Merge remote-tracking branch 'origin/master'

src/main/java/com/aida/gateway/filter/LogoutBlacklistWebFilter.java

@@ -32,16 +32,25 @@ public class LogoutBlacklistWebFilter implements WebFilter {
 
     @Override
     public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) {
-        // 仅处理 /internal/logout 路径
-        if (!exchange.getRequest().getURI().getPath().equals("/internal/logout")) {
-            return chain.filter(exchange);
+        String path = exchange.getRequest().getURI().getPath();
+
+        // /internal/logout    → 拉黑用户
+        // /internal/clear-blacklist → 清除黑名单
+        if ("/internal/logout".equals(path)) {
+            return handleLogout(exchange, chain);
+        }
+        if ("/internal/clear-blacklist".equals(path)) {
+            return handleClearBlacklist(exchange, chain);
         }
 
+        return chain.filter(exchange);
+    }
+
+    private Mono<Void> handleLogout(ServerWebExchange exchange, WebFilterChain chain) {
         if (!"POST".equalsIgnoreCase(exchange.getRequest().getMethod().name())) {
             return chain.filter(exchange);
         }
 
-        // 优先从请求头读取 X-User-Id，其次从 query param 读取 userId（兼容不同客户端调用方式）
         String userId = exchange.getRequest().getHeaders().getFirst(AuthConstants.USER_ID_HEADER);
         if (userId == null || userId.isBlank()) {
             userId = exchange.getRequest().getQueryParams().getFirst("userId");
@@ -51,8 +60,6 @@ public class LogoutBlacklistWebFilter implements WebFilter {
         }
 
         String blacklistKey = AuthConstants.BLACKLIST_PREFIX + userId;
-
-        // 黑名单 TTL 设为 7 天（与 JWT 有效期保持一致）
         String finalUserId = userId;
         return redisTemplate.opsForValue()
                 .set(blacklistKey, "1")
@@ -65,6 +72,30 @@ public class LogoutBlacklistWebFilter implements WebFilter {
                 });
     }
 
+    private Mono<Void> handleClearBlacklist(ServerWebExchange exchange, WebFilterChain chain) {
+        if (!"POST".equalsIgnoreCase(exchange.getRequest().getMethod().name())) {
+            return chain.filter(exchange);
+        }
+
+        String userId = exchange.getRequest().getHeaders().getFirst(AuthConstants.USER_ID_HEADER);
+        if (userId == null || userId.isBlank()) {
+            userId = exchange.getRequest().getQueryParams().getFirst("userId");
+        }
+        if (userId == null || userId.isBlank()) {
+            return writeResponse(exchange, HttpStatus.BAD_REQUEST, "{\"code\":400,\"message\":\"userId required\"}");
+        }
+
+        String blacklistKey = AuthConstants.BLACKLIST_PREFIX + userId;
+        String finalUserId = userId;
+        return redisTemplate.delete(blacklistKey)
+                .then(writeResponse(exchange, HttpStatus.OK, "{\"code\":200,\"message\":\"ok\"}"))
+                .onErrorResume(e -> {
+                    log.error("Failed to clear blacklist, userId={}", finalUserId, e);
+                    return writeResponse(exchange, HttpStatus.INTERNAL_SERVER_ERROR,
+                            "{\"code\":500,\"message\":\"internal error\"}");
+                });
+    }
+
     private Mono<Void> writeResponse(ServerWebExchange exchange, HttpStatus status, String body) {
         exchange.getResponse().setStatusCode(status);
         exchange.getResponse().getHeaders().setContentType(MediaType.APPLICATION_JSON);