手机网站建设林肖,php网站建设到护卫神,六安网站自然排名优化价格,html中音乐网站怎么做文章目录前言一、基础组件下载二、组件安装1.luajit安装2.lua-nginx-module安装3.lua-resty-core安装4.lua-resty-lrucache安装5.ngx_devel_kit安装6.nginx加载lua模块7.lua-cjson安装8.lua-resty-string安装9.lua-resty-jwt安装10.lua-resty-hmac安装三、验证jwt中属性实现蓝绿…
文章目录前言一、基础组件下载二、组件安装1.luajit安装2.lua-nginx-module安装3.lua-resty-core安装4.lua-resty-lrucache安装5.ngx_devel_kit安装6.nginx加载lua模块7.lua-cjson安装8.lua-resty-string安装9.lua-resty-jwt安装10.lua-resty-hmac安装三、验证jwt中属性实现蓝绿发布样例1.nginx配置修改2.上传jwttoken.lua结尾前言
例如随着人工智能的不断发展机器学习这门技术也越来越重要很多人都开启了学习机器学习本文就介绍了机器学习的基础内容。 一、基础组件下载
luajit2-2.1-20220411.tar.gz #luajit官网存在一定的坑下载openresty的优化版本 https://github.com/openresty/luajit2/archive/refs/tags/v2.1-20220411.tar.gzlua-nginx-module-0.10.22.tar.gz # 0.10.16 以后都需要 lua-resty-core和lua-resty-lrucache https://github.com/openresty/lua-nginx-module/archive/refs/tags/v0.10.22.tar.gzlua-resty-core-0.1.24.tar.gz [lua-nginx-module依赖] https://github.com/openresty/lua-resty-core/archive/refs/tags/v0.1.24.tar.gzlua-resty-lrucache-0.12.tar.gz [lua-nginx-module依赖] https://github.com/openresty/lua-resty-lrucache/archive/refs/tags/v0.12.tar.gzngx_devel_kit-0.3.2.tar.gz https://github.com/vision5/ngx_devel_kit/archive/refs/tags/v0.3.2.tar.gznginx-1.21.6.tar.gz http://nginx.org/download/nginx-1.21.6.tar.gzlua-cjson-2.1.0.9.tar.gz https://github.com/openresty/lua-cjson/archive/refs/tags/2.1.0.9.tar.gzlua-resty-string-0.15.tar.gz https://github.com/SkyLothar/lua-resty-jwt/archive/refs/tags/v0.1.11.tar.gzlua-resty-jwt-0.1.11.tar.gz https://github.com/SkyLothar/lua-resty-jwt/archive/refs/tags/v0.1.11.tar.gzlua-resty-hmac-0.06.tar.gz https://github.com/SkyLothar/lua-resty-jwt/archive/refs/tags/v0.1.11.tar.gz
二、组件安装
1.luajit安装
编译
cd /opt/lua/
tar -zxvf v2.1-20210510.tar.gz
cd luajit2-2.1-20210510
make make install加载
ln -s /usr/local/lib/libluajit-5.1.so.2 /lib64/liblua-5.1.so.2
echo /usr/local/lib /etc/ld.so.conf
ldconfig配置环境变量
vi /etc/profile
#增加下面内容
export LUAJIT_INC/usr/local/include/luajit-2.1
export LUAJIT_LIB/usr/local/lib
#立刻生效
source /etc/profile2.lua-nginx-module安装
cd /opt/lua/
tar -zxvf lua-nginx-module-0.10.20.tar.gz3.lua-resty-core安装
cd /opt/lua/
tar -zxvf lua-resty-core-0.1.22.tar.gz
cd lua-resty-core-0.1.22
make install PREFIX/usr/local/lua_core4.lua-resty-lrucache安装
cd /opt/lua/
tar -zxvf lua-resty-lrucache-0.10.tar.gz
cd lua-resty-lrucache-0.10
make install PREFIX/usr/local/lua_core5.ngx_devel_kit安装
cd /opt/lua/
tar -zxvf ngx_devel_kit-0.3.1.tar.gz6.nginx加载lua模块
nginx安装可参考往期文章nginx安装部署详细手册
./configure --prefix/opt/nginx/nginx --with-compat --with-file-aio --with-threads --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-openssl/opt/openssl-1.1.1t --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-mail --with-mail_ssl_module --with-stream --with-stream_realip_module --with-stream_ssl_module --with-stream_ssl_preread_module --with-cc-opt-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE2 -fexceptions -fstack-protector-strong --paramssp-buffer-size4 -grecord-gcc-switches -m64 -mtunegeneric -fPIC --with-ld-opt-Wl,-z,relro -Wl,-z,now -pie --add-module/opt/nginx/ngx_devel_kit-0.3.2 --add-module/opt/nginx/lua-nginx-module-0.10.22
make -j2
make installnginx.conf配置文件中http模块增加包依赖
lua_package_path /usr/local/lua_core/lib/lua/?.lua;;;增加lua测试代码
location /hello { default_type text/plain; content_by_lua ngx.say(hello, lua);
}检查配置
/opt/nginx/sbin/nginx -t
加载配置
