lua 脚本
单个参数判断及发送请求
check_or_uncheck.lua
token = ngx.req.get_headers()['token']if (token ~= nil and token ~= '') thenres = ngx.location.capture('/gateway/checkToken',{method = ngx.HTTP_POST,body = '{"channel":"1"}'})if (res ~= niland res.status ~= niland res.status == ngx.HTTP_OK) thenngx.req.set_header('userId', res.header['userId'])ngx.req.set_header('channel', res.header['channel'])elsengx.header['Content-Type'] = 'application/json; charset=utf-8'ngx.print('{"errorCode":"401","value":"无访问权限!","data":null}')ngx.exit(ngx.OK)end
endcheck_token_and_role_permission.lua
token = ngx.req.get_headers()['token']if (token == nil or token == '') thenngx.header['Content-Type'] = 'application/json; charset=utf-8'ngx.print('{"errorCode":"401","value":"无访问权限!","data":null}')ngx.exit(ngx.OK)
endres = ngx.location.capture('/gateway/checkToken',{method = ngx.HTTP_POST,body = '{"channel":"1"}'}
)ngx.log(ngx.ERR,"++++++++++++++++++++++++++++++++++++++++++++++")ngx.header['Content-Type'] = 'application/json; charset=utf-8'ngx.log(ngx.ERR, res.body)ngx.log(ngx.ERR, res.status)if (res ~= niland res.status ~= niland res.status == ngx.HTTP_OK) thenngx.req.set_header('userId', res.header['userId'])ngx.req.set_header('channel', res.header['channel'])check_res = ngx.location.capture('/gateway/checkRolePermission',{method = ngx.HTTP_POST,--获取请求接口路径,ngx.var.request_uribody = '{"userId": "' .. res.header['userId'] .. '","roleId":"' .. res.header['roleId'] .. '","requestUri":"' .. ngx.var.request_uri .. '"}'})ngx.log(ngx.ERR,"-----------------------------------------")ngx.header['Content-Type'] = 'application/json; charset=utf-8'ngx.log(ngx.ERR, check_res.body)ngx.log(ngx.ERR, check_res.status)if (check_res ~= niland check_res.status ~= niland check_res.status ~= ngx.HTTP_OK) thenngx.header['Content-Type'] = 'application/json; charset=utf-8'ngx.print('{"errorCode":"402","value":"角色权限不足!","data":null}')
elsengx.header['Content-Type'] = 'application/json; charset=utf-8'ngx.print('{"errorCode":"401","value":"无访问权限!","data":null}')ngx.exit(ngx.OK)end
多个参数获取及发送依赖请求
前端验证码登录访问这个配置的接口,指向lua脚本
location /login/api/code/login {
access_by_lua_file /usr/local/openresty/lualib/code_login.lua;
}
lua脚本里的/gateway/code/login指向login项目里的codeLogin内网地址,不需要验证的
location /gateway/code/login {
proxy_pass http://inner-login/api/code/login;
}
code_login.lua
--从header获取参数,可以避免拆包
login_body = '{"phone":"' .. ngx.var.http_phone .. '","code":"' .. ngx.var.http_code .. '"}'login_res = ngx.location.capture('/gateway/code/login',{method = ngx.HTTP_POST,body = login_body}
)
if (login_res ~= nil and login_res.status ~= nil and login_res.status == ngx.HTTP_OK) thenlogin_user_id = login_res.header['userId']login_channel = login_res.header['channel']if (login_user_id ~= nil and login_channel ~= nil) thenngx.req.set_header('userId', login_user_id)ngx.req.set_header('channel', login_channel)token_res = ngx.location.capture('/gateway/getToken')if (token_res ~= nil and token_res.status ~= nil and token_res.status == ngx.HTTP_OK) thentoken_token = token_res.header['token']token_user_id = token_res.header['userId']token_channel = token_res.header['channel']if (token_token ~= nil and token_user_id ~= nil and token_channel_id ~= nil) thenngx.header['userId'] = token_user_idngx.header['channel'] = token_channelngx.header['token'] = token_tokenngx.header['Content-Type'] = 'application/json'--返回responsengx.say(login_res.body)--退出nginxngx.exit(ngx.OK)endendelsengx.header['Content-Type'] = 'application/json'ngx.say(login_res.body)ngx.exit(ngx.OK)end
elsengx.log(ngx.ERR, 'login failed')
endngx.header['Content-Type'] = 'application/json'
--返回错误信息
ngx.say('{"errorCode":"500","value":"系统错误!","data":null}')
ngx.exit(ngx.OK)