feat(config): 统一Sa-Token配置并优化Bean定义覆盖策略

- 在网关模块启用allow-bean-definition-overriding解决redisTemplate冲突 - 移除auth模块中的Sa-Token本地配置 - 将Sa-Token配置统一迁移至common-core模块 - 新增common-satoken模块支持外部化配置 - 网关模块引入wol-common-redis依赖 - 修复SaTokenExceptionHandler中认证失败提示文案错误
2025-10-27 11:32:09 +08:00
parent 406f20f7cb
commit 08accdfdd4
6 changed files with 27 additions and 17 deletions
--- a/agileboot-common/wol-common-core/src/main/resources/base.yml
+++ b/agileboot-common/wol-common-core/src/main/resources/base.yml
@@ -16,6 +16,12 @@ wol:
      password: ${NACOS_PASSWORD:nacos}
      namespace: ${NACOS_NAMESPACE:public}
      group: ${NACOS_GROUP:DEFAULT_GROUP}
+  satoken:
+    tokenName: ${SATOKEN_TOKENNAME:Authorization}
+    isConcurrent: ${SATOKEN_ISCONCURRENT:true}
+    isShare: ${SATOKEN_ISSHARE:true}
+    isLog: ${SATOKEN_ISLOG:true}
+    jwtSecretKey: ${SATOKEN_JWTSECRETKEY:abcdefghijklmnopqrstuvwxyz}
 jasypt:
  encryptor:
    password: ${JASYPT_ENCRYPTOR_PASSWORD:}
--- a/agileboot-common/wol-common-satoken/src/main/java/com/agileboot/common/satoken/handler/SaTokenExceptionHandler.java
+++ b/agileboot-common/wol-common-satoken/src/main/java/com/agileboot/common/satoken/handler/SaTokenExceptionHandler.java
@@ -46,7 +46,7 @@ public class SaTokenExceptionHandler {
    public R<Void> handleNotLoginException(NotLoginException e, HttpServletRequest request) {
        String requestURI = request.getRequestURI();
        log.error("请求地址'{}',认证失败'{}',无法访问系统资源", requestURI, e.getMessage());
-        return R.fail(HttpStatus.HTTP_UNAUTHORIZED, "2认证失败，无法访问系统资源");
+        return R.fail(HttpStatus.HTTP_UNAUTHORIZED, "认证失败，无法访问系统资源");
    }

 }
--- a/agileboot-common/wol-common-satoken/src/main/resources/common-satoken.yml
+++ b/agileboot-common/wol-common-satoken/src/main/resources/common-satoken.yml
@@ -13,3 +13,14 @@ sa-token:
  check-same-token: false
  # token前缀
  token-prefix: "Bearer"
+
+  # token名称 (同时也是cookie名称)
+  token-name: ${wol.satoken.tokenName}
+  # 是否允许同一账号并发登录 (为true时允许一起登录, 为false时新登录挤掉旧登录)
+  is-concurrent: ${wol.satoken.isConcurrent}
+  # 在多人登录同一账号时，是否共用一个token (为true时所有登录共用一个token, 为false时每次登录新建一个token)
+  is-share: ${wol.satoken.isShare}
+  # 是否输出操作日志
+  is-log: ${wol.satoken.isLog}
+  # jwt秘钥
+  jwt-secret-key: ${wol.satoken.jwtSecretKey}
--- a/wol-auth/src/main/resources/application-dev.yml
+++ b/wol-auth/src/main/resources/application-dev.yml
@@ -27,18 +27,3 @@
 #    acquire-timeout: 3000
 #    # 分布式锁的超时时间，默认为 30 秒
 #    expire: 30000
-
-# Sa-Token配置
-sa-token:
-    # token名称 (同时也是cookie名称)
-    token-name: Authorization
-    # 开启内网服务调用鉴权(不允许越过gateway访问内网服务 保障服务安全)
-    check-same-token: false
-    # 是否允许同一账号并发登录 (为true时允许一起登录, 为false时新登录挤掉旧登录)
-    is-concurrent: true
-    # 在多人登录同一账号时，是否共用一个token (为true时所有登录共用一个token, 为false时每次登录新建一个token)
-    is-share: true
-    # 是否输出操作日志
-    is-log: true
-    # jwt秘钥
-    jwt-secret-key: abcdefghijklmnopqrstuvwxyz
--- a/wol-gateway/pom.xml
+++ b/wol-gateway/pom.xml
@@ -21,7 +21,10 @@
            <groupId>com.agileboot</groupId>
            <artifactId>wol-common-nacos</artifactId>
        </dependency>
-
+        <dependency>
+            <groupId>com.agileboot</groupId>
+            <artifactId>wol-common-redis</artifactId>
+        </dependency>
        <dependency>
            <groupId>com.agileboot</groupId>
            <artifactId>wol-common-satoken</artifactId>
--- a/wol-gateway/src/main/resources/application.yml
+++ b/wol-gateway/src/main/resources/application.yml
@@ -11,6 +11,11 @@ spring:
    import: classpath:base.yml,classpath:nacos.yml
  profiles:
    active: dev
+  main:
+    # 允许Bean定义覆盖，解决redisTemplate冲突
+    # 响应式环境（Gateway）：Redisson 的 Bean 和自定义 Bean 同时加载，产生冲突
+    # 在 WebFlux（Gateway）和 Servlet（Auth）环境中，自动配置的策略不同
+    allow-bean-definition-overriding: true
 #logging:
 #  level:
 #    com.alibaba.cloud.nacos: DEBUG