From f7e87fe84cffdf53dfe1e26d24ad119d541fd6d6 Mon Sep 17 00:00:00 2001
From: litianxiang <litianxiangxtt@163.com>
Date: Wed, 22 Apr 2026 15:54:43 +0800
Subject: [PATCH] =?UTF-8?q?=E5=BE=AE=E6=9C=8D=E5=8A=A1=E6=94=B9=E9=80=A0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 pom.xml                                       |  6 ++
 .../gateway/filter/GlobalAuthWebFilter.java   | 17 +++-
 src/main/resources/application.yml            | 80 +++++++++++++++++--
 3 files changed, 93 insertions(+), 10 deletions(-)

diff --git a/pom.xml b/pom.xml
index 02c4096..a676e0b 100644
--- a/pom.xml
+++ b/pom.xml
@@ -106,6 +106,12 @@
             <artifactId>knife4j-gateway-spring-boot-starter</artifactId>
             <version>4.4.0</version>
         </dependency>
+        
+        <dependency>
+            <groupId>com.github.xiaoymin</groupId>
+            <artifactId>knife4j-openapi3-ui</artifactId>
+            <version>4.4.0</version>
+        </dependency>
 
         <!-- Spring Cloud LoadBalancer -->
         <dependency>
diff --git a/src/main/java/com/aida/gateway/filter/GlobalAuthWebFilter.java b/src/main/java/com/aida/gateway/filter/GlobalAuthWebFilter.java
index 861f844..cc5e65a 100644
--- a/src/main/java/com/aida/gateway/filter/GlobalAuthWebFilter.java
+++ b/src/main/java/com/aida/gateway/filter/GlobalAuthWebFilter.java
@@ -95,12 +95,21 @@ public class GlobalAuthWebFilter implements WebFilter {
         // 5. 黑名单检查（仅当启用时）
         if (authProperties.isBlacklistEnabled()) {
             String blacklistKey = AuthConstants.BLACKLIST_PREFIX + principal.getId();
-            Boolean isBlacklisted = redisTemplate.hasKey(blacklistKey).block();
-            if (Boolean.TRUE.equals(isBlacklisted)) {
-                return writeUnauthorized(exchange, AuthConstants.MSG_TOKEN_BLACKLISTED);
-            }
+            return redisTemplate.hasKey(blacklistKey).flatMap(isBlacklisted -> {
+                if (Boolean.TRUE.equals(isBlacklisted)) {
+                    return writeUnauthorized(exchange, AuthConstants.MSG_TOKEN_BLACKLISTED);
+                }
+                return continueChain(exchange, chain, principal);
+            }).onErrorResume(e -> {
+                log.error("Redis check failed", e);
+                return continueChain(exchange, chain, principal);
+            });
         }
 
+        return continueChain(exchange, chain, principal);
+    }
+
+    private Mono<Void> continueChain(ServerWebExchange exchange, WebFilterChain chain, AuthPrincipalVo principal) {
         // 6. 写入下游请求头
         String userInfoJson;
         try {
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
index cd33cb6..42f0b93 100644
--- a/src/main/resources/application.yml
+++ b/src/main/resources/application.yml
@@ -9,7 +9,25 @@ server:
 spring:
   application:
     name: aida-gateway
-
+  cloud:
+    gateway:
+      routes:
+        - id: aida-back
+          uri: lb://aida-back
+          predicates:
+            - Path=/aida/**
+          filters:
+            - StripPrefix=1
+        - id: aida-seller
+          uri: lb://aida-seller
+          predicates:
+            - Path=/seller/**
+          filters:
+            - StripPrefix=1
+        - id: aida-python
+          uri: http://18.167.251.121:9994
+          predicates:
+            - Path=/python/**
 # ---------- Knife4j 网关聚合配置 ----------
 knife4j:
   gateway:
@@ -17,13 +35,13 @@ knife4j:
     # 手动指定下游服务的文档聚合，可以灵活应对不同服务的 API 版本或路径前缀
     strategy: manual
     routes:
-      - name: 业务服务 (Back)
-        url: /api/v3/api-docs
+      - name: aida主服务
+        url: /aida/v3/api-docs
         service-name: aida-back
-        context-path: /api
+        context-path: /aida
         order: 1
       - name: 商家端服务 (Seller)
-        url: /seller/api/v3/api-docs
+        url: /seller/v3/api-docs
         service-name: aida-seller
         context-path: /seller
         order: 2
@@ -31,7 +49,7 @@ knife4j:
 # ---------- Gateway JWT 认证（gateway 独有） ----------
 gateway:
   auth:
-    jwt-secret: ${BACK_JWT_SECRET:JWTSECRET}
+    jwt-secret: JWTSECRET
     jwt-token-header: Authorization
     jwt-token-prefix: Bearer-
     blacklist-enabled: true
@@ -76,6 +94,56 @@ gateway:
       - /api/global-award/**
       - /api/llm/stream
       - /notification/**
+      - /aida/api/account/login
+      - /aida/api/account/preLogin
+      - /aida/api/designer/check
+      - /aida/api/account/sendEmail
+      - /aida/api/account/noLoginRequired
+      - /aida/api/account/resetPwd
+      - /aida/api/account/designWorksRegister
+      - /aida/api/account/questionnaire
+      - /aida/api/account/schoolLogin
+      - /aida/api/account/enterpriseLogin
+      - /aida/api/account/organizationNameSearch
+      - /aida/api/account/activateNewEmail
+      - /aida/api/python/saveGeneratePicture
+      - /aida/api/python/getLibraryByUserId
+      - /aida/api/python/flush
+      - /aida/api/account/healthy
+      - /aida/api/third/party/**
+      - /aida/api/element/initDefaultSysFile
+      - /aida/api/ali-pay/trade/notify
+      - /aida/api/paypal/ipn/back
+      - /aida/api/alipay-hk/trade/notify
+      - /aida/api/stripe/trade/notify
+      - /aida/api/portfolio/**
+      - /aida/api/global-award/**
+      - /aida/api/llm/stream
+      - /aida/account/login
+      - /aida/account/preLogin
+      - /aida/designer/check
+      - /aida/account/sendEmail
+      - /aida/account/noLoginRequired
+      - /aida/account/resetPwd
+      - /aida/account/designWorksRegister
+      - /aida/account/questionnaire
+      - /aida/account/schoolLogin
+      - /aida/account/enterpriseLogin
+      - /aida/account/organizationNameSearch
+      - /aida/account/activateNewEmail
+      - /aida/python/saveGeneratePicture
+      - /aida/python/getLibraryByUserId
+      - /aida/python/flush
+      - /aida/account/healthy
+      - /aida/third/party/**
+      - /aida/element/initDefaultSysFile
+      - /aida/ali-pay/trade/notify
+      - /aida/paypal/ipn/back
+      - /aida/alipay-hk/trade/notify
+      - /aida/stripe/trade/notify
+      - /aida/portfolio/**
+      - /aida/global-award/**
+      - /aida/llm/stream
 
 logging:
   level: