wangys/urbanLifeline
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

gateway

Browse Source
This commit is contained in:
wangys
2025-12-11 18:30:35 +08:00
parent 99937e9feb
commit 8b211fbad6
35 changed files with 527 additions and 302 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
urbanLifelineServ/gateway/pom.xml
View File

@@ -28,19 +28,8 @@
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-logging</artifactId>
</exclusion>
<!-- 排除旧的 gateway-server使用新的 webflux 版本 -->
<exclusion>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-gateway-server</artifactId>
</exclusion>
</exclusions>
</dependency>
<!-- 明确使用新的 WebFlux Gateway Server推荐 -->
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-gateway-server-webflux</artifactId>
</dependency>
<!-- Nacos 服务注册与发现 -->
<dependency>

10
urbanLifelineServ/gateway/src/main/java/org/xyzh/gateway/GatewayApplication.java
View File

@@ -7,6 +7,8 @@ import org.springframework.cloud.client.discovery.EnableDiscoveryClient;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.FilterType;
import org.xyzh.common.auth.config.SecurityConfig;
import org.xyzh.common.auth.config.WebMvcConfig;
import org.xyzh.common.auth.config.GatewayAuthConfig;
/**
* @description Gateway 网关启动类
@@ -23,8 +25,12 @@ import org.xyzh.common.auth.config.SecurityConfig;
"org.xyzh.common" // 公共模块(包括 common-auth
},
excludeFilters = {
// 排除 Spring MVC 的 SecurityConfigGateway 使用 WebFlux Security
@ComponentScan.Filter(type = FilterType.ASSIGNABLE_TYPE, classes = SecurityConfig.class)
// 排除 Spring MVC 相关配置Gateway 使用 WebFlux
@ComponentScan.Filter(type = FilterType.ASSIGNABLE_TYPE, classes = {
SecurityConfig.class, // Spring MVC Security配置
WebMvcConfig.class, // Spring MVC配置
GatewayAuthConfig.class // 微服务Gateway模式配置使用Servlet Filter
})
}
)
public class GatewayApplication {

32
urbanLifelineServ/gateway/src/main/java/org/xyzh/gateway/config/GatewaySecurityConfig.java Normal file
View File

@@ -0,0 +1,32 @@
package org.xyzh.gateway.config;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
import org.springframework.security.config.web.server.ServerHttpSecurity;
import org.springframework.security.web.server.SecurityWebFilterChain;
/**
* Gateway WebFlux Security 配置
* 完全禁用Spring Security的默认行为由AuthGlobalFilter处理认证
*
* @author yslg
* @since 2025-12-11
*/
@Configuration
@EnableWebFluxSecurity
public class GatewaySecurityConfig {
@Bean
public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
return http
.csrf(ServerHttpSecurity.CsrfSpec::disable)
.formLogin(ServerHttpSecurity.FormLoginSpec::disable)
.httpBasic(ServerHttpSecurity.HttpBasicSpec::disable)
.logout(ServerHttpSecurity.LogoutSpec::disable)
.authorizeExchange(exchange -> exchange
.anyExchange().permitAll() // 允许所有请求由AuthGlobalFilter处理认证
)
.build();
}
}

59
urbanLifelineServ/gateway/src/main/java/org/xyzh/gateway/controller/GatewayDiagnosticController.java Normal file
View File

@@ -0,0 +1,59 @@
package org.xyzh.gateway.controller;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.cloud.gateway.route.Route;
import org.springframework.cloud.gateway.route.RouteLocator;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import reactor.core.publisher.Flux;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
/**
* Gateway诊断控制器 - 用于检查路由配置
*
* @author yslg
* @since 2025-12-11
*/
@RestController
@RequestMapping("/gateway-diagnostic")
public class GatewayDiagnosticController {
@Autowired
private RouteLocator routeLocator;
/**
* 获取所有路由信息
* 访问: http://localhost:8180/gateway-diagnostic/routes
*/
@GetMapping("/routes")
public Flux<Map<String, Object>> getRoutes() {
return routeLocator.getRoutes()
.map(route -> {
Map<String, Object> routeInfo = new HashMap<>();
routeInfo.put("id", route.getId());
routeInfo.put("uri", route.getUri().toString());
routeInfo.put("order", route.getOrder());
routeInfo.put("predicates", route.getPredicate().toString());
routeInfo.put("filters", route.getFilters().toString());
return routeInfo;
});
}
/**
* 健康检查
* 访问: http://localhost:8180/gateway-diagnostic/health
*/
@GetMapping("/health")
public Map<String, Object> health() {
Map<String, Object> health = new HashMap<>();
health.put("status", "UP");
health.put("message", "Gateway is running");
health.put("timestamp", System.currentTimeMillis());
return health;
}
}

16
urbanLifelineServ/gateway/src/main/resources/application-dev.yml
View File

@@ -1,16 +1,6 @@
spring:
cloud:
gateway:
server:
webflux:
routes:
# 开发环境可以添加更详细的路由配置或测试路由
# Nacos 管理界面路由(开发专用)
- id: nacos-console
uri: http://${NACOS_SERVER_ADDR:localhost:8848}
predicates:
- Path=/nacos/**
# 开发环境专用配置
# 注意不要在这里配置routes会覆盖application.yml的配置
# 路由配置统一在application.yml中管理
# 开发环境日志
logging:

