refactor(auth/satoken): 支持更灵活的动态化路由拦截鉴权

因为 lambda 表达式之外的代码只会在启动时执行一次，所以 excludePaths() 方法是无法做到动态化读取的，若要在项目运行时动态读写，必须把调用 excludePaths() 的时机放在 lambda 里。
2025-09-08 16:57:09 +08:00 · 2024-01-31 20:40:11 +08:00
parent 0eb6afabb6
commit 31f29db19d
1 changed files with 4 additions and 3 deletions
--- a/continew-starter-auth/continew-starter-auth-satoken/src/main/java/top/charles7c/continew/starter/auth/satoken/autoconfigure/SaTokenAutoConfiguration.java
+++ b/continew-starter-auth/continew-starter-auth-satoken/src/main/java/top/charles7c/continew/starter/auth/satoken/autoconfigure/SaTokenAutoConfiguration.java
@@ -18,6 +18,7 @@ package top.charles7c.continew.starter.auth.satoken.autoconfigure;

 import cn.dev33.satoken.interceptor.SaInterceptor;
 import cn.dev33.satoken.jwt.StpLogicJwtForSimple;
+import cn.dev33.satoken.router.SaRouter;
 import cn.dev33.satoken.stp.StpInterface;
 import cn.dev33.satoken.stp.StpLogic;
 import cn.dev33.satoken.stp.StpUtil;
@@ -59,9 +60,9 @@ public class SaTokenAutoConfiguration implements WebMvcConfigurer {
    @Override
    public void addInterceptors(InterceptorRegistry registry) {
        // 注册 Sa-Token 拦截器，校验规则为 StpUtil.checkLogin() 登录校验
-        registry.addInterceptor(new SaInterceptor(handle -> StpUtil.checkLogin()))
-            .addPathPatterns(StringConstants.PATH_PATTERN)
-            .excludePathPatterns(properties.getSecurity().getExcludes());
+        registry.addInterceptor(new SaInterceptor(handle -> SaRouter.match(StringConstants.PATH_PATTERN)
+            .notMatch(properties.getSecurity().getExcludes())
+            .check(r -> StpUtil.checkLogin()))).addPathPatterns(StringConstants.PATH_PATTERN);
    }

    /**