Compare commits
16 Commits
e642dbf041
...
master
| Author | SHA1 | Date | |
|---|---|---|---|
|
9fc17d2940 | ||
|
|
41bb344e97 | ||
|
|
cddd74db2a | ||
|
|
69dba26b73 | ||
|
|
206431ccb0 | ||
| 62f8219d30 | |||
|
|
2daec6b123 | ||
|
|
7e19ba4d06 | ||
|
|
58951ff9b6 | ||
|
|
9124256f01 | ||
|
|
7f69eebedf | ||
|
|
e00e7f3e5e | ||
|
|
a5c0695488 | ||
|
|
c8d1bc6985 | ||
|
|
3b11905b55 | ||
|
|
94379b9a16 |
@@ -4,7 +4,8 @@ on:
|
|||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
build_and_deploy:
|
build_and_deploy:
|
||||||
runs-on: ubuntu-latest
|
runs-on: java21
|
||||||
|
|
||||||
outputs:
|
outputs:
|
||||||
build_status: ${{ job.status }}
|
build_status: ${{ job.status }}
|
||||||
build_url: ${{ gitea.server_url }}/${{ gitea.repository.owner.name }}/${{ gitea.repository.name }}/actions/runs/${{ gitea.run_id }}
|
build_url: ${{ gitea.server_url }}/${{ gitea.repository.owner.name }}/${{ gitea.repository.name }}/actions/runs/${{ gitea.run_id }}
|
||||||
@@ -26,52 +27,20 @@ jobs:
|
|||||||
with:
|
with:
|
||||||
ref: master
|
ref: master
|
||||||
|
|
||||||
- name: 2.Set up JDK 21
|
|
||||||
uses: actions/setup-java@v5
|
- name: 3.缓存 Maven 依赖
|
||||||
|
uses: actions/cache@v5
|
||||||
with:
|
with:
|
||||||
java-version: '21'
|
path: ~/.m2/repository
|
||||||
distribution: 'temurin'
|
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
|
||||||
|
restore-keys: |
|
||||||
|
${{ runner.os }}-maven-
|
||||||
|
|
||||||
- name: 3.设置JAVA Maven 环境
|
- name: 4.构建项目
|
||||||
run: |
|
run: |
|
||||||
# 适配root/普通用户
|
java -version
|
||||||
SUDO=""
|
mvn -v
|
||||||
[ "$(id -u)" != "0" ] && SUDO="sudo"
|
mvn clean package -DskipTests
|
||||||
|
|
||||||
# 安装依赖
|
|
||||||
$SUDO apt update && $SUDO apt install -y wget tar --no-install-recommends
|
|
||||||
|
|
||||||
# 下载Maven
|
|
||||||
MAVEN_VERSION="3.9.11"
|
|
||||||
MAVEN_TAR="apache-maven-${MAVEN_VERSION}-bin.tar.gz"
|
|
||||||
MAVEN_URL="https://archive.apache.org/dist/maven/maven-3/${MAVEN_VERSION}/binaries/${MAVEN_TAR}"
|
|
||||||
wget --no-verbose -O /tmp/${MAVEN_TAR} ${MAVEN_URL}
|
|
||||||
|
|
||||||
# 解压+软链接
|
|
||||||
$SUDO tar -xzf /tmp/${MAVEN_TAR} -C /usr/local/
|
|
||||||
$SUDO ln -sf /usr/local/apache-maven-${MAVEN_VERSION} /usr/local/maven
|
|
||||||
|
|
||||||
# 配置PATH
|
|
||||||
echo "/usr/local/maven/bin" >> $GITHUB_PATH
|
|
||||||
export PATH="/usr/local/maven/bin:$PATH"
|
|
||||||
|
|
||||||
# 验证
|
|
||||||
mvn -v
|
|
||||||
|
|
||||||
- name: 4.构建jar包
|
|
||||||
run: |
|
|
||||||
echo "===== 开始构建JAR包 ====="
|
|
||||||
# 新增:打印当前构建分支(两种方式双重确认)
|
|
||||||
echo "当前工作目录分支:$(git branch --show-current)"
|
|
||||||
echo "Gitea检出分支:${{ github.ref_name }}"
|
|
||||||
echo "预期构建分支: master"
|
|
||||||
echo "========================"
|
|
||||||
mvn -B clean install -DskipTests -Pdev 2>&1
|
|
||||||
# 检查构建是否成功
|
|
||||||
if [ $? -ne 0 ]; then
|
|
||||||
echo "JAR包构建失败!"
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
- name: 5.生成Dockerfile
|
- name: 5.生成Dockerfile
|
||||||
run: |
|
run: |
|
||||||
@@ -81,7 +50,7 @@ jobs:
|
|||||||
VOLUME /tmp
|
VOLUME /tmp
|
||||||
RUN ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
|
RUN ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
|
||||||
RUN echo 'Asia/Shanghai' > /etc/timezone
|
RUN echo 'Asia/Shanghai' > /etc/timezone
|
||||||
ADD ./*.jar /app.jar
|
ADD ./target/*.jar /app.jar
|
||||||
ENTRYPOINT ["java","-jar","/app.jar"]
|
ENTRYPOINT ["java","-jar","/app.jar"]
|
||||||
EOF
|
EOF
|
||||||
echo "Dockerfile内容:"
|
echo "Dockerfile内容:"
|
||||||
@@ -103,49 +72,40 @@ jobs:
|
|||||||
- ./uploads:/temp/uploads
|
- ./uploads:/temp/uploads
|
||||||
ports:
|
ports:
|
||||||
- '10094:10094'
|
- '10094:10094'
|
||||||
networks:
|
|
||||||
- aida_java_net
|
|
||||||
restart: always
|
restart: always
|
||||||
networks:
|
|
||||||
aida_java_net:
|
|
||||||
external: true
|
|
||||||
name: aida_java_net
|
|
||||||
EOF
|
EOF
|
||||||
# 验证docker-compose.yml生成
|
# 验证docker-compose.yml生成
|
||||||
echo "docker-compose.yml内容:"
|
echo "docker-compose.yml内容:"
|
||||||
cat docker-compose.yml
|
cat docker-compose.yml
|
||||||
|
|
||||||
- name: 7.安装SSH工具
|
- name: 7.上传jar到远程服务器
|
||||||
run: |
|
uses: appleboy/scp-action@master
|
||||||
$SUDO apt install -y sshpass openssh-client --no-install-recommends
|
with:
|
||||||
# 配置SSH免密
|
host: ${{ secrets.SERVER_HOST }}
|
||||||
mkdir -p ~/.ssh
|
port: 22
|
||||||
echo "${{ secrets.SSH_KEY }}" > ~/.ssh/id_rsa
|
username: ${{ secrets.SERVER_USER }}
|
||||||
chmod 600 ~/.ssh/id_rsa
|
key: ${{ secrets.SSH_KEY }}
|
||||||
ssh-keyscan -H ${{ secrets.SERVER_HOST }} >> ~/.ssh/known_hosts
|
source: "target/*.jar,Dockerfile,docker-compose.yml"
|
||||||
|
target: ${{ env.REMOTE_DEPLOY_PATH }}
|
||||||
|
preserve_host_directory_structure: false
|
||||||
|
|
||||||
- name: 8.同步文件到远程服务器
|
- name: 8. 重启 Docker 服务
|
||||||
run: |
|
uses: appleboy/ssh-action@master # 👈 专门执行命令的 action
|
||||||
echo "===== 同步文件到远程服务器 ====="
|
with:
|
||||||
# 使用scp同步文件
|
host: ${{ secrets.SERVER_HOST }}
|
||||||
scp -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null \
|
username: ${{ secrets.SERVER_USER }}
|
||||||
./target/*.jar ./Dockerfile ./docker-compose.yml \
|
key: ${{ secrets.SSH_KEY }}
|
||||||
${{ secrets.SERVER_USER }}@${{ secrets.SERVER_HOST }}:${{ env.REMOTE_DEPLOY_PATH }} 2>&1
|
key_base64: true
|
||||||
|
script: |
|
||||||
- name: 9.部署和运行服务
|
echo "========= 进入部署目录 ========="
|
||||||
run: |
|
|
||||||
echo "===== 开始部署服务 ====="
|
|
||||||
# SSH执行部署命令
|
|
||||||
ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null \
|
|
||||||
${{ secrets.SERVER_USER }}@${{ secrets.SERVER_HOST }} << 'EOF_SSH'
|
|
||||||
cd ${{ env.REMOTE_DEPLOY_PATH }}
|
cd ${{ env.REMOTE_DEPLOY_PATH }}
|
||||||
echo "停止旧容器..."
|
ls -l
|
||||||
docker compose down || true
|
|
||||||
echo "构建镜像..."
|
echo "========= 停止旧服务 ========="
|
||||||
docker compose build --no-cache
|
docker compose down
|
||||||
echo "启动服务..."
|
|
||||||
docker compose up -d
|
echo "========= 启动新服务 ========="
|
||||||
echo "验证容器状态..."
|
docker compose up -d --build
|
||||||
docker compose ps
|
|
||||||
echo "部署完成!"
|
echo "========= 查看运行状态 ========="
|
||||||
EOF_SSH
|
docker compose ps
|
||||||
1
.gitignore
vendored
1
.gitignore
vendored
@@ -1,2 +1,3 @@
|
|||||||
/.idea/
|
/.idea/
|
||||||
/target/
|
/target/
|
||||||
|
/log/
|
||||||
|
|||||||
18
pom.xml
18
pom.xml
@@ -62,17 +62,11 @@
|
|||||||
<scope>runtime</scope>
|
<scope>runtime</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
<!-- Jackson -->
|
<!-- Hutool -->
|
||||||
<dependency>
|
|
||||||
<groupId>com.fasterxml.jackson.core</groupId>
|
|
||||||
<artifactId>jackson-databind</artifactId>
|
|
||||||
</dependency>
|
|
||||||
|
|
||||||
<!-- Hutool (aligned with aida_seller 5.8.26) -->
|
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>cn.hutool</groupId>
|
<groupId>cn.hutool</groupId>
|
||||||
<artifactId>hutool-all</artifactId>
|
<artifactId>hutool-all</artifactId>
|
||||||
<version>5.8.26</version>
|
<version>5.8.23</version>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
<!-- Redis (for token blacklist) -->
|
<!-- Redis (for token blacklist) -->
|
||||||
@@ -100,6 +94,12 @@
|
|||||||
<artifactId>spring-boot-starter-actuator</artifactId>
|
<artifactId>spring-boot-starter-actuator</artifactId>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
|
<!-- Spring Boot Logging(显式引入,确保 logback 正确初始化) -->
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.springframework.boot</groupId>
|
||||||
|
<artifactId>spring-boot-starter-logging</artifactId>
|
||||||
|
</dependency>
|
||||||
|
|
||||||
<!-- Knife4j Gateway Aggregation -->
|
<!-- Knife4j Gateway Aggregation -->
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>com.github.xiaoymin</groupId>
|
<groupId>com.github.xiaoymin</groupId>
|
||||||
@@ -145,6 +145,8 @@
|
|||||||
<groupId>org.springframework.boot</groupId>
|
<groupId>org.springframework.boot</groupId>
|
||||||
<artifactId>spring-boot-maven-plugin</artifactId>
|
<artifactId>spring-boot-maven-plugin</artifactId>
|
||||||
<configuration>
|
<configuration>
|
||||||
|
<!-- 强制工作目录为模块根目录,确保 ./log 指向项目目录而非 Maven 安装目录 -->
|
||||||
|
<workingDirectory>${project.basedir}</workingDirectory>
|
||||||
<excludes>
|
<excludes>
|
||||||
<exclude>
|
<exclude>
|
||||||
<groupId>org.projectlombok</groupId>
|
<groupId>org.projectlombok</groupId>
|
||||||
|
|||||||
@@ -19,5 +19,13 @@ public class GatewayAuthProperties {
|
|||||||
|
|
||||||
private List<String> ignorePaths;
|
private List<String> ignorePaths;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 可选认证路径:token 有则解析并写入下游请求头,无则放行。
|
||||||
|
* 与 ignorePaths 的区别:ignorePaths 完全跳过认证逻辑;
|
||||||
|
* optionalAuthPaths 仍然尝试解析 token,有 token 时正常写入 X-User-Id / X-User-Info,
|
||||||
|
* 无 token 时才放行,确保已登录用户的信息能正确传递。
|
||||||
|
*/
|
||||||
|
private List<String> optionalAuthPaths;
|
||||||
|
|
||||||
private boolean blacklistEnabled = true;
|
private boolean blacklistEnabled = true;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,33 +0,0 @@
|
|||||||
package com.aida.gateway.filter;
|
|
||||||
|
|
||||||
import lombok.extern.slf4j.Slf4j;
|
|
||||||
import org.springframework.core.Ordered;
|
|
||||||
import org.springframework.core.annotation.Order;
|
|
||||||
import org.springframework.http.HttpHeaders;
|
|
||||||
import org.springframework.stereotype.Component;
|
|
||||||
import org.springframework.web.server.ServerWebExchange;
|
|
||||||
import org.springframework.web.server.WebFilter;
|
|
||||||
import org.springframework.web.server.WebFilterChain;
|
|
||||||
import reactor.core.publisher.Mono;
|
|
||||||
|
|
||||||
@Component
|
|
||||||
@Order(Ordered.LOWEST_PRECEDENCE)
|
|
||||||
@Slf4j
|
|
||||||
public class CorsResponseFilter implements WebFilter {
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) {
|
|
||||||
return chain.filter(exchange).doOnSuccess(aVoid -> {
|
|
||||||
String origin = exchange.getRequest().getHeaders().getFirst("Origin");
|
|
||||||
log.debug("Setting CORS headers for Origin: {}", origin);
|
|
||||||
|
|
||||||
exchange.getResponse().getHeaders().set(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN,
|
|
||||||
origin != null ? origin : "*");
|
|
||||||
exchange.getResponse().getHeaders().set(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS,
|
|
||||||
"GET, POST, PUT, DELETE, OPTIONS, PATCH");
|
|
||||||
exchange.getResponse().getHeaders().set(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, "*");
|
|
||||||
exchange.getResponse().getHeaders().set(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true");
|
|
||||||
exchange.getResponse().getHeaders().set(HttpHeaders.ACCESS_CONTROL_MAX_AGE, "3600");
|
|
||||||
});
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@@ -14,6 +14,7 @@ import lombok.extern.slf4j.Slf4j;
|
|||||||
import org.springframework.core.Ordered;
|
import org.springframework.core.Ordered;
|
||||||
import org.springframework.core.io.buffer.DataBuffer;
|
import org.springframework.core.io.buffer.DataBuffer;
|
||||||
import org.springframework.data.redis.core.ReactiveRedisTemplate;
|
import org.springframework.data.redis.core.ReactiveRedisTemplate;
|
||||||
|
import org.springframework.http.HttpHeaders;
|
||||||
import org.springframework.http.HttpStatus;
|
import org.springframework.http.HttpStatus;
|
||||||
import org.springframework.http.MediaType;
|
import org.springframework.http.MediaType;
|
||||||
import org.springframework.http.server.reactive.ServerHttpRequest;
|
import org.springframework.http.server.reactive.ServerHttpRequest;
|
||||||
@@ -59,34 +60,48 @@ public class GlobalAuthWebFilter implements WebFilter, Ordered {
|
|||||||
@Override
|
@Override
|
||||||
public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) {
|
public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) {
|
||||||
String path = exchange.getRequest().getURI().getPath();
|
String path = exchange.getRequest().getURI().getPath();
|
||||||
String origin = exchange.getRequest().getHeaders().getFirst("Origin");
|
|
||||||
String host = exchange.getRequest().getHeaders().getFirst("Host");
|
|
||||||
log.debug("Request received - Path: {}, Origin: {}, Host: {}, Method: {}",
|
|
||||||
path, origin, host, exchange.getRequest().getMethod());
|
|
||||||
|
|
||||||
if ("OPTIONS".equalsIgnoreCase(exchange.getRequest().getMethod().name())) {
|
if ("OPTIONS".equalsIgnoreCase(exchange.getRequest().getMethod().name())) {
|
||||||
log.debug("OPTIONS request detected, Origin: {}", origin);
|
|
||||||
