From a2de8f77f3dfc5c279cb64982f7607cc00837e36 Mon Sep 17 00:00:00 2001 From: weiyachao <13526234727@126.com> Date: Fri, 22 Sep 2023 10:34:20 +0800 Subject: [PATCH 1/3] getway-2 --- .../qiuguo/iot/gateway/filter/AuthFilter.java | 1 + .../src/main/resources/bootstrap-dev.yml | 68 ++++++++++++++----- 2 files changed, 53 insertions(+), 16 deletions(-) diff --git a/iot-gateway/src/main/java/com/qiuguo/iot/gateway/filter/AuthFilter.java b/iot-gateway/src/main/java/com/qiuguo/iot/gateway/filter/AuthFilter.java index bfcb409..3e68290 100644 --- a/iot-gateway/src/main/java/com/qiuguo/iot/gateway/filter/AuthFilter.java +++ b/iot-gateway/src/main/java/com/qiuguo/iot/gateway/filter/AuthFilter.java @@ -37,6 +37,7 @@ public class AuthFilter implements GlobalFilter, Ordered { public Mono filter(ServerWebExchange exchange, GatewayFilterChain chain) { ServerHttpRequest request = exchange.getRequest(); String url = request.getPath().toString(); + System.out.println("url = " + url); return chain.filter(exchange); // if (xssProperties.getExcludeUrls().contains(url)) { // return chain.filter(exchange); diff --git a/iot-gateway/src/main/resources/bootstrap-dev.yml b/iot-gateway/src/main/resources/bootstrap-dev.yml index 6369bfa..3277ad8 100644 --- a/iot-gateway/src/main/resources/bootstrap-dev.yml +++ b/iot-gateway/src/main/resources/bootstrap-dev.yml @@ -1,4 +1,9 @@ spring: + redis: + host: 192.168.8.146 + port: 32030 + password: 123456 + timeout: 5000 cloud: # config: # # 如果本地配置优先级高,那么 override-none 设置为 true,包括系统环境变量、本地配置文件等配置 @@ -19,19 +24,50 @@ spring: # 共享配置 shared-configs: - application-${spring.profiles.active}.${spring.cloud.nacos.config.file-extension} - redis: - # cluster: - # nodes: - # - 127.0.0.1:7001 - # - 127.0.0.1:7002 - host: 192.168.8.146 - port: 32030 - password: 123456 - timeout: 5000 - gateway: - routes: - - id: qiuguo-iot-box-user-api - uri: http://192.168.8.199:8080 - predicates: - - Path=/iot-user/** - order: 1 \ No newline at end of file + gateway: + discovery: + locator: + # 开启服务发现 + enabled: true + # 忽略注册中心服务的大小写 + lower-case-service-id: true + globalcors: + corsConfigurations: + '[/**]': + # 允许携带认证信息 + allow-credentials: true + # 允许跨域的源(网站域名/ip),设置*为全部 + allowedOriginPatterns: "*" + # 允许跨域的method, 默认为GET和OPTIONS,设置*为全部 + allowedMethods: "*" + # 允许跨域请求里的head字段,设置*为全部 + allowedHeaders: "*" + routes: + # # 系统服务 + # - id: qiuguo-iot-box-user-api + # # 匹配后路由地址 + # uri: lb://qiuguo-iot-box-user-api + # # 断言,路径相匹配的进行路由 + # predicates: + # - Path=/qiuguo-iot-box-user-api/** + # filters: + # # 转发时去掉一层路径 + # - StripPrefix=1 + - id: route_qiuguo-iot-box-user-api + uri: lb://qiuguo-iot-box-user-api + predicates: + - Path=/** + +# 安全配置 +security: + # 防止XSS攻击 + xss: + enabled: true + # 排除的路径 + exclude-urls: + - /iot-user/user/user/login/pwd +#application: +# cors: +# allowed-crigin-patterns: +# - /iot-user/user/user/login/pwd + From 9277d93ea8710211ce57201d3b3e8888acb26ec7 Mon Sep 17 00:00:00 2001 From: simon <861719797@qq.com> Date: Fri, 22 Sep 2023 10:35:31 +0800 Subject: [PATCH 2/3] =?UTF-8?q?lombok=E5=8D=87=E7=BA=A71.18.14=E4=BF=AE?= =?UTF-8?q?=E5=A4=8D=E7=BB=8F=E5=B8=B8=E6=97=A0=E7=AC=A6=E5=8F=B7=E5=BC=82?= =?UTF-8?q?=E5=B8=B8?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 9af1cf3..f7e1a92 100644 --- a/pom.xml +++ b/pom.xml @@ -28,7 +28,7 @@ 3.1.7 2.7.15 2.7.14 - 1.18.12 + 1.18.14 2.7.14 From fe1a976732d50cd38a68db3079cebe0c51721069 Mon Sep 17 00:00:00 2001 From: weiyachao <13526234727@126.com> Date: Fri, 22 Sep 2023 13:46:50 +0800 Subject: [PATCH 3/3] =?UTF-8?q?=E8=AE=BE=E7=BD=AE=E8=B7=AF=E7=94=B1?