拷贝代码备忘,filter过滤请求,proxyReqOptDecorator重写请求头,代码如下:

var express = require('express');
var proxy = require('express-http-proxy')

var app = express();

app.all('*', function (req, res, next) {
 res.header("Access-Control-Allow-Origin", req.headers.origin);
 res.header("Access-Control-Allow-Methods", "PUT,POST,GET,DELETE,OPTIONS");
 res.header("Access-Control-Allow-Credentials", "true");
 res.header("Content-Type", "application/json;charset=utf-8");
 if (req.method == 'OPTIONS') {
  res.header('Access-Control-Allow-Headers', req.headers['access-control-request-headers']);
  res.send(200); /*让options请求快速返回*/
 }
 else {
  next();
 }
});

// 代码转发
app.use('/ProxySSO', proxy(req => {
 return req.headers.apiurl
}, {
 filter: function (req, res) {

  // 用户名\系统标识\用户权限
  let { systemName, masterName, powers } = req.tokenDecode;
  const { originalUrl } = req;
  const url = originalUrl.replace('/ProxySSO', '').split('?')[0];

  /**
   * 接口权限检查
   * @param {String} url 接口地址
   * @param {Object} powers rbac权限列表
   * @returns {boolean} 是否有权限
   */
  const checkPowers = (url, powers) => {
    //  do something
  }
  const hasPowers = checkPowers(url, powers);
   // 权限判断
  return hasPowers;
 },
 proxyReqOptDecorator: function(proxyReqOpts, srcReq) {
  // header增加masterName 具体按照自己的需求来
  // proxyReqOpts.headers['masterName'] = srcReq.tokenDecode.masterName;
  return proxyReqOpts;
 }
}));

module.exports = app;

华山资源网 Design By www.eoogi.com
广告合作:本站广告合作请联系QQ:858582 申请时备注:广告合作(否则不回)
免责声明:本站资源来自互联网收集,仅供用于学习和交流,请遵循相关法律法规,本站一切资源不代表本站立场,如有侵权、后门、不妥请联系本站删除!
华山资源网 Design By www.eoogi.com