return chain.filter(exchange);
|
return chain.filter(exchange);
|
||||||
}
|
}
|
||||||
|
|
||||||
// 2. 白名单直接放行
|
// 2. 白名单直接放行(完全跳过认证)
|
||||||
if (isIgnoredPath(path)) {
|
if (isIgnoredPath(path)) {
|
||||||
return chain.filter(exchange);
|
return chain.filter(exchange);
|
||||||
}
|
}
|
||||||
|
|
||||||
// 3. 提取 token
|
// 3. 可选认证路径:token 有则解析,无则放行
|
||||||
|
if (isOptionalAuthPath(path)) {
|
||||||
|
String rawHeader = exchange.getRequest().getHeaders()
|
||||||
|
.getFirst(authProperties.getJwtTokenHeader());
|
||||||
|
if (StrUtil.isBlank(rawHeader)) {
|
||||||
|
// 无 token,直接放行,不写任何 header
|
||||||
|
return chain.filter(exchange);
|
||||||
|
}
|
||||||
|
// 有 token,正常走解析流程(复用下面的验证逻辑)
|
||||||
|
return processTokenWithAuthCheck(exchange, chain, rawHeader);
|
||||||
|
}
|
||||||
|
|
||||||
|
// 4. 其他路径:必须有 token
|
||||||
String rawHeader = exchange.getRequest().getHeaders()
|
String rawHeader = exchange.getRequest().getHeaders()
|
||||||
.getFirst(authProperties.getJwtTokenHeader());
|
.getFirst(authProperties.getJwtTokenHeader());
|
||||||
if (StrUtil.isBlank(rawHeader)) {
|
if (StrUtil.isBlank(rawHeader)) {
|
||||||
return writeUnauthorized(exchange, AuthConstants.MSG_MISSING_TOKEN);
|
return writeUnauthorized(exchange, AuthConstants.MSG_MISSING_TOKEN);
|
||||||
}
|
}
|
||||||
|
return processTokenWithAuthCheck(exchange, chain, rawHeader);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 统一的 token 解析与认证流程:解析 JWT → 黑名单检查 → 写入下游 header。
|
||||||
|
* 专供可选认证路径中有 token 的情况,以及普通路径的鉴权。
|
||||||
|
*/
|
||||||
|
private Mono<Void> processTokenWithAuthCheck(ServerWebExchange exchange, WebFilterChain chain, String rawHeader) {
|
||||||
String token = rawHeader;
|
String token = rawHeader;
|
||||||
if (rawHeader.startsWith(authProperties.getJwtTokenPrefix())) {
|
if (rawHeader.startsWith(authProperties.getJwtTokenPrefix())) {
|
||||||
token = rawHeader.substring(authProperties.getJwtTokenPrefix().length());
|
token = rawHeader.substring(authProperties.getJwtTokenPrefix().length());
|
||||||
}
|
}
|
||||||
|
|
||||||
// 4. JWT 签名验证
|
// JWT 签名验证
|
||||||
Claims claims;
|
Claims claims;
|
||||||
try {
|
try {
|
||||||
claims = parseToken(token);
|
claims = parseToken(token);
|
||||||
@@ -95,7 +110,7 @@ public class GlobalAuthWebFilter implements WebFilter, Ordered {
|
|||||||
return writeUnauthorized(exchange, AuthConstants.MSG_TOKEN_EXPIRED);
|
return writeUnauthorized(exchange, AuthConstants.MSG_TOKEN_EXPIRED);
|
||||||
}
|
}
|
||||||
|
|
||||||
// 5. 解析用户信息
|
// 解析用户信息
|
||||||
AuthPrincipalVo principal;
|
AuthPrincipalVo principal;
|
||||||
try {
|
try {
|
||||||
principal = objectMapper.readValue(claims.getSubject(), AuthPrincipalVo.class);
|
principal = objectMapper.readValue(claims.getSubject(), AuthPrincipalVo.class);
|
||||||
@@ -108,7 +123,7 @@ public class GlobalAuthWebFilter implements WebFilter, Ordered {
|
|||||||
return writeUnauthorized(exchange, AuthConstants.MSG_INVALID_TOKEN);
|
return writeUnauthorized(exchange, AuthConstants.MSG_INVALID_TOKEN);
|
||||||
}
|
}
|
||||||
|
|
||||||
// 6. 黑名单检查(仅当启用时)
|
// 黑名单检查
|
||||||
if (authProperties.isBlacklistEnabled()) {
|
if (authProperties.isBlacklistEnabled()) {
|
||||||
String blacklistKey = AuthConstants.BLACKLIST_PREFIX + principal.getId();
|
String blacklistKey = AuthConstants.BLACKLIST_PREFIX + principal.getId();
|
||||||
