@RefreshScope
@Component
public class AuthenticationFilter implements GatewayFilter {
final Logger LOGGER = LoggerFactory.getLogger(AuthenticationFilter.class);
@Override
public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
ServerHttpRequest request = exchange.getRequest();
// Make your business logic, this is a simple sample.
if (!request.getHeaders().containsKey("x-api-key")) {
return this.onError(exchange,"api-key missing",HttpStatus.FORBIDDEN);
}
return chain.filter(exchange); // Forward to route
}
private Mono<Void> onError(ServerWebExchange exchange, String err, HttpStatus httpStatus) {
ServerHttpResponse response = exchange.getResponse();
response.setStatusCode(httpStatus);
return response.setComplete();
}