ebike-plus/ebike-gateway/src/main/java/com/cdzy/gateway/config/SaTokenConfigure.java

package com.cdzy.gateway.config;

import cn.dev33.satoken.reactor.filter.SaReactorFilter;
import cn.dev33.satoken.router.SaRouter;
import cn.dev33.satoken.stp.StpUtil;
import com.cdzy.gateway.component.AuthProperties;
import jakarta.annotation.Resource;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.List;

/**
 * @author attiya
 * @since 2025-03-18
 */
@Configuration
public class SaTokenConfigure {

    @Value("${sa-token.is-check}")
    private Boolean isCheck;

    @Resource
    private AuthProperties authProperties;

    @Bean
    public SaReactorFilter getSaReactorFilter() {
        return new SaReactorFilter()
                // 拦截所有请求
                .addInclude("/**")
                .setAuth(obj -> {
                    if (!Boolean.TRUE.equals(isCheck)) {
                        return; // 如果不开启校验，直接跳过
                    }

                    // 1. 放行不需要鉴权的路径
                    SaRouter.match("/user/doLogin").free(r -> {});
                    SaRouter.match("/staff/ebikeOperatorStaff/login").free(r -> {});
                    SaRouter.match("/payment/ebikeOrder/api/**").free(r -> {});
                    SaRouter.match("/payment/wxPayment/api/**").free(r -> {});
                    SaRouter.match("/operations/ebikeBikeInfo/api/**").free(r -> {});

                    // 2. 对 配置文件中需要鉴权的特定路径进行校验
                    List<String> requiredPaths = authProperties.getRequiredPaths();
                    if (requiredPaths != null && !requiredPaths.isEmpty()) {
                        for (String path : requiredPaths) {
                            SaRouter.match(path).check(r -> StpUtil.checkLogin());
                        }
                    }

                    // 3. 其他所有路径统一鉴权 (必须放在最后，避免覆盖前面的规则)
                    SaRouter.match("/**")
                            .notMatch("/user/doLogin")
                            .notMatch("/staff/ebikeOperatorStaff/login")
                            .notMatch("/payment/ebikeOrder/api/**")
                            .notMatch("/payment/wxPayment/api/**")
                            .notMatch("/operations/ebikeBikeInfo/api/**")
                            // 排除所有 user 下的路径，只有 requiredPaths 才鉴权
                            .notMatch("/user/**")
                            .check(r -> StpUtil.checkLogin());
                });
    }
}
初始化项目：核心通信、加密网关、员工服务 2025-08-09 01:37:25 +08:00			`package com.cdzy.gateway.config;`

			`import cn.dev33.satoken.reactor.filter.SaReactorFilter;`
			`import cn.dev33.satoken.router.SaRouter;`
			`import cn.dev33.satoken.stp.StpUtil;`
用户路径拦截 2026-02-10 16:39:59 +08:00			`import com.cdzy.gateway.component.AuthProperties;`
			`import jakarta.annotation.Resource;`
初始化项目：核心通信、加密网关、员工服务 2025-08-09 01:37:25 +08:00			`import org.springframework.beans.factory.annotation.Value;`
			`import org.springframework.context.annotation.Bean;`
			`import org.springframework.context.annotation.Configuration;`

用户路径拦截 2026-02-10 16:39:59 +08:00			`import java.util.List;`

初始化项目：核心通信、加密网关、员工服务 2025-08-09 01:37:25 +08:00			`/**`
			`* @author attiya`
			`* @since 2025-03-18`
			`*/`
			`@Configuration`
			`public class SaTokenConfigure {`

			`@Value("${sa-token.is-check}")`
			`private Boolean isCheck;`

用户路径拦截 2026-02-10 16:39:59 +08:00			`@Resource`
			`private AuthProperties authProperties;`

初始化项目：核心通信、加密网关、员工服务 2025-08-09 01:37:25 +08:00			`@Bean`
			`public SaReactorFilter getSaReactorFilter() {`
			`return new SaReactorFilter()`
用户路径拦截 2026-02-10 16:39:59 +08:00			`// 拦截所有请求`
			`.addInclude("/**")`
初始化项目：核心通信、加密网关、员工服务 2025-08-09 01:37:25 +08:00			`.setAuth(obj -> {`
用户路径拦截 2026-02-10 16:39:59 +08:00			`if (!Boolean.TRUE.equals(isCheck)) {`
			`return; // 如果不开启校验，直接跳过`
初始化项目：核心通信、加密网关、员工服务 2025-08-09 01:37:25 +08:00			`}`
用户路径拦截 2026-02-10 16:39:59 +08:00
			`// 1. 放行不需要鉴权的路径`
			`SaRouter.match("/user/doLogin").free(r -> {});`
			`SaRouter.match("/staff/ebikeOperatorStaff/login").free(r -> {});`
			`SaRouter.match("/payment/ebikeOrder/api/**").free(r -> {});`
			`SaRouter.match("/payment/wxPayment/api/**").free(r -> {});`
			`SaRouter.match("/operations/ebikeBikeInfo/api/**").free(r -> {});`

			`// 2. 对配置文件中需要鉴权的特定路径进行校验`
			`List<String> requiredPaths = authProperties.getRequiredPaths();`
			`if (requiredPaths != null && !requiredPaths.isEmpty()) {`
			`for (String path : requiredPaths) {`
			`SaRouter.match(path).check(r -> StpUtil.checkLogin());`
			`}`
			`}`

			`// 3. 其他所有路径统一鉴权 (必须放在最后，避免覆盖前面的规则)`
			`SaRouter.match("/**")`
			`.notMatch("/user/doLogin")`
			`.notMatch("/staff/ebikeOperatorStaff/login")`
			`.notMatch("/payment/ebikeOrder/api/**")`
			`.notMatch("/payment/wxPayment/api/**")`
			`.notMatch("/operations/ebikeBikeInfo/api/**")`
			`// 排除所有 user 下的路径，只有 requiredPaths 才鉴权`
			`.notMatch("/user/**")`
			`.check(r -> StpUtil.checkLogin());`
未登陆异常处理 2025-09-10 17:31:51 +08:00			`});`
初始化项目：核心通信、加密网关、员工服务 2025-08-09 01:37:25 +08:00			`}`
用户路径拦截 2026-02-10 16:39:59 +08:00			`}`