nginx反向代理后端服务restful及token处理

#user  nobody;
worker_processes  1;#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;#pid        logs/nginx.pid;events {worker_connections  1024;
}
#代理mysql服务
stream {upstream mysql_backend {server 192.168.10.250:3306 weight=5 max_fails=3 fail_timeout=30s;}server {listen 9016;proxy_connect_timeout 10s;proxy_timeout 300s;proxy_pass mysql_backend;}
}http {include       mime.types;default_type  application/octet-stream;#log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '#                  '$status $body_bytes_sent "$http_referer" '#                  '"$http_user_agent" "$http_x_forwarded_for"';#access_log  logs/access.log  main;sendfile        on;#tcp_nopush     on;#keepalive_timeout  0;keepalive_timeout  65;#underscores_in_headers on;#gzip  on;server {listen 9015;server_name  localhost;# 主路径代理(如/doc)location / {if ($request_method = 'OPTIONS') { return 200;}# 传递原始请求头中的Authorization(Token)proxy_set_header Authorization $http_authorization;proxy_pass http://192.168.10.250:8080/examsystem/;proxy_set_header Host $host;proxy_set_header X-Real-IP $remote_addr;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;#proxy_set_header X-Forwarded-Proto $scheme;proxy_set_header Authorization $http_authorization;# 重写JS/CSS路径(关键配置)#sub_filter '/js/' '/doc/js/';#sub_filter '/css/' '/doc/css/';#sub_filter_once off;}# 不需要Token的接口(如登录接口)location ^~ /examsystem/itjavatemptable/itjavaTempTable {  # 假设登录接口路径为/examsystem/loginproxy_pass http://192.168.10.250:8080;proxy_set_header Host $host;proxy_set_header X-Real-IP $remote_addr;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;# 不传递Authorization头proxy_set_header Authorization "";}# 关键配置:重写webjars路径,静态资源处理location ^~ /webjars/ {rewrite ^/webjars/(.*)$ /examsystem/webjars/$1 break;proxy_pass http://192.168.10.250:8080;proxy_set_header Host $host;proxy_set_header X-Real-IP $remote_addr;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;proxy_set_header X-Forwarded-Proto $scheme;}# 静态资源代理(关键配置)#location /webjars/js/ {#    alias http://192.168.10.250:8080/examsystem/webjars/js/;  # 替换为后端实际路径# 或使用root(需注意路径拼接)# root /path/to/backend/examsystem/;#}#location /webjars/css/ {#    alias http://192.168.10.250:8080/examsystem/webjars/css/;#}	# 处理/examsystem/路径下的所有静态资源#location /examsystem/ {#    proxy_pass http://192.168.10.250:8080/examsystem/;#    proxy_set_header Host $host;#    proxy_set_header X-Real-IP $remote_addr;#    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;#    proxy_set_header X-Forwarded-Proto $scheme;#}# 可选:单独处理常见静态资源后缀location ~* \.(css|js|png|jpg|jpeg|gif|ico|woff|woff2|ttf|eot|svg)$ {proxy_pass http://192.168.10.250:8080;proxy_set_header Host $host;proxy_set_header X-Real-IP $remote_addr;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;proxy_set_header X-Forwarded-Proto $scheme;}# 缓存静态资源(可选,提高性能)expires 7d;add_header Cache-Control "public";#charset koi8-r;#access_log  logs/host.access.log  main;#location / {#    root   html;#    index  index.html index.htm;#}#error_page  404              /404.html;# redirect server error pages to the static page /50x.html##error_page   500 502 503 504  /50x.html;#location = /50x.html {#    root   html;#}# proxy the PHP scripts to Apache listening on 127.0.0.1:80##location ~ \.php$ {#    proxy_pass   http://127.0.0.1;#}# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000##location ~ \.php$ {#    root           html;#    fastcgi_pass   127.0.0.1:9000;#    fastcgi_index  index.php;#    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;#    include        fastcgi_params;#}# deny access to .htaccess files, if Apache's document root# concurs with nginx's one##location ~ /\.ht {#    deny  all;#}}# another virtual host using mix of IP-, name-, and port-based configuration##server {#    listen       8000;#    listen       somename:8080;#    server_name  somename  alias  another.alias;#    location / {#        root   html;#        index  index.html index.htm;#    }#}# HTTPS server##server {#    listen       443 ssl;#    server_name  localhost;#    ssl_certificate      cert.pem;#    ssl_certificate_key  cert.key;#    ssl_session_cache    shared:SSL:1m;#    ssl_session_timeout  5m;#    ssl_ciphers  HIGH:!aNULL:!MD5;#    ssl_prefer_server_ciphers  on;#    location / {#        root   html;#        index  index.html index.htm;#    }#}}

上面的nginx配置实现了nginx反向代理后端服务器接口及实现指定接口不进行token验证的方法。本配置还代理了后端服务器的Mysql服务。