Appearance
微服务网关-鉴权
这里我使用docker-compose
docker-compose
version: '3.0'
services:
nginx:
restart: always
image: nginx
privileged: true
container_name: nginx
ports:
- 80:80
- 4000:4000
- 443:443
volumes:
- ./conf/nginx.conf:/etc/nginx/conf.d
- ./html/:/usr/share/nginx/html/
- ./logs/:/var/log/nginx/
在config/nginx.conf
添加gateway.conf文件,添加以下内容
conf
server{
listen 4000;
server_name localhost;
access_log /var/log/nginx/looklook.com_access.log;
error_log /var/log/nginx//looklook.com_error.log;
location / {
proxy_pass http://192.168.199.198:3100;#鉴权接口
}
location /auth {
internal; # 只允许内部调用,外部调用报404
proxy_pass http://192.168.199.198:3100/auth;#鉴权接口
proxy_pass_request_body off; # 不向上游发送包体
proxy_set_header Content-Length ""; # 同上,看情况加或不加
proxy_set_header X-Original-URI $request_uri; # 传递真实请求路径
proxy_set_header X-Original-Remote-Addr $remote_addr; # 传递真实访问者地址
proxy_set_header X-Original-Host $host; # 传递真实请求地址
}
location /admin {
auth_request /auth;
auth_request_set $user $upstream_http_x_forwarded_user;
proxy_set_header X-User $user; # 可以传递Header
add_header Set-Cookie $user; # 可以传递Cookie
proxy_pass http://192.168.199.198:3101;
}
}