优化配置

src/main/java/cn/xf/basedemo/config/SaTokenConfigure.java

@@ -1,31 +0,0 @@
-package cn.xf.basedemo.config;
-
-import cn.dev33.satoken.interceptor.SaInterceptor;
-import cn.xf.basedemo.interceptor.SaTokenContextInterceptor;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
-import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
-
-/**
- * @Description: sa token拦截器注册类
- * @ClassName: SaTokenConfigure
- * @Author: xiongfeng
- * @Date: 2025/8/24 20:30
- * @Version: 1.0
- */
-@Configuration
-public class SaTokenConfigure implements WebMvcConfigurer {
-
-	@Autowired
-	private SaTokenContextInterceptor saTokenContextInterceptor;
-
-	// 注册 Sa-Token 拦截器，打开注解式鉴权功能
-	@Override
-	public void addInterceptors(InterceptorRegistry registry) {
-		// 注册 Sa-Token 拦截器，打开注解式鉴权功能
-		registry.addInterceptor(new SaInterceptor()).addPathPatterns("/**");
-		// 注册上下文注入拦截器，兼容旧业务代码
-		registry.addInterceptor(saTokenContextInterceptor).addPathPatterns("/**");
-	}
-}

src/main/java/cn/xf/basedemo/interceptor/InterceptorConfig.java

@@ -1,6 +1,7 @@
 package cn.xf.basedemo.interceptor;
 
 import cn.dev33.satoken.interceptor.SaInterceptor;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
 import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
@@ -16,25 +17,32 @@ import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 @Configuration
 public class InterceptorConfig implements WebMvcConfigurer {
 
-    @org.springframework.beans.factory.annotation.Autowired
+    @Autowired
     private SaTokenContextInterceptor saTokenContextInterceptor;
 
+    // 统一配置排除路径，避免重复书写
+    private static final String[] EXCLUDE_PATHS = {
+            "/user/login",
+            "/web/**",
+            "/swagger-resources/**",
+            "/webjars/**",
+            "/v3/**",
+            "/doc.html"
+    };
+
     @Override
     public void addInterceptors(InterceptorRegistry registry) {
-        // 注册 Sa-Token 拦截器，定义详细认证规则
+        // 1. 注册 Sa-Token 拦截器 (负责鉴权)
         registry.addInterceptor(new SaInterceptor(handler -> {
-            // 指定一条 match 规则
             cn.dev33.satoken.stp.StpUtil.checkLogin();
         }))
                 .addPathPatterns("/**")
-                .excludePathPatterns("/user/login", "/web/**", "/swagger-resources/**", "/webjars/**", "/v3/**",
-                        "/doc.html");
+                .excludePathPatterns(EXCLUDE_PATHS);
 
-        // 注册 Context 拦截器，用于注入 SessionContext
+        // 2. 注册 Context 拦截器 (负责注入ThreadLocal，兼容旧代码)
         registry.addInterceptor(saTokenContextInterceptor)
                 .addPathPatterns("/**")
-                .excludePathPatterns("/user/login", "/web/**", "/swagger-resources/**", "/webjars/**", "/v3/**",
-                        "/doc.html");
+                .excludePathPatterns(EXCLUDE_PATHS);
     }
 
