微服务网关-鉴权

这里我使用docker-compose

docker-compose

version: '3.0'

services:
   nginx:
    restart: always
    image: nginx
    privileged: true
    container_name: nginx
    ports:
      - 80:80
      - 4000:4000
      - 443:443
    volumes:
      - ./conf/nginx.conf:/etc/nginx/conf.d
      - ./html/:/usr/share/nginx/html/
      - ./logs/:/var/log/nginx/

在config/nginx.conf

添加gateway.conf文件，添加以下内容

conf

server{
    listen       4000;
    server_name  localhost;

    access_log /var/log/nginx/looklook.com_access.log;
    error_log /var/log/nginx//looklook.com_error.log;
     location / {
                proxy_pass http://192.168.199.198:3100;#鉴权接口
    }

    location /auth {
        internal; # 只允许内部调用，外部调用报404
        proxy_pass http://192.168.199.198:3100/auth;#鉴权接口
        proxy_pass_request_body off; # 不向上游发送包体
        proxy_set_header Content-Length ""; # 同上，看情况加或不加
        proxy_set_header X-Original-URI $request_uri; # 传递真实请求路径
        proxy_set_header X-Original-Remote-Addr $remote_addr; # 传递真实访问者地址
        proxy_set_header X-Original-Host $host; # 传递真实请求地址
        }

        location /admin {
            auth_request /auth;
            auth_request_set $user $upstream_http_x_forwarded_user;
            proxy_set_header X-User $user; # 可以传递Header
            add_header Set-Cookie $user; # 可以传递Cookie
            proxy_pass http://192.168.199.198:3101;
        }
   
}

微服务网关-鉴权 ​

微服务网关-鉴权