fix(security): 统一异常处理响应格式并完善拦截器配置

- 将全局异常处理器中的返回类型从 GenericResponse 统一为 RetObj
- 更新登录、权限、角色异常的错误消息为中文提示
- 在拦截器配置中添加 swagger-ui 相关路径的排除规则
- 将拦截器中的 postHandle 方法改为 afterCompletion 以确保请求结束后清理 ThreadLocal
- 修复 StpInterfaceImpl 中的类型转换问题，确保用户ID正确转换为Long类型

src/main/java/cn/xf/basedemo/common/exception/GlobalExceptionHandler.java

@@ -30,10 +30,10 @@ public class GlobalExceptionHandler {
      */
     @ExceptionHandler(cn.dev33.satoken.exception.NotLoginException.class)
     @ResponseStatus(HttpStatus.UNAUTHORIZED)
-    public GenericResponse<Void> handleNotLoginException(cn.dev33.satoken.exception.NotLoginException e,
+    public RetObj<Void> handleNotLoginException(cn.dev33.satoken.exception.NotLoginException e,
             HttpServletRequest request) {
-        log.warn("Not logged in [URL:{}]: {}", request.getRequestURI(), e.getMessage());
-        return new GenericResponse<>(401, null, "Please login first");
+        log.warn("未登录或 Token 失效 [URL:{}]: {}", request.getRequestURI(), e.getMessage());
+        return new RetObj<>(SystemStatus.UNAUTHORIZED.getCode(), "未登录或登录已过期");
     }
 
     /**
@@ -41,10 +41,10 @@ public class GlobalExceptionHandler {
      */
     @ExceptionHandler(cn.dev33.satoken.exception.NotPermissionException.class)
     @ResponseStatus(HttpStatus.FORBIDDEN)
-    public GenericResponse<Void> handleNotPermissionException(cn.dev33.satoken.exception.NotPermissionException e,
+    public RetObj<Void> handleNotPermissionException(cn.dev33.satoken.exception.NotPermissionException e,
             HttpServletRequest request) {
-        log.warn("No permission [URL:{}]: {}", request.getRequestURI(), e.getMessage());
-        return new GenericResponse<>(403, null, "No permission to access this resource");
+        log.warn("无权限访问 [URL:{}]: {}", request.getRequestURI(), e.getMessage());
+        return new RetObj<>(SystemStatus.FORBIDDEN.getCode(), "没有访问该资源的权限");
     }
 
     /**
@@ -52,10 +52,10 @@ public class GlobalExceptionHandler {
      */
     @ExceptionHandler(cn.dev33.satoken.exception.NotRoleException.class)
     @ResponseStatus(HttpStatus.FORBIDDEN)
-    public GenericResponse<Void> handleNotRoleException(cn.dev33.satoken.exception.NotRoleException e,
+    public RetObj<Void> handleNotRoleException(cn.dev33.satoken.exception.NotRoleException e,
             HttpServletRequest request) {
-        log.warn("No role [URL:{}]: {}", request.getRequestURI(), e.getMessage());
-        return new GenericResponse<>(403, null, "Insufficient role privileges");
+        log.warn("角色不足 [URL:{}]: {}", request.getRequestURI(), e.getMessage());
+        return new RetObj<>(SystemStatus.FORBIDDEN.getCode(), "角色权限不足");
     }
 
     /**

src/main/java/cn/xf/basedemo/interceptor/InterceptorConfig.java

@@ -27,7 +27,9 @@ public class InterceptorConfig implements WebMvcConfigurer {
             "/swagger-resources/**",
             "/webjars/**",
             "/v3/**",
-            "/doc.html"
+            "/doc.html",
+            "/swagger-ui.html",
+            "/swagger-ui/**"
     };
 
     @Override

src/main/java/cn/xf/basedemo/interceptor/SaTokenContextInterceptor.java

@@ -33,8 +33,8 @@ public class SaTokenContextInterceptor implements HandlerInterceptor {
     }
 
     @Override
-    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler,
-            ModelAndView modelAndView) throws Exception {
+    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex)
+            throws Exception {
         // 请求结束后清理 ThreadLocal，防止内存泄漏
         SessionContext.getInstance().clear();
     }

src/main/java/cn/xf/basedemo/interceptor/StpInterfaceImpl.java

@@ -35,6 +35,7 @@ public class StpInterfaceImpl implements StpInterface {
 	@Override
 	public List<String> getRoleList(Object userId, String s) {
 		// 获取用户角色数据
-		return sysRoleMapper.getRoleListByUserId((Long) userId);
+		Long uId = Long.valueOf(userId.toString());
+		return sysRoleMapper.getRoleListByUserId(uId);
 	}
 }