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../iot/gateway/GatewayApplication.java | 2 + .../qiuguo/iot/gateway/filter/AuthFilter.java | 46 +++++++++---------- .../handler/GatewayExceptionHandler.java | 2 + .../src/main/resources/bootstrap-dev.yml | 46 +++++++------------ .../user/api/IotBoxUserApiApplication.java | 2 + 5 files changed, 44 insertions(+), 54 deletions(-) diff --git a/iot-gateway/src/main/java/com/qiuguo/iot/gateway/GatewayApplication.java b/iot-gateway/src/main/java/com/qiuguo/iot/gateway/GatewayApplication.java index f827f1a..21aed7b 100644 --- a/iot-gateway/src/main/java/com/qiuguo/iot/gateway/GatewayApplication.java +++ b/iot-gateway/src/main/java/com/qiuguo/iot/gateway/GatewayApplication.java @@ -2,8 +2,10 @@ package com.qiuguo.iot.gateway; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; +import org.springframework.cloud.client.discovery.EnableDiscoveryClient; @SpringBootApplication +@EnableDiscoveryClient public class GatewayApplication { public static void main(String[] args) { diff --git a/iot-gateway/src/main/java/com/qiuguo/iot/gateway/filter/AuthFilter.java b/iot-gateway/src/main/java/com/qiuguo/iot/gateway/filter/AuthFilter.java index 3e68290..f39604c 100644 --- a/iot-gateway/src/main/java/com/qiuguo/iot/gateway/filter/AuthFilter.java +++ b/iot-gateway/src/main/java/com/qiuguo/iot/gateway/filter/AuthFilter.java @@ -37,30 +37,28 @@ public class AuthFilter implements GlobalFilter, Ordered { public Mono filter(ServerWebExchange exchange, GatewayFilterChain chain) { ServerHttpRequest request = exchange.getRequest(); String url = request.getPath().toString(); - System.out.println("url = " + url); - return chain.filter(exchange); - // if (xssProperties.getExcludeUrls().contains(url)) { - // return chain.filter(exchange); - // } - // - // String api_token = exchange.getRequest().getHeaders().getFirst(UserAuthContains.API_TOKEN); - // String api_type = exchange.getRequest().getHeaders().getFirst(UserAuthContains.API_TYPE); - // if (ObjectUtils.isEmpty(api_token) || ObjectUtils.isEmpty(api_type)) { - // return Mono.error(new RuntimeException("未登录")); - // } - // String key = RedisConstans.IOT_TOKEN.concat(api_token); - // return reactiveRedisTemplate.getExpire(key).map(Duration::getSeconds).flatMap(ttl -> { - // if (ttl == -1) { - // // 用户没登陆 - // return Mono.error(new RuntimeException("未登录")); - // } else if (ttl <= 3600) { - // // token 将要失效 - // return reactiveRedisTemplate.expire(key, Duration.ofDays(7)).then(chain.filter(exchange)); - // } else { - // // 正常登录 - // return chain.filter(exchange); - // } - // }); + if (xssProperties.getExcludeUrls().contains(url)) { + return chain.filter(exchange); + } + + String api_token = exchange.getRequest().getHeaders().getFirst(UserAuthContains.API_TOKEN); + String api_type = exchange.getRequest().getHeaders().getFirst(UserAuthContains.API_TYPE); + if (ObjectUtils.isEmpty(api_token) || ObjectUtils.isEmpty(api_type)) { + return Mono.error(new RuntimeException("未登录")); + } + String key = RedisConstans.IOT_TOKEN.concat(api_token); + return reactiveRedisTemplate.getExpire(key).map(Duration::getSeconds).flatMap(ttl -> { + if (ttl == -1) { + // 用户没登陆 + return Mono.error(new RuntimeException("未登录")); + } else if (ttl <= 3600) { + // token 将要失效 + return reactiveRedisTemplate.expire(key, Duration.ofDays(7)).then(chain.filter(exchange)); + } else { + // 正常登录 + return chain.filter(exchange); + } + }); } diff --git a/iot-gateway/src/main/java/com/qiuguo/iot/gateway/handler/GatewayExceptionHandler.java b/iot-gateway/src/main/java/com/qiuguo/iot/gateway/handler/GatewayExceptionHandler.java index 9b3840c..68d8c5e 100644 --- a/iot-gateway/src/main/java/com/qiuguo/iot/gateway/handler/GatewayExceptionHandler.java +++ b/iot-gateway/src/main/java/com/qiuguo/iot/gateway/handler/GatewayExceptionHandler.java @@ -35,6 +35,8 @@ public class GatewayExceptionHandler implements ErrorWebExceptionHandler { } else if (ex instanceof ResponseStatusException) { ResponseStatusException responseStatusException = (ResponseStatusException) ex; msg = responseStatusException.getMessage(); + } else if (ex instanceof RuntimeException) { + msg = ex.getMessage(); } else { msg = "内部服务器错误"; } diff --git a/iot-gateway/src/main/resources/bootstrap-dev.yml b/iot-gateway/src/main/resources/bootstrap-dev.yml index 3277ad8..8271352 100644 --- a/iot-gateway/src/main/resources/bootstrap-dev.yml +++ b/iot-gateway/src/main/resources/bootstrap-dev.yml @@ -5,13 +5,13 @@ spring: password: 123456 timeout: 5000 cloud: -# config: -# # 如果本地配置优先级高,那么 override-none 设置为 true,包括系统环境变量、本地配置文件等配置 -# override-none: true -# # 如果想要远程配置优先级高,那么 allow-override 设置为 false,如果想要本地配置优先级高那么 allow-override 设置为 true -# allow-override: true -# # 只有系统环境变量或者系统属性才能覆盖远程配置文件的配置,本地配置文件中配置优先级低于远程配置;注意本地配置文件不是系统属性 -# override-system-properties: false + config: + # 如果本地配置优先级高,那么 override-none 设置为 true,包括系统环境变量、本地配置文件等配置 + override-none: true + # 如果想要远程配置优先级高,那么 allow-override 设置为 false,如果想要本地配置优先级高那么 allow-override 设置为 true + allow-override: true + # 只有系统环境变量或者系统属性才能覆盖远程配置文件的配置,本地配置文件中配置优先级低于远程配置;注意本地配置文件不是系统属性 + override-system-properties: false nacos: discovery: # 服务注册地址 @@ -25,12 +25,14 @@ spring: shared-configs: - application-${spring.profiles.active}.${spring.cloud.nacos.config.file-extension} gateway: - discovery: - locator: - # 开启服务发现 - enabled: true - # 忽略注册中心服务的大小写 - lower-case-service-id: true + routes: + - id: qiuguo-iot-box-user-api + uri: lb://qiuguo-iot-box-user-api + predicates: + - Path=/iot-user/** + filters: + # 转发时去掉一层路径 + - StripPrefix=1 globalcors: corsConfigurations: '[/**]': @@ -42,22 +44,6 @@ spring: allowedMethods: "*" # 允许跨域请求里的head字段,设置*为全部 allowedHeaders: "*" - routes: - # # 系统服务 - # - id: qiuguo-iot-box-user-api - # # 匹配后路由地址 - # uri: lb://qiuguo-iot-box-user-api - # # 断言,路径相匹配的进行路由 - # predicates: - # - Path=/qiuguo-iot-box-user-api/** - # filters: - # # 转发时去掉一层路径 - # - StripPrefix=1 - - id: route_qiuguo-iot-box-user-api - uri: lb://qiuguo-iot-box-user-api - predicates: - - Path=/** - # 安全配置 security: # 防止XSS攻击 @@ -65,7 +51,7 @@ security: enabled: true # 排除的路径 exclude-urls: - - /iot-user/user/user/login/pwd + - /iot-user/user/login/pwd #application: # cors: # allowed-crigin-patterns: diff --git a/iot-modules/iot-box-user-api/src/main/java/com/qiuguo/iot/user/api/IotBoxUserApiApplication.java b/iot-modules/iot-box-user-api/src/main/java/com/qiuguo/iot/user/api/IotBoxUserApiApplication.java index 17269cf..02e52b7 100644 --- a/iot-modules/iot-box-user-api/src/main/java/com/qiuguo/iot/user/api/IotBoxUserApiApplication.java +++ b/iot-modules/iot-box-user-api/src/main/java/com/qiuguo/iot/user/api/IotBoxUserApiApplication.java @@ -4,12 +4,14 @@ import com.tuya.connector.spring.annotations.ConnectorScan; import org.hswebframework.web.crud.annotation.EnableEasyormRepository; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; +import org.springframework.cloud.client.discovery.EnableDiscoveryClient; import org.springframework.context.annotation.EnableAspectJAutoProxy; @SpringBootApplication(scanBasePackages = {"com.qiuguo.iot.user.api", "com.qiuguo.iot.data.service"}) @EnableEasyormRepository(value = "com.qiuguo.iot.data.entity.*") @ConnectorScan(basePackages = "com.qiuguo.iot.user.api.service") @EnableAspectJAutoProxy +@EnableDiscoveryClient public class IotBoxUserApiApplication { public static void main(String[] args) {