获取配置
@
Component@
ConfigurationProperties(prefix = "gateway")
public class GatewayConfig {
private String[] excludesUrls;
public String[] getExcludesUrls() {
return excludesUrls;
}
public void setExcludesUrls(String[] excludesUrls) {
this.excludesUrls = excludesUrls;
}
}
添加不鉴权的接口
@
Override protected void configure(HttpSecurity http) throws Exception {
http.headers().frameOptions().disable();
http.csrf().disable()
.authorizeRequests()
.antMatchers("/test/**", "swagger-ui**").permitAll()
.and().addFilterBefore(new TokenAuthFilter(permissionClient, redisService,
new String[]{"/api/**"},
excludesUrls.getExcludesUrls()),
UsernamePasswordAuthenticationFilter.class);
}
当然 TokenAuthFilter 继承 GenericFilterBean 实现的
不难的
配置中心的配置文件
gateway:
excludesUrls:
- /api/user/auth/**
- /api/cms/content/editorUpload
- /api/file/downloadFileByUri
- /api/file/previewFileByUri