feat(auth): replace JWT with Sa-Token, add auth context and interceptor

This commit is contained in:
2026-07-07 14:52:18 +08:00
parent 14c2c3095b
commit f50a3fd0c9
6 changed files with 154 additions and 139 deletions

View File

@@ -57,6 +57,11 @@
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-crypto</artifactId>
</dependency>
<dependency>
<groupId>cn.dev33</groupId>
<artifactId>sa-token-spring-boot3-starter</artifactId>
<version>1.39.0</version>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>

View File

@@ -0,0 +1,34 @@
package com.sino.mci.admin.security;
import cn.dev33.satoken.stp.StpUtil;
import lombok.Data;
import java.util.List;
public class AuthContext {
@Data
public static class AuthUser {
private Long userId;
private String tenantCode;
private String username;
private List<String> roleCodes;
}
public static AuthUser get() {
if (!StpUtil.isLogin()) {
return null;
}
AuthUser user = new AuthUser();
user.setUserId(StpUtil.getLoginIdAsLong());
user.setTenantCode((String) StpUtil.getSession().get("tenantCode"));
user.setUsername((String) StpUtil.getSession().get("username"));
user.setRoleCodes((List<String>) StpUtil.getSession().get("roleCodes"));
return user;
}
public static String currentTenantCode() {
AuthUser user = get();
return user == null ? null : user.getTenantCode();
}
}

View File

@@ -0,0 +1,28 @@
package com.sino.mci.admin.security;
import cn.dev33.satoken.exception.SaTokenException;
import cn.dev33.satoken.stp.StpUtil;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;
@Component
public class AuthInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) {
String path = request.getRequestURI();
if (path.contains("/api/v1/account/login")) {
return true;
}
try {
StpUtil.checkLogin();
} catch (SaTokenException e) {
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
return false;
}
return true;
}
}

View File

@@ -0,0 +1,21 @@
package com.sino.mci.config;
import com.sino.mci.admin.security.AuthInterceptor;
import lombok.RequiredArgsConstructor;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
@Configuration
@RequiredArgsConstructor
public class WebConfig implements WebMvcConfigurer {
private final AuthInterceptor authInterceptor;
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(authInterceptor)
.addPathPatterns("/msg-platform/api/v1/**", "/api/v1/**")
.excludePathPatterns("/msg-platform/api/v1/account/login", "/api/v1/account/login");
}
}

View File

@@ -21,6 +21,16 @@ mybatis-plus:
logic-delete-value: 1
logic-not-delete-value: 0
sa-token:
token-name: Authorization
token-prefix: Bearer
timeout: 86400
active-timeout: -1
is-concurrent: true
is-share: true
token-style: uuid
is-log: false
management:
endpoints:
web: