,后续服务可以直接使用用户信息。
之前试过重写request不行,后来发现可以用context.setRequestQueryParams()
实现。
代码如下:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52
| @Component public class PreRequestAuthFilter extends ZuulFilter { private static final Logger logger = LoggerFactory.getLogger(PreRequestAuthFilter.class);
@Autowired MemCachedClient memCachedClient;
@Override public String filterType() { return FilterConstants.PRE_TYPE; }
@Override public int filterOrder() { return 1; }
@Override public boolean shouldFilter() { return true; }
@Override public Object run() throws ZuulException { RequestContext context = RequestContext.getCurrentContext();
HttpServletRequest request = context.getRequest();
Map<String, List<String>> queryParams = new HashMap<>(); Object obj = memCachedClient.get(request.getParameter("token")); if (null != obj) { JSONObject userJson = JSONObject.parseObject((String) obj); String userId = userJson.getString("userId"); String roleId = userJson.getString("roleId");
List<String> userIdList = new ArrayList<>(); userIdList.add(userId); queryParams.put("userId", userIdList);
List<String> roleIdList = new ArrayList<>(); roleIdList.add(roleId); queryParams.put("roleId", roleIdList);
} context.setRequestQueryParams(queryParams);
return null; } }
|