买家端联调bug

This reverts commit e00e7f3e5e.

.gitea/workflows/master_gateway_build_manual.yaml

@@ -50,7 +50,7 @@ jobs:
           VOLUME /tmp
           RUN ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
           RUN echo 'Asia/Shanghai' > /etc/timezone
-          ADD ./*.jar /app.jar
+          ADD ./target/*.jar /app.jar
           ENTRYPOINT ["java","-jar","/app.jar"]
           EOF
           echo "Dockerfile内容:"

.gitignore

@@ -1,2 +1,3 @@
 /.idea/
 /target/
+/log/

pom.xml

@@ -62,17 +62,11 @@
             <scope>runtime</scope>
         </dependency>
 
-        <!-- Jackson -->
+        <!-- Hutool -->
-        <dependency>
-            <groupId>com.fasterxml.jackson.core</groupId>
-            <artifactId>jackson-databind</artifactId>
-        </dependency>
-
-        <!-- Hutool (aligned with aida_seller 5.8.26) -->
         <dependency>
             <groupId>cn.hutool</groupId>
             <artifactId>hutool-all</artifactId>
-            <version>5.8.26</version>
+            <version>5.8.23</version>
         </dependency>
 
         <!-- Redis (for token blacklist) -->
@@ -100,6 +94,12 @@
             <artifactId>spring-boot-starter-actuator</artifactId>
         </dependency>
 
+        <!-- Spring Boot Logging（显式引入，确保 logback 正确初始化） -->
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-logging</artifactId>
+        </dependency>
+
         <!-- Knife4j Gateway Aggregation -->
         <dependency>
             <groupId>com.github.xiaoymin</groupId>
@@ -145,6 +145,8 @@
                 <groupId>org.springframework.boot</groupId>
                 <artifactId>spring-boot-maven-plugin</artifactId>
                 <configuration>
+                    <!-- 强制工作目录为模块根目录，确保 ./log 指向项目目录而非 Maven 安装目录 -->
+                    <workingDirectory>${project.basedir}</workingDirectory>
                     <excludes>
                         <exclude>
                             <groupId>org.projectlombok</groupId>

src/main/java/com/aida/gateway/config/GatewayAuthProperties.java

@@ -19,5 +19,13 @@ public class GatewayAuthProperties {
 
     private List<String> ignorePaths;
 
+    /**
+     * 可选认证路径：token 有则解析并写入下游请求头，无则放行。
+     * 与 ignorePaths 的区别：ignorePaths 完全跳过认证逻辑；
+     * optionalAuthPaths 仍然尝试解析 token，有 token 时正常写入 X-User-Id / X-User-Info，
+     * 无 token 时才放行，确保已登录用户的信息能正确传递。
+     */
+    private List<String> optionalAuthPaths;
+
     private boolean blacklistEnabled = true;
 }

src/main/java/com/aida/gateway/filter/GlobalAuthWebFilter.java

@@ -65,24 +65,43 @@ public class GlobalAuthWebFilter implements WebFilter, Ordered {
             return chain.filter(exchange);
         }
 
-        // 2. 白名单直接放行
+        // 2. 白名单直接放行（完全跳过认证）
         if (isIgnoredPath(path)) {
             return chain.filter(exchange);
         }
 
-        // 3. 提取 token
+        // 3. 可选认证路径：token 有则解析，无则放行
+        if (isOptionalAuthPath(path)) {
+            String rawHeader = exchange.getRequest().getHeaders()
+                    .getFirst(authProperties.getJwtTokenHeader());
+            if (StrUtil.isBlank(rawHeader)) {
+                // 无 token，直接放行，不写任何 header
+                return chain.filter(exchange);
+            }
+            // 有 token，正常走解析流程（复用下面的验证逻辑）
+            return processTokenWithAuthCheck(exchange, chain, rawHeader);
+        }
+
+        // 4. 其他路径：必须有 token
         String rawHeader = exchange.getRequest().getHeaders()
                 .getFirst(authProperties.getJwtTokenHeader());
         if (StrUtil.isBlank(rawHeader)) {
             return writeUnauthorized(exchange, AuthConstants.MSG_MISSING_TOKEN);
         }
+        return processTokenWithAuthCheck(exchange, chain, rawHeader);
+    }
 