/opt/nginx/sbin/nginx -s reload访问192.168.19.110/hello返回hello,lua说明nginx集成lua成功
至此已经可以使用lua基本功能了笔者因想使用lua实现jwt校验所以后续还需要安装cjson和retry-http
7.lua-cjson安装
cd /opt/lua
tar -zxvf /lua-cjson-2.1.0.9.tar.gz
cd lua-cjson-2.1.0.9修改Makefile指定luajit
vi Makefile将LUA_INCLUDE_DIR的值$(PREFIX)/include改为/usr/local/include/luajit-2.1
make make install
cp cjson.so /usr/local/lib/lua/5.1/
chmod 755 /usr/local/lib/lua/5.1/cjson.so8.lua-resty-string安装
cd /opt/lua/
tar -zxvf lua-resty-string-0.15.tar.gz
cd lua-resty-string-0.15
make install PREFIX/usr/local/lua_core9.lua-resty-jwt安装
cd /opt/lua/
tar -zxvf lua-resty-jwt-0.1.11.tar.gz
cp lua-resty-jwt-0.1.11/lib/resty/* /usr/local/lua_core/lib/lua/resty10.lua-resty-hmac安装
cd /opt/lua/
tar -zxvf lua-resty-hmac-0.06.tar.gz
cp lua-resty-hmac-0.06/lib/resty/* /usr/local/lua_core/lib/lua/resty至此lua和jwt都集成完成可以通过下面样例进行测试
nginx.conf配置文件中http模块增加包依赖
lua_package_path /usr/local/lua_core/lib/lua/?.lua;;;增加lua测试代码
location /verify {default_type text/html;content_by_lua local cjson require cjsonlocal jwt require resty.jwtlocal jwt_token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9 ...eyJmb28iOiJiYXIifQ ...VAoRL1IU0nOguxURF2ZcKR0SGKE1gCbqwyh8u2MLAyYlocal jwt_obj jwt:verify(lua-resty-jwt, jwt_token)ngx.say(cjson.encode(jwt_obj));
}三、验证jwt中属性实现蓝绿发布样例
1.nginx配置修改
nginx.conf增加demo路由并依赖自己写的jwttoken.lua
#demo
location /sign {access_by_lua_block {local jwt require jwttoken--type,value,redirectUrl(蓝绿类型,具体值,重定向地址)--1-按员工code蓝绿2-按部门id蓝绿3-按ip蓝绿jwt.auth(1,1001,http://www.baidu.com)ngx.say(hello world)}
}2.上传jwttoken.lua
将jwttoken.lua放到nignx所在服务器的/usr/local/lua_core/lib/lua/目录下 代码如下
-- nginx-jwt.lualocal cjson require cjson
local jwt require resty.jwt--your secret
local secret yoursecret
--无需鉴权api清单
local no_need_token_api_list {/v1/login}
local function ignore_url (val)for index, value in ipairs(no_need_token_api_list) doif (value val) thenreturn trueendendreturn false
end--获取客户端ip
local function get_client_ip()local headers ngx.req.get_headers()local ip headers[X-REAL-IP] or headers[X_FORWARDED_FOR] or ngx.var.remote_addr or 0.0.0.0return ip
endlocal M {}function M.auth(type,value,redirectUrl)if ignore_url(ngx.var.request_uri) thenreturnelseend-- 根据ip判定蓝绿发布if(type 3) thenlocal ip get_client_ip()if(ip value) thenngx.redirect(redirectUrl)elsereturnendend-- require Authorization request headerlocal auth_header ngx.var.http_Authorizationif auth_header nil thenngx.log(ngx.DEBUG, No Authorization header)return--ngx.exit(ngx.HTTP_UNAUTHORIZED)end-- require Bearer tokenlocal _, _, token string.find(auth_header, Bearer%s(.))if token nil thenngx.log(ngx.DEBUG, Missing token)return--ngx.exit(ngx.HTTP_UNAUTHORIZED)end--decode_base64和后端保持一致local jwt_obj jwt:verify(ngx.decode_base64(secret), token)--if jwt_obj.verified false then-- ngx.log(ngx.ERR, Invalid token: .. jwt_obj.reason)-- ngx.status ngx.HTTP_UNAUTHORIZED-- ngx.say(cjson.encode(jwt_obj))-- ngx.header.content_type application/json; charsetutf-8-- ngx.exit(ngx.HTTP_UNAUTHORIZED)--endif jwt_obj.payload ~ nil thenngx.log(ngx.DEBUG, cjson.encode(jwt_obj))-- 根据员工code判定蓝绿发布if(type 1) thenif jwt_obj.payload.emplCode value thenngx.redirect(redirectUrl)elsereturnend-- 根据部门id判定蓝绿发布elseif(type 2) thenif jwt_obj.payload.departId value thenngx.redirect(redirectUrl)elsereturnendendendendreturn M
完成后重新加载nginx配置即可
加载配置
/opt/nginx/sbin/nginx -s reload结尾
感谢大家的耐心阅读如有建议请私信或评论留言。如有收获劳烦支持关注、点赞、评论、收藏均可博主会经常更新与大家共同进步