     /**

src/main/java/cn/xf/basedemo/interceptor/TokenInterceptor.java

@@ -1,82 +0,0 @@
-package cn.xf.basedemo.interceptor;
-
-import cn.xf.basedemo.common.exception.LoginException;
-import cn.xf.basedemo.common.exception.ResponseCode;
-import cn.xf.basedemo.common.model.LoginUser;
-import cn.xf.basedemo.common.utils.ApplicationContextUtils;
-import com.alibaba.fastjson.JSONObject;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.data.redis.core.RedisTemplate;
-import org.springframework.stereotype.Component;
-import org.springframework.util.StringUtils;
-import org.springframework.web.servlet.HandlerInterceptor;
-
-import java.util.Arrays;
-import java.util.List;
-import java.util.concurrent.TimeUnit;
-
-/**
- * @program: spring-boot-base-demo
- * @ClassName TokenInterceptor
- * @description:
- * @author: xiongfeng
- * @create: 2022-06-16 14:17
- **/
-@Component
-public class TokenInterceptor implements HandlerInterceptor {
-
-    @Autowired
-    private RedisTemplate redisTemplate;
-
-
-    //不拦截的请求列表
-    private static final List<String> EXCLUDE_PATH_LIST = Arrays.asList("/user/login", "/web/login","/swagger-ui.html","/v3/api-docs","/swagger-ui/index.html");
-
-    @Override
-    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
-
-        String requestURI = request.getRequestURI();
-        if (EXCLUDE_PATH_LIST.contains(requestURI) ||
-                requestURI.contains("/swagger-ui") ||
-                requestURI.contains("/v3/api-docs")) {
-            return true;
-        }
-        //登录处理
-        String token = request.getHeader("Authorization");
-        if (StringUtils.isEmpty(token))
-            token = request.getParameter("token");
-        if (StringUtils.isEmpty(token)) {
-            throw new LoginException("请先登录");
-        }else {
-            //验证token
-            if (!token.startsWith("Bearer ")) {
-                throw new LoginException(ResponseCode.USER_INPUT_ERROR);
-            }
-            token = token.substring(7);
-        }
-        String value = (String) redisTemplate.opsForValue().get("token:" + token);
-        if (StringUtils.isEmpty(value)) {
-            throw new LoginException();
-        }
-        JSONObject jsonObject = JSONObject.parseObject(value);
-        //JSON对象转换成Java对象
-        LoginUser loginUserInfo = JSONObject.toJavaObject(jsonObject, LoginUser.class);
-        if (loginUserInfo == null || loginUserInfo.getId() <= 0) {
-            throw new LoginException(ResponseCode.USER_INPUT_ERROR);
-        }
-        redisTemplate.expire(token, 86700, TimeUnit.SECONDS);
-
-        //用户信息设置到上下文
-        SessionContext.getInstance().set(loginUserInfo);
-        return HandlerInterceptor.super.preHandle(request, response, handler);
-    }
-
-
-    @Override
-    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
-        HandlerInterceptor.super.afterCompletion(request, response, handler, ex);
-        SessionContext.getInstance().clear();
-    }
-}

src/main/resources/application.yml

@@ -23,27 +23,5 @@ spring:
   config:
     import:
       - nacos:${spring.application.name}-${spring.profiles.active}.${spring.cloud.nacos.config.file-extension}
-
-# Sa-Token Configuration
-sa-token: 
-  # token name (frontend needs to use this name, e.g., Authorization: Bearer xxxx, or just satoken: xxxx)
-  token-name: Authorization
-  # token validity period (seconds), -1 means never expire
-  timeout: 2592000 
-  # token temporary validity (seconds), -1 means never expire
-  activity-timeout: -1 
-  # allow concurrent login
-  is-concurrent: true 
-  # share token api
-  is-share: true 
-  # token style
-  token-style: uuid
-  # log
-  is-log: false
-  # read from cookie
-  is-read-cookie: false
-  # read from header
-  is-read-header: true
-  # read from body
-  is-read-body: false
+      - nacos:sa-token-config.yml
 

src/main/resources/sa-token-config.yml

@@ -0,0 +1,22 @@
+# Sa-Token Configuration
+sa-token:
+  # token name (frontend needs to use this name, e.g., Authorization: Bearer xxxx, or just satoken: xxxx)
+  token-name: Authorization
+  # token validity period (seconds), -1 means never expire
+  timeout: 2592000
+  # token temporary validity (seconds), -1 means never expire
+  activity-timeout: -1
+  # allow concurrent login
+  is-concurrent: true
+  # share token api
+  is-share: true
+  # token style
+  token-style: uuid
+  # log
+  is-log: false
+  # read from cookie
+  is-read-cookie: false
+  # read from header
+  is-read-header: true
+  # read from body
+  is-read-body: false