package com.weheretech.gatewayserver.config;

import com.weheretech.common.core.constants.DataSourceConstants;

import com.weheretech.common.core.constants.SaasConstants;

import com.weheretech.common.core.dto.user.LoginCacheDTO;

import com.weheretech.common.core.exception.ErrorCode;

import com.weheretech.common.core.exception.SaasException;

import com.weheretech.common.core.utils.TenantUtils;

import com.weheretech.middleware.utils.RedisUtils;

import lombok.extern.slf4j.Slf4j;

import org.springframework.beans.factory.annotation.Autowired;

import org.springframework.cloud.gateway.filter.GatewayFilterChain;

import org.springframework.cloud.gateway.filter.GlobalFilter;

import org.springframework.context.annotation.Configuration;

import org.springframework.core.annotation.Order;

import org.springframework.http.HttpHeaders;

import org.springframework.http.server.reactive.ServerHttpRequest;

import org.springframework.util.CollectionUtils;

import org.springframework.web.server.ServerWebExchange;

import reactor.core.publisher.Mono;

import java.lang.annotation.Annotation;

import java.net.URI;

import java.util.LinkedHashSet;

import java.util.List;

import java.util.Objects;

/**

* 權(quán)限過(guò)濾器

*/

@Slf4j

@Configuration

public class AuthFilterimplements GlobalFilter, Order {

private final StringCOOKIE ="cookie";

? ? private final StringTOKEN ="token=";

? ? @Autowired

? ? private RedisUtilsredisUtils;

? ? /**

* 過(guò)濾器順序

*/

? ? @Override

? ? public int value() {

return 1;

? ? }

/**

* 過(guò)濾器主邏輯

*

? ? * @param exchange

? ? * @param chain

? ? * @return

? ? */

? ? @Override

? ? public Monofilter(ServerWebExchange exchange, GatewayFilterChain chain) {

ServerHttpRequest request = exchange.getRequest();

? ? ? ??//請(qǐng)求源地址host

? ??????String host = request.getRemoteAddress().getAddress().getHostAddress();

? ? ? ? log.info("host========? {}", host);

?? ?????//設(shè)置header頭屬性，注意下方返回處需要返回return chain.filter(exchange.mutate().request(request).build());

? ? ? ? request = request.mutate().header("domain", host).build();

? ? ? ? // 獲取訪問(wèn)路徑

? ? ? ? String url = ((LinkedHashSet) Objects.requireNonNull(exchange.getAttribute("org.springframework.cloud.gateway.support.ServerWebExchangeUtils.gatewayOriginalRequestUrl")))

.iterator()

.next()

.getPath();

? ? ? ? // 查詢是否在忽略列表中

? ? ? ? if (SaasConstants.WhiteUri.FILTER_URIS.contains(url)) {

return chain.filter(exchange.mutate().request(request).build());

? ? ? ? }

// 檢查用戶header中攜帶的token

? ? ? ? HttpHeaders headers = request.getHeaders();

? ? ? ? List headerValue = headers.get(COOKIE);

? ? ? ? if (CollectionUtils.isEmpty(headerValue)) {

throw new SaasException(ErrorCode.NO_COOKIE);

? ? ? ? }

// 這里拿的cookie是用";"分割的

? ? ? ? String cookieStr = headerValue.get(0);

? ? ? ? String[] cookies = cookieStr.split(";");

? ? ? ? String authorization =null;

? ? ? ? for (String cookie : cookies) {

cookie = cookie.trim();

? ? ? ? ? ? if (cookie.startsWith(TOKEN)) {

authorization = cookie.substring(6);

break;

? ? ? ? ? ? }

}

if (authorization ==null) {

throw new SaasException(ErrorCode.TOKEN_NOT_FOUND);

? ? ? ? }

// 權(quán)限校驗(yàn)暫時(shí)未做

? ? ? ? if(!DataSourceConstants.Name.PLATFORM_DATA_SOURCE.equals(TenantUtils.getDomain())){

LoginCacheDTO loginCacheDTO = (LoginCacheDTO)redisUtils.get(authorization);

? ? ? ? ? ? //判斷權(quán)限

//? ? ? ? ? ? AuthUtils.setCurrentUser(loginCacheDTO);

//? ? ? ? ? ? if(!loginCacheDTO.getUrls().contains(url)){

//? ? ? ? ? ? ? ? throw new SaasException(ErrorCode.UNAUHORIZATION);

//? ? ? ? ? ? }

? ? ? ? }

//? ? ? ? ResponseVo responseVo = authClient.checkApi(new Authorization(authorization, url));

//? ? ? ? if (responseVo.getStatus() != ResponseEnum.SUCCESS.getCode()) {

//? ? ? ? ? ? throw new ResponseException(responseVo);

//? ? ? ? }

// 校驗(yàn)通過(guò)，放行

? ? ? ? return chain.filter(exchange.mutate().request(request).build());

? ? }

@Override

? ? public ClassannotationType() {

return null;

? ? }

}