+    /**
+     * 统一的 token 解析与认证流程：解析 JWT → 黑名单检查 → 写入下游 header。
+     * 专供可选认证路径中有 token 的情况，以及普通路径的鉴权。
+     */
+    private Mono<Void> processTokenWithAuthCheck(ServerWebExchange exchange, WebFilterChain chain, String rawHeader) {
         String token = rawHeader;
         if (rawHeader.startsWith(authProperties.getJwtTokenPrefix())) {
             token = rawHeader.substring(authProperties.getJwtTokenPrefix().length());
         }
 
-        // 4. JWT 签名验证
+        // JWT 签名验证
         Claims claims;
         try {
             claims = parseToken(token);
@@ -91,7 +110,7 @@ public class GlobalAuthWebFilter implements WebFilter, Ordered {
             return writeUnauthorized(exchange, AuthConstants.MSG_TOKEN_EXPIRED);
         }
 
-        // 5. 解析用户信息
+        // 解析用户信息
         AuthPrincipalVo principal;
         try {
             principal = objectMapper.readValue(claims.getSubject(), AuthPrincipalVo.class);
@@ -104,7 +123,7 @@ public class GlobalAuthWebFilter implements WebFilter, Ordered {
             return writeUnauthorized(exchange, AuthConstants.MSG_INVALID_TOKEN);
         }
 
-        // 6. 黑名单检查（仅当启用时）
+        // 黑名单检查
         if (authProperties.isBlacklistEnabled()) {
             String blacklistKey = AuthConstants.BLACKLIST_PREFIX + principal.getId();
             return redisTemplate.hasKey(blacklistKey).flatMap(isBlacklisted -> {
@@ -151,6 +170,18 @@ public class GlobalAuthWebFilter implements WebFilter, Ordered {
         return false;
     }
 
+    private boolean isOptionalAuthPath(String requestUri) {
+        if (authProperties.getOptionalAuthPaths() == null) {
+            return false;
+        }
+        for (String pattern : authProperties.getOptionalAuthPaths()) {
+            if (pathMatcher.match(pattern, requestUri)) {
+                return true;
+            }
+        }
+        return false;
+    }
+
     private Claims parseToken(String token) {
         SecretKey key = buildSigningKey();
         return Jwts.parser()

src/main/resources/application.yml

@@ -50,6 +50,12 @@ spring:
           uri: http://18.167.251.121:9994
           predicates:
             - Path=/python/**
+        - id: aida-buyer
+          uri: lb://aida-buyer
+          predicates:
+            - Path=/buyer/**
+          filters:
+            - StripPrefix=1
 # ---------- Knife4j 网关聚合配置 ----------
 knife4j:
   gateway:
@@ -67,6 +73,11 @@ knife4j:
         service-name: aida-seller
         context-path: /seller
         order: 2
+      - name: 买家端服务 (Buyer)
+        url: /buyer/v3/api-docs
+        service-name: aida-buyer
+        context-path: /buyer
+        order: 3
 
 # ---------- Gateway JWT 认证（gateway 独有） ----------
 gateway:
@@ -144,5 +155,7 @@ gateway:
       - /aida/api/stripe/trade/notify
       # Notification
       - /notification/**
-
+      # buyer
-logging:
+      - /buyer/account/**
+      - /buyer/designer/shop/**
+      - /buyer/designer/search

src/main/resources/logback-spring.xml

@@ -2,11 +2,9 @@
 <configuration>
     <include resource="org/springframework/boot/logging/logback/defaults.xml" />
 