197
urbanLifelineServ/gateway/src/main/resources/application.yml
View File

@@ -17,102 +17,119 @@ spring:
namespace: dev
group: DEFAULT_GROUP
config:
enabled: false # 禁用Nacos配置中心使用本地配置
server-addr: ${NACOS_SERVER_ADDR:localhost:8848}
file-extension: yml
namespace: dev
group: DEFAULT_GROUP
# Gateway 路由配置(使用新的 webflux 配置路径)
# Gateway 路由配置
gateway:
server:
webflux:
# 服务发现路由(自动路由)
discovery:
locator:
enabled: false # 关闭自动路由,使用手动配置
# 手动配置路由
routes:
# ==================== 认证服务路由 ====================
- id: auth-service
uri: lb://auth-service
predicates:
- Path=/urban-lifeline/auth/**
filters:
# 不需要重写,直接转发保持原路径
- name: RequestRateLimiter
args:
redis-rate-limiter.replenishRate: 100
redis-rate-limiter.burstCapacity: 200
# 服务发现路由(自动路由)
discovery:
locator:
enabled: false # 关闭自动路由,使用手动配置
# 手动配置路由
routes:
# ==================== 认证服务路由 ====================
- id: auth-service
uri: lb://auth-service
predicates:
- Path=/urban-lifeline/auth/**
filters:
- StripPrefix=1 # 去掉前缀:/urban-lifeline/auth/login → /auth/login
- name: RequestRateLimiter
args:
redis-rate-limiter.replenishRate: 100
redis-rate-limiter.burstCapacity: 200
# ==================== 系统服务路由 ====================
- id: system-service
uri: lb://system-service
predicates:
- Path=/urban-lifeline/system/**
filters:
- StripPrefix=1
# ==================== 系统服务路由 ====================
- id: system-service
uri: lb://system-service
predicates:
- Path=/urban-lifeline/system/**
# ==================== 日志服务路由 ====================
- id: log-service
uri: lb://log-service
predicates:
- Path=/urban-lifeline/log/**
# ==================== 文件服务路由 ====================
- id: file-service
uri: lb://file-service
predicates:
- Path=/urban-lifeline/file/**
# ==================== 消息服务路由 ====================
- id: message-service
uri: lb://message-service
predicates:
- Path=/urban-lifeline/message/**
# ==================== 招投标服务路由 ====================
- id: bidding-service
uri: lb://bidding-service
predicates:
- Path=/urban-lifeline/bidding/**
# ==================== 平台服务路由 ====================
- id: platform-service
uri: lb://platform-service
predicates:
- Path=/urban-lifeline/platform/**
# ==================== 工单服务路由 ====================
- id: workcase-service
uri: lb://workcase-service
predicates:
- Path=/urban-lifeline/workcase/**
# ==================== 定时任务服务路由 ====================
- id: crontab-service
uri: lb://crontab-service
predicates:
- Path=/urban-lifeline/crontab/**
# ==================== AI Agent 服务路由 ====================
- id: agent-service
uri: lb://agent-service
predicates:
- Path=/urban-lifeline/agent/**
# 全局跨域配置
globalcors:
cors-configurations:
'[/**]':
allowedOriginPatterns: "*"
allowedMethods:
- GET
- POST
- PUT
- DELETE
- OPTIONS
allowedHeaders: "*"
allowCredentials: true
maxAge: 3600
# ==================== 日志服务路由 ====================
- id: log-service
uri: lb://log-service
predicates:
- Path=/urban-lifeline/log/**
filters:
- StripPrefix=1
# ==================== 文件服务路由 ====================
- id: file-service
uri: lb://file-service
predicates:
- Path=/urban-lifeline/file/**
filters:
- StripPrefix=1
# ==================== 消息服务路由 ====================
- id: message-service
uri: lb://message-service
predicates:
- Path=/urban-lifeline/message/**
filters:
- StripPrefix=1
# ==================== 招投标服务路由 ====================
- id: bidding-service
uri: lb://bidding-service
predicates:
- Path=/urban-lifeline/bidding/**
filters:
- StripPrefix=1
# ==================== 平台服务路由 ====================
- id: platform-service
uri: lb://platform-service
predicates:
- Path=/urban-lifeline/platform/**
filters:
- StripPrefix=1
# ==================== 工单服务路由 ====================
- id: workcase-service
uri: lb://workcase-service
predicates:
- Path=/urban-lifeline/workcase/**
filters:
- StripPrefix=1
# ==================== 定时任务服务路由 ====================
- id: crontab-service
uri: lb://crontab-service
predicates:
- Path=/urban-lifeline/crontab/**
filters:
- StripPrefix=1
# ==================== AI Agent 服务路由 ====================
- id: agent-service
uri: lb://agent-service
predicates:
- Path=/urban-lifeline/agent/**
filters:
- StripPrefix=1
# 全局跨域配置
globalcors:
cors-configurations:
'[/**]':
allowedOriginPatterns: "*"
allowedMethods:
- GET
- POST
- PUT
- DELETE
- OPTIONS
allowedHeaders: "*"
allowCredentials: true
maxAge: 3600
datasource:
# 按你的实际库名改一下,比如 urban-lifeline_system
url: jdbc:postgresql://127.0.0.1:5432/urban_lifeline # 换成你的 PG 库名
@@ -137,7 +154,7 @@ spring:
# 认证配置
auth:
enabled: true
gateway-mode: true
# gateway-mode 是给下游微服务用的gateway本身不需要此配置
token-header: Authorization
token-prefix: "Bearer "
# 认证接口白名单login/logout/captcha/refresh