ayi/xiaoyishu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

网关整合Sa-Token鉴权

Browse Source
This commit is contained in:
刑加一
2026-02-02 17:27:09 +08:00
parent da56185960
commit 660a8430f1
6 changed files with 155 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
pom.xml
+5
View File
@@ -146,6 +146,11 @@
<groupId>cn.dev33</groupId> <groupId>cn.dev33</groupId>
<artifactId>sa-token-spring-boot3-starter</artifactId> <artifactId>sa-token-spring-boot3-starter</artifactId>
<version>${sa-token.version}</version> <version>${sa-token.version}</version>
</dependency>
<dependency>
<groupId>cn.dev33</groupId>
<artifactId>sa-token-reactor-spring-boot3-starter</artifactId>
<version>${sa-token.version}</version>
</dependency> </dependency>
<!-- Sa-Token 整合 Redis (使用 jackson 序列化方式) --> <!-- Sa-Token 整合 Redis (使用 jackson 序列化方式) -->
<dependency> <dependency>
xiaoyi-auth/src/main/java/top/crushtj/xiaoyi/auth/controller/UserController.java
+7
View File
@@ -33,5 +33,12 @@ public class UserController {
public Response<String> loginOrRegister(@RequestBody @Validated UserLoginReqVO userLoginReqVO) { public Response<String> loginOrRegister(@RequestBody @Validated UserLoginReqVO userLoginReqVO) {
return userService.loginOrRegister(userLoginReqVO); return userService.loginOrRegister(userLoginReqVO);
} }
@PostMapping("/logout")
@ApiOperationLog(description = "用户登出")
public Response<Void> logout() {
// todo 实现用户登出逻辑
return Response.success();
}
} }
xiaoyi-gateway/pom.xml
+28
View File
@@ -36,6 +36,34 @@
<groupId>org.springframework.cloud</groupId> <groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-loadbalancer</artifactId> <artifactId>spring-cloud-starter-loadbalancer</artifactId>
</dependency> </dependency>
<!-- Sa-Token 权限认证,在线文档:https://sa-token.cc -->
<dependency>
<groupId>cn.dev33</groupId>
<artifactId>sa-token-reactor-spring-boot3-starter</artifactId>
</dependency>
<!-- Sa-Token 整合 Redis (使用 jackson 序列化方式) -->
<dependency>
<groupId>cn.dev33</groupId>
<artifactId>sa-token-redis-jackson</artifactId>
</dependency>
<!-- 提供Redis连接池 -->
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-pool2</artifactId>
</dependency>
<!-- jasypt 加密工具 -->
<dependency>
<groupId>com.github.ulisesbocchio</groupId>
<artifactId>jasypt-spring-boot-starter</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-actuator</artifactId>
</dependency>
</dependencies> </dependencies>
<build> <build>
xiaoyi-gateway/src/main/java/top/crushtj/xiaoyi/gateway/auth/SaTokenConfigure.java
+48
View File
@@ -0,0 +1,48 @@
package top.crushtj.xiaoyi.gateway.auth;
import cn.dev33.satoken.reactor.filter.SaReactorFilter;
import cn.dev33.satoken.router.SaRouter;
import cn.dev33.satoken.stp.StpUtil;
import cn.dev33.satoken.util.SaResult;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
/**
* @author ayi
* @version V1.0
* @title SaTokenConfigure
* @date 2026/2/2 17:16
* @description SaToken配置类
*/
@Configuration
public class SaTokenConfigure {
// 注册 Sa-Token全局过滤器
@Bean
public SaReactorFilter getSaReactorFilter() {
return new SaReactorFilter()
// 拦截地址
.addInclude("/**") /* 拦截全部path */
// 鉴权方法:每次访问进入
.setAuth(obj -> {
// 登录校验
SaRouter.match("/**") // 拦截所有路由
.notMatch("/auth/user/login") // 排除登录接口
.notMatch("/auth/verification/code/send") // 排除验证码发送接口
.check(r -> StpUtil.checkLogin()) // 校验是否登录
;
// 权限认证 -- 不同模块, 校验不同权限
// SaRouter.match("/user/**", r -> StpUtil.checkPermission("user"));
// SaRouter.match("/admin/**", r -> StpUtil.checkPermission("admin"));
// SaRouter.match("/goods/**", r -> StpUtil.checkPermission("goods"));
// SaRouter.match("/orders/**", r -> StpUtil.checkPermission("orders"));
// 更多匹配 ... */
})
// 异常处理方法:每次setAuth函数出现异常时进入
.setError(e -> {
return SaResult.error(e.getMessage());
});
}
}
xiaoyi-gateway/src/main/java/top/crushtj/xiaoyi/gateway/auth/StpInterfaceImpl.java
+27
View File
@@ -0,0 +1,27 @@
package top.crushtj.xiaoyi.gateway.auth;
import cn.dev33.satoken.stp.StpInterface;
import org.springframework.stereotype.Component;
import java.util.List;
/**
* @author ayi
* @version V1.0
* @title StpInterfaceImpl
* @date 2026/2/2 17:14
* @description 自定义权限验证接口
*/
@Component
public class StpInterfaceImpl implements StpInterface {
@Override
public List<String> getPermissionList(Object o, String s) {
return List.of();
}
@Override
public List<String> getRoleList(Object o, String s) {
return List.of();
}
}
xiaoyi-gateway/src/main/resources/application.yml
+40
View File
@@ -10,3 +10,43 @@ spring:
- Path=/auth/** - Path=/auth/**
filters: filters:
- StripPrefix=1 - StripPrefix=1
data:
redis:
database: 0 # Redis 数据库索引(默认为 0)
host: ENC(C1TWXF+/HzWQBF25uXCdy/0fHoRDXdCW72+NKCIJURg4l3IDnJzl278KmFhfsusX) # Redis 服务器地址
port: 6379 # Redis 服务器连接端口
password: ENC(iK/k0IGPflACqYMUwX4N/sGvCVuysYywLcAO+Ikeqk326V8hCr8dgEGzkiEIwWOo) # Redis 服务器连接密码(默认为空)
timeout: 5s # 读超时时间
connect-timeout: 5s # 链接超时时间
lettuce:
pool:
max-active: 200 # 连接池最大连接数
max-wait: -1ms # 连接池最大阻塞等待时间(使用负值表示没有限制)
min-idle: 0 # 连接池中的最小空闲连接
max-idle: 10 # 连接池中的最大空闲连接
############## Sa-Token 配置 ##############
sa-token:
# token 名称(同时也是 cookie 名称)
token-name: satoken
# token 有效期(单位:秒) 默认30天,-1 代表永久有效
timeout: 2592000
# token 最低活跃频率(单位:秒),如果 token 超过此时间没有访问系统就会被冻结,默认-1 代表不限制,永不冻结
active-timeout: -1
# 是否允许同一账号多地同时登录 (为 true 时允许一起登录, 为 false 时新登录挤掉旧登录)
is-concurrent: true
# 在多人登录同一账号时,是否共用一个 token (为 true 时所有登录共用一个 token, 为 false 时每次登录新建一个 token)
is-share: true
# token 风格(默认可取值:uuid、simple-uuid、random-32、random-64、random-128、tik
token-style: uuid
# 是否输出操作日志
is-log: true
jasypt:
encryptor:
password:
algorithm: PBEWithHMACSHA512AndAES_256
key-obtention-iterations: 1000
string-output-type: base64
provider-name: SunJCE
iv-generator-classname: org.jasypt.iv.RandomIvGenerator