package com.weheretech.gatewayserver.config;
import com.weheretech.common.core.constants.DataSourceConstants;
import com.weheretech.common.core.constants.SaasConstants;
import com.weheretech.common.core.dto.user.LoginCacheDTO;
import com.weheretech.common.core.exception.ErrorCode;
import com.weheretech.common.core.exception.SaasException;
import com.weheretech.common.core.utils.TenantUtils;
import com.weheretech.middleware.utils.RedisUtils;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.cloud.gateway.filter.GatewayFilterChain;
import org.springframework.cloud.gateway.filter.GlobalFilter;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.http.HttpHeaders;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.util.CollectionUtils;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Mono;
import java.lang.annotation.Annotation;
import java.net.URI;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Objects;
/**
* 權(quán)限過濾器
*/
@Slf4j
@Configuration
public class AuthFilterimplements GlobalFilter, Order {
private final StringCOOKIE ="cookie";
? ? private final StringTOKEN ="token=";
? ? @Autowired
? ? private RedisUtilsredisUtils;
? ? /**
* 過濾器順序
*/
? ? @Override
? ? public int value() {
return 1;
? ? }
/**
* 過濾器主邏輯
*
? ? * @param exchange
? ? * @param chain
? ? * @return
? ? */
? ? @Override
? ? public Monofilter(ServerWebExchange exchange, GatewayFilterChain chain) {
ServerHttpRequest request = exchange.getRequest();
? ? ? ??//請求源地址host
? ??????String host = request.getRemoteAddress().getAddress().getHostAddress();
? ? ? ? log.info("host========? {}", host);
?? ?????//設(shè)置header頭屬性囚衔,注意下方返回處需要返回return chain.filter(exchange.mutate().request(request).build());
? ? ? ? request = request.mutate().header("domain", host).build();
? ? ? ? // 獲取訪問路徑
? ? ? ? String url = ((LinkedHashSet) Objects.requireNonNull(exchange.getAttribute("org.springframework.cloud.gateway.support.ServerWebExchangeUtils.gatewayOriginalRequestUrl")))
.iterator()
.next()
.getPath();
? ? ? ? // 查詢是否在忽略列表中
? ? ? ? if (SaasConstants.WhiteUri.FILTER_URIS.contains(url)) {
return chain.filter(exchange.mutate().request(request).build());
? ? ? ? }
// 檢查用戶header中攜帶的token
? ? ? ? HttpHeaders headers = request.getHeaders();
? ? ? ? List headerValue = headers.get(COOKIE);
? ? ? ? if (CollectionUtils.isEmpty(headerValue)) {
throw new SaasException(ErrorCode.NO_COOKIE);
? ? ? ? }
// 這里拿的cookie是用";"分割的
? ? ? ? String cookieStr = headerValue.get(0);
? ? ? ? String[] cookies = cookieStr.split(";");
? ? ? ? String authorization =null;
? ? ? ? for (String cookie : cookies) {
cookie = cookie.trim();
? ? ? ? ? ? if (cookie.startsWith(TOKEN)) {
authorization = cookie.substring(6);
break;
? ? ? ? ? ? }
}
if (authorization ==null) {
throw new SaasException(ErrorCode.TOKEN_NOT_FOUND);
? ? ? ? }
// 權(quán)限校驗暫時未做
? ? ? ? if(!DataSourceConstants.Name.PLATFORM_DATA_SOURCE.equals(TenantUtils.getDomain())){
LoginCacheDTO loginCacheDTO = (LoginCacheDTO)redisUtils.get(authorization);
? ? ? ? ? ? //判斷權(quán)限
//? ? ? ? ? ? AuthUtils.setCurrentUser(loginCacheDTO);
//? ? ? ? ? ? if(!loginCacheDTO.getUrls().contains(url)){
//? ? ? ? ? ? ? ? throw new SaasException(ErrorCode.UNAUHORIZATION);
//? ? ? ? ? ? }
? ? ? ? }
//? ? ? ? ResponseVo responseVo = authClient.checkApi(new Authorization(authorization, url));
//? ? ? ? if (responseVo.getStatus() != ResponseEnum.SUCCESS.getCode()) {
//? ? ? ? ? ? throw new ResponseException(responseVo);
//? ? ? ? }
// 校驗通過靠益,放行
? ? ? ? return chain.filter(exchange.mutate().request(request).build());
? ? }
@Override
? ? public ClassannotationType() {
return null;
? ? }
}