feat:网关

2026-03-19 22:37:22 +08:00
parent 3e4a903554
commit 3aa39d37ce
3 changed files with 35 additions and 53 deletions
--- a/xs-service/src/main/java/com/xiang/xservice/gateway/service/config/GatewaySecurityConfig.java
+++ b/xs-service/src/main/java/com/xiang/xservice/gateway/service/config/GatewaySecurityConfig.java
@@ -1,24 +1,24 @@
-package com.xiang.xservice.gateway.service.config;
-
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
-import org.springframework.security.config.web.server.ServerHttpSecurity;
-import org.springframework.security.web.server.SecurityWebFilterChain;
-
-@Configuration
-@EnableWebFluxSecurity
-public class GatewaySecurityConfig {
-
-    @Bean
-    public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
-        http
-                .authorizeExchange(exchanges -> exchanges
-                        // ✅ 网关全放行
-                        .anyExchange().permitAll()
-                )
-                .csrf(ServerHttpSecurity.CsrfSpec::disable); // 禁用 CSRF
-
-        return http.build();
-    }
-}
+//package com.xiang.xservice.gateway.service.config;
+//
+//import org.springframework.context.annotation.Bean;
+//import org.springframework.context.annotation.Configuration;
+//import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
+//import org.springframework.security.config.web.server.ServerHttpSecurity;
+//import org.springframework.security.web.server.SecurityWebFilterChain;
+//
+//@Configuration
+//@EnableWebFluxSecurity
+//public class GatewaySecurityConfig {
+//
+//    @Bean
+//    public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
+//        http
+//                .authorizeExchange(exchanges -> exchanges
+//                        // ✅ 网关全放行
+//                        .anyExchange().permitAll()
+//                )
+//                .csrf(ServerHttpSecurity.CsrfSpec::disable); // 禁用 CSRF
+//
+//        return http.build();
+//    }
+//}
--- a/xs-service/src/main/java/com/xiang/xservice/gateway/service/core/AuthGlobalFilter.java
+++ b/xs-service/src/main/java/com/xiang/xservice/gateway/service/core/AuthGlobalFilter.java
@@ -1,8 +1,6 @@
 package com.xiang.xservice.gateway.service.core;

-import com.xiang.xservice.security.utils.TokenUtils;
 import lombok.extern.slf4j.Slf4j;
-import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.cloud.gateway.filter.GatewayFilterChain;
 import org.springframework.cloud.gateway.filter.GlobalFilter;
 import org.springframework.core.Ordered;
@@ -17,9 +15,6 @@ import reactor.core.publisher.Mono;
@Component
 public class AuthGlobalFilter implements GlobalFilter, Ordered {

-    @Autowired
-    private TokenUtils tokenUtils;
-
    @Override
    public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
        ServerHttpRequest request = exchange.getRequest();
@@ -39,18 +34,6 @@ public class AuthGlobalFilter implements GlobalFilter, Ordered {
            return exchange.getResponse().setComplete();
        }

-//        try {
-//            if (!tokenUtils.validateToken(token)) {
-//                log.warn("❌ Token 校验失败: {}", token);
-//                exchange.getResponse().setStatusCode(HttpStatus.UNAUTHORIZED);
-//                return exchange.getResponse().setComplete();
-//            }
-//        } catch (Exception e) {
-//            log.error("❌ Token 校验异常", e);
-//            exchange.getResponse().setStatusCode(HttpStatus.UNAUTHORIZED);
-//            return exchange.getResponse().setComplete();
-//        }
-
        log.info("✅ Token 校验通过: {}", token);
        return chain.filter(exchange);
    }