return redisTemplate.hasKey(blacklistKey).flatMap(isBlacklisted -> {
|
return redisTemplate.hasKey(blacklistKey).flatMap(isBlacklisted -> {
|
||||||
@@ -155,6 +170,18 @@ public class GlobalAuthWebFilter implements WebFilter, Ordered {
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private boolean isOptionalAuthPath(String requestUri) {
|
||||||
|
if (authProperties.getOptionalAuthPaths() == null) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
for (String pattern : authProperties.getOptionalAuthPaths()) {
|
||||||
|
if (pathMatcher.match(pattern, requestUri)) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
private Claims parseToken(String token) {
|
private Claims parseToken(String token) {
|
||||||
SecretKey key = buildSigningKey();
|
SecretKey key = buildSigningKey();
|
||||||
return Jwts.parser()
|
return Jwts.parser()
|
||||||
@@ -176,6 +203,11 @@ public class GlobalAuthWebFilter implements WebFilter, Ordered {
|
|||||||
ServerHttpResponse response = exchange.getResponse();
|
ServerHttpResponse response = exchange.getResponse();
|
||||||
response.setStatusCode(HttpStatus.UNAUTHORIZED);
|
response.setStatusCode(HttpStatus.UNAUTHORIZED);
|
||||||
response.getHeaders().setContentType(MediaType.APPLICATION_JSON);
|
response.getHeaders().setContentType(MediaType.APPLICATION_JSON);
|
||||||
|
String origin = exchange.getRequest().getHeaders().getFirst(HttpHeaders.ORIGIN);
|
||||||
|
if (origin != null) {
|
||||||
|
response.getHeaders().set(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, origin);
|
||||||
|
response.getHeaders().set(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true");
|
||||||
|
}
|
||||||
String body = String.format("{\"code\":401,\"message\":\"%s\"}", message);
|
String body = String.format("{\"code\":401,\"message\":\"%s\"}", message);
|
||||||
DataBuffer buffer = response.bufferFactory().wrap(body.getBytes(StandardCharsets.UTF_8));
|
DataBuffer buffer = response.bufferFactory().wrap(body.getBytes(StandardCharsets.UTF_8));
|
||||||
return response.writeWith(Mono.just(buffer));
|
return response.writeWith(Mono.just(buffer));
|
||||||
|
|||||||
@@ -29,6 +29,11 @@ spring:
|
|||||||
- DedupeResponseHeader=Access-Control-Allow-Origin Access-Control-Allow-Credentials
|
- DedupeResponseHeader=Access-Control-Allow-Origin Access-Control-Allow-Credentials
|
||||||
# ---------- 路由配置 ----------
|
# ---------- 路由配置 ----------
|
||||||
routes:
|
routes:
|
||||||
|
# 多实例部署时推送会失效,升级多实例要注意ws改造
|
||||||
|
- id: aida-back-websocket
|
||||||
|
uri: lb://aida-back
|
||||||
|
predicates:
|
||||||
|
- Path=/notification/**
|
||||||
- id: aida-back
|
- id: aida-back
|
||||||
uri: lb://aida-back
|
uri: lb://aida-back
|
||||||
predicates:
|
predicates:
|
||||||
@@ -45,6 +50,12 @@ spring:
|
|||||||
uri: http://18.167.251.121:9994
|
uri: http://18.167.251.121:9994
|
||||||
predicates:
|
predicates:
|
||||||
- Path=/python/**
|
- Path=/python/**
|
||||||
|
- id: aida-buyer
|
||||||
|
uri: lb://aida-buyer
|
||||||
|
predicates:
|
||||||
|
- Path=/buyer/**
|
||||||
|
filters:
|
||||||
|
- StripPrefix=1
|
||||||
# ---------- Knife4j 网关聚合配置 ----------
|
# ---------- Knife4j 网关聚合配置 ----------
|
||||||
knife4j:
|
knife4j:
|
||||||
gateway:
|
gateway:
|
||||||
@@ -62,6 +73,11 @@ knife4j:
|
|||||||
service-name: aida-seller
|
service-name: aida-seller
|
||||||
context-path: /seller
|
context-path: /seller
|
||||||
