lua 脚本

时间:2022-12-09 01:28:38

单个参数判断及发送请求 

check_or_uncheck.lua

token = ngx.req.get_headers()['token']

if (token ~= nil and token ~= '') then
    res = ngx.location.capture(
        '/gateway/checkToken',
        {
            method = ngx.HTTP_POST,
            body = '{"channel":"1"}'
        }
        )
        if (res ~= nil
        and res.status ~= nil
        and res.status == ngx.HTTP_OK) then
                ngx.req.set_header('userId', res.header['userId'])
                ngx.req.set_header('channel', res.header['channel'])

        else
                ngx.header['Content-Type'] = 'application/json; charset=utf-8'
                ngx.print('{"errorCode":"401","value":"无访问权限!","data":null}')
                ngx.exit(ngx.OK)
        end
end

check_token_and_role_permission.lua

token = ngx.req.get_headers()['token']

if (token == nil or token == '') then
    ngx.header['Content-Type'] = 'application/json; charset=utf-8'
    ngx.print('{"errorCode":"401","value":"无访问权限!","data":null}')
    ngx.exit(ngx.OK)
end


res = ngx.location.capture(
        '/gateway/checkToken',
        {
            method = ngx.HTTP_POST,
            body = '{"channel":"1"}'
        }
)

    ngx.log(ngx.ERR,"++++++++++++++++++++++++++++++++++++++++++++++")
    ngx.header['Content-Type'] = 'application/json; charset=utf-8'
    ngx.log(ngx.ERR, res.body)
    ngx.log(ngx.ERR, res.status)

if (res ~= nil
        and res.status ~= nil
        and res.status == ngx.HTTP_OK) then

    ngx.req.set_header('userId', res.header['userId'])
    ngx.req.set_header('channel', res.header['channel'])



    check_res = ngx.location.capture(
        '/gateway/checkRolePermission',
        {
            method = ngx.HTTP_POST,
            --获取请求接口路径,ngx.var.request_uri
            body = '{"userId": "' .. res.header['userId'] .. '","roleId":"' .. res.header['roleId'] .. '","requestUri":"' .. ngx.var.request_uri .. '"}'
        }
    )
    ngx.log(ngx.ERR,"-----------------------------------------")
    ngx.header['Content-Type'] = 'application/json; charset=utf-8'
    ngx.log(ngx.ERR, check_res.body)
    ngx.log(ngx.ERR, check_res.status)
          
         
    if (check_res ~= nil
        and check_res.status ~= nil
        and check_res.status ~= ngx.HTTP_OK) then
        ngx.header['Content-Type'] = 'application/json; charset=utf-8'
        ngx.print('{"errorCode":"402","value":"角色权限不足!","data":null}')
else
    ngx.header['Content-Type'] = 'application/json; charset=utf-8'
    ngx.print('{"errorCode":"401","value":"无访问权限!","data":null}')
    ngx.exit(ngx.OK)


end

多个参数获取及发送依赖请求

前端验证码登录访问这个配置的接口,指向lua脚本

location /login/api/code/login {
            access_by_lua_file /usr/local/openresty/lualib/code_login.lua;
        }

lua脚本里的/gateway/code/login指向login项目里的codeLogin内网地址,不需要验证的

location /gateway/code/login {
            proxy_pass http://inner-login/api/code/login;
        }

code_login.lua

--从header获取参数,可以避免拆包
login_body = '{"phone":"' .. ngx.var.http_phone .. '","code":"' .. ngx.var.http_code .. '"}'

login_res = ngx.location.capture(
        '/gateway/code/login',
        {
            method = ngx.HTTP_POST,
            body = login_body

        }
)
if (login_res ~= nil and login_res.status ~= nil and login_res.status == ngx.HTTP_OK) then
    login_user_id = login_res.header['userId']
    login_channel = login_res.header['channel']

    if (login_user_id ~= nil and login_channel ~= nil) then
        ngx.req.set_header('userId', login_user_id)
        ngx.req.set_header('channel', login_channel)

        token_res = ngx.location.capture('/gateway/getToken')
        if (token_res ~= nil and token_res.status ~= nil and token_res.status == ngx.HTTP_OK) then
            token_token = token_res.header['token']
            token_user_id = token_res.header['userId']
            token_channel = token_res.header['channel']

            if (token_token ~= nil and token_user_id ~= nil and token_channel_id ~= nil) then
                ngx.header['userId'] = token_user_id
                ngx.header['channel'] = token_channel
                ngx.header['token'] = token_token

                ngx.header['Content-Type'] = 'application/json'
                --返回response
                ngx.say(login_res.body)
                --退出nginx
                ngx.exit(ngx.OK)
            end
        end
    else
        ngx.header['Content-Type'] = 'application/json'
        ngx.say(login_res.body)
        ngx.exit(ngx.OK)
    end
else
    ngx.log(ngx.ERR, 'login failed')
end

ngx.header['Content-Type'] = 'application/json'
--返回错误信息
ngx.say('{"errorCode":"500","value":"系统错误!","data":null}')
ngx.exit(ngx.OK)