2026-04-21 14:11:01 +08:00
|
|
|
|
package com.aida.gateway.config;
|
|
|
|
|
|
|
|
|
|
|
|
import lombok.Data;
|
|
|
|
|
|
import org.springframework.boot.context.properties.ConfigurationProperties;
|
|
|
|
|
|
import org.springframework.stereotype.Component;
|
|
|
|
|
|
|
|
|
|
|
|
import java.util.List;
|
|
|
|
|
|
|
|
|
|
|
|
@Data
|
|
|
|
|
|
@Component
|
|
|
|
|
|
@ConfigurationProperties(prefix = "gateway.auth")
|
|
|
|
|
|
public class GatewayAuthProperties {
|
|
|
|
|
|
|
|
|
|
|
|
private String jwtSecret = "JWTSECRET";
|
|
|
|
|
|
|
|
|
|
|
|
private String jwtTokenHeader = "Authorization";
|
|
|
|
|
|
|
|
|
|
|
|
private String jwtTokenPrefix = "Bearer-";
|
|
|
|
|
|
|
|
|
|
|
|
private List<String> ignorePaths;
|
|
|
|
|
|
|
2026-05-11 16:40:45 +08:00
|
|
|
|
/**
|
|
|
|
|
|
* 可选认证路径:token 有则解析并写入下游请求头,无则放行。
|
|
|
|
|
|
* 与 ignorePaths 的区别:ignorePaths 完全跳过认证逻辑;
|
|
|
|
|
|
* optionalAuthPaths 仍然尝试解析 token,有 token 时正常写入 X-User-Id / X-User-Info,
|
|
|
|
|
|
* 无 token 时才放行,确保已登录用户的信息能正确传递。
|
|
|
|
|
|
*/
|
|
|
|
|
|
private List<String> optionalAuthPaths;
|
|
|
|
|
|
|
2026-04-21 14:11:01 +08:00
|
|
|
|
private boolean blacklistEnabled = true;
|
|
|
|
|
|
}
|