-    <!-- 日志存放路径（可通过环境变量覆盖） -->
+    <!-- 日志存放路径 -->
-    <property name="log.path" value="${LOG_PATH:-./log}" />
+    <property name="log.path" value="./log" />
-    <!-- 各服务独立文件名 -->
+    <!-- 日志输出格式 -->
-    <property name="log.file.name" value="aida-gateway" />
-
     <property name="log.pattern.console" value="${CONSOLE_LOG_PATTERN:-%clr(%d{${LOG_DATEFORMAT_PATTERN:-yyyy-MM-dd HH:mm:ss.SSS}}){faint} %clr(${LOG_LEVEL_PATTERN:-%5p}) %clr(${PID:- }){magenta} %clr(---){faint} %clr([%15.15t]){faint} %clr(%-40.40logger{39}){cyan} %clr(:){faint} %m%n${LOG_EXCEPTION_CONVERSION_WORD:-%wEx}}" />
     <property name="log.pattern.file" value="${FILE_LOG_PATTERN:-%d{${LOG_DATEFORMAT_PATTERN:-yyyy-MM-dd HH:mm:ss.SSS}} ${LOG_LEVEL_PATTERN:-%5p} ${PID:- } --- [%15t] %-40.40logger{39} : %m%n${LOG_EXCEPTION_CONVERSION_WORD:-%wEx}}" />
 
@@ -19,26 +17,25 @@
 
     <!-- Info 日志文件 -->
     <appender name="file_info" class="ch.qos.logback.core.rolling.RollingFileAppender">
-        <file>${log.path}/${log.file.name}-info.log</file>
+        <file>${log.path}/aida-gateway-info.log</file>
         <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
-            <fileNamePattern>${log.path}/${log.file.name}-info.%d{yyyy-MM-dd}.log</fileNamePattern>
+            <fileNamePattern>${log.path}/aida-gateway-info.%d{yyyy-MM-dd}.log</fileNamePattern>
             <maxHistory>60</maxHistory>
         </rollingPolicy>
         <encoder>
             <pattern>${log.pattern.file}</pattern>
         </encoder>
         <filter class="ch.qos.logback.classic.filter.LevelFilter">
-            <level>ERROR</level>
+            <onMatch>ACCEPT</onMatch>
-            <onMatch>DENY</onMatch>
+            <onMismatch>DENY</onMismatch>
-            <onMismatch>ACCEPT</onMismatch>
         </filter>
     </appender>
 
     <!-- Error 日志文件 -->
     <appender name="file_error" class="ch.qos.logback.core.rolling.RollingFileAppender">
-        <file>${log.path}/${log.file.name}-error.log</file>
+        <file>${log.path}/aida-gateway-error.log</file>
         <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
-            <fileNamePattern>${log.path}/${log.file.name}-error.%d{yyyy-MM-dd}.log</fileNamePattern>
+            <fileNamePattern>${log.path}/aida-gateway-error.%d{yyyy-MM-dd}.log</fileNamePattern>
             <maxHistory>60</maxHistory>
         </rollingPolicy>
         <encoder>
@@ -51,14 +48,16 @@
         </filter>
     </appender>
 
-    <!-- 服务日志级别控制（由 Nacos 的 logging.level 统一管理，此处仅作兜底） -->
+    <!-- 服务模块日志级别控制 -->
-    <logger name="com.aida.gateway" level="${LOG_LEVEL_GATEWAY:-info}" />
+    <logger name="com.aida.gateway" level="debug" />
-    <!-- Spring 框架日志 -->
+    <!-- Spring 日志级别控制 -->
     <logger name="org.springframework" level="warn" />
-    <logger name="org.springframework.cloud.gateway" level="warn" />
 
-    <root level="${LOG_LEVEL_ROOT:-info}">
+    <root level="info">
         <appender-ref ref="console" />
+    </root>
+
+    <root level="info">
         <appender-ref ref="file_info" />
         <appender-ref ref="file_error" />
     </root>