拷贝代码备忘,filter过滤请求,proxyReqOptDecorator重写请求头,代码如下:
var express = require('express'); var proxy = require('express-http-proxy') var app = express(); app.all('*', function (req, res, next) { res.header("Access-Control-Allow-Origin", req.headers.origin); res.header("Access-Control-Allow-Methods", "PUT,POST,GET,DELETE,OPTIONS"); res.header("Access-Control-Allow-Credentials", "true"); res.header("Content-Type", "application/json;charset=utf-8"); if (req.method == 'OPTIONS') { res.header('Access-Control-Allow-Headers', req.headers['access-control-request-headers']); res.send(200); /*让options请求快速返回*/ } else { next(); } }); // 代码转发 app.use('/ProxySSO', proxy(req => { return req.headers.apiurl }, { filter: function (req, res) { // 用户名\系统标识\用户权限 let { systemName, masterName, powers } = req.tokenDecode; const { originalUrl } = req; const url = originalUrl.replace('/ProxySSO', '').split('?')[0]; /** * 接口权限检查 * @param {String} url 接口地址 * @param {Object} powers rbac权限列表 * @returns {boolean} 是否有权限 */ const checkPowers = (url, powers) => { // do something } const hasPowers = checkPowers(url, powers); // 权限判断 return hasPowers; }, proxyReqOptDecorator: function(proxyReqOpts, srcReq) { // header增加masterName 具体按照自己的需求来 // proxyReqOpts.headers['masterName'] = srcReq.tokenDecode.masterName; return proxyReqOpts; } })); module.exports = app;