order: 2
|
order: 2
|
||||||
|
- name: 买家端服务 (Buyer)
|
||||||
|
url: /buyer/v3/api-docs
|
||||||
|
service-name: aida-buyer
|
||||||
|
context-path: /buyer
|
||||||
|
order: 3
|
||||||
|
|
||||||
# ---------- Gateway JWT 认证(gateway 独有) ----------
|
# ---------- Gateway JWT 认证(gateway 独有) ----------
|
||||||
gateway:
|
gateway:
|
||||||
@@ -138,8 +154,8 @@ gateway:
|
|||||||
- /aida/api/alipay-hk/trade/notify
|
- /aida/api/alipay-hk/trade/notify
|
||||||
- /aida/api/stripe/trade/notify
|
- /aida/api/stripe/trade/notify
|
||||||
# Notification
|
# Notification
|
||||||
- /aida/notification/**
|
- /notification/**
|
||||||
|
# buyer
|
||||||
logging:
|
- /buyer/account/**
|
||||||
level:
|
- /buyer/designer/shop/**
|
||||||
com.aida.gateway: debug
|
- /buyer/designer/search
|
||||||
|
|||||||
65
src/main/resources/logback-spring.xml
Normal file
65
src/main/resources/logback-spring.xml
Normal file
@@ -0,0 +1,65 @@
|
|||||||
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
|
<configuration>
|
||||||
|
<include resource="org/springframework/boot/logging/logback/defaults.xml" />
|
||||||
|
|
||||||
|
<!-- 日志存放路径 -->
|
||||||
|
<property name="log.path" value="./log" />
|
||||||
|
<!-- 日志输出格式 -->
|
||||||
|
<property name="log.pattern.console" value="${CONSOLE_LOG_PATTERN:-%clr(%d{${LOG_DATEFORMAT_PATTERN:-yyyy-MM-dd HH:mm:ss.SSS}}){faint} %clr(${LOG_LEVEL_PATTERN:-%5p}) %clr(${PID:- }){magenta} %clr(---){faint} %clr([%15.15t]){faint} %clr(%-40.40logger{39}){cyan} %clr(:){faint} %m%n${LOG_EXCEPTION_CONVERSION_WORD:-%wEx}}" />
|
||||||
|
<property name="log.pattern.file" value="${FILE_LOG_PATTERN:-%d{${LOG_DATEFORMAT_PATTERN:-yyyy-MM-dd HH:mm:ss.SSS}} ${LOG_LEVEL_PATTERN:-%5p} ${PID:- } --- [%15t] %-40.40logger{39} : %m%n${LOG_EXCEPTION_CONVERSION_WORD:-%wEx}}" />
|
||||||
|
|
||||||
|
<!-- 控制台输出 -->
|
||||||
|
<appender name="console" class="ch.qos.logback.core.ConsoleAppender">
|
||||||
|
<encoder>
|
||||||
|
<pattern>${log.pattern.console}</pattern>
|
||||||
|
</encoder>
|
||||||
|
</appender>
|
||||||
|
|
||||||
|
<!-- Info 日志文件 -->
|
||||||
|
<appender name="file_info" class="ch.qos.logback.core.rolling.RollingFileAppender">
|
||||||
|
<file>${log.path}/aida-gateway-info.log</file>
|
||||||
|
<rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
|
||||||
|
<fileNamePattern>${log.path}/aida-gateway-info.%d{yyyy-MM-dd}.log</fileNamePattern>
|
||||||
|
<maxHistory>60</maxHistory>
|
||||||
|
</rollingPolicy>
|
||||||
|
<encoder>
|
||||||
|
<pattern>${log.pattern.file}</pattern>
|
||||||
|
</encoder>
|
||||||
|
<filter class="ch.qos.logback.classic.filter.LevelFilter">
|
||||||
|
<onMatch>ACCEPT</onMatch>
|
||||||
|
<onMismatch>DENY</onMismatch>
|
||||||
|
</filter>
|
||||||
|
</appender>
|
||||||
|
|
||||||
|
<!-- Error 日志文件 -->
|
||||||
|
<appender name="file_error" class="ch.qos.logback.core.rolling.RollingFileAppender">
|
||||||
|
<file>${log.path}/aida-gateway-error.log</file>
|
||||||
|
<rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
|
||||||
|
<fileNamePattern>${log.path}/aida-gateway-error.%d{yyyy-MM-dd}.log</fileNamePattern>
|
||||||
|
<maxHistory>60</maxHistory>
|
||||||
|
</rollingPolicy>
|
||||||
|
<encoder>
|
||||||
|
<pattern>${log.pattern.file}</pattern>
|
||||||
|
</encoder>
|
||||||
|
<filter class="ch.qos.logback.classic.filter.LevelFilter">
|
||||||
|
<level>ERROR</level>
|
||||||
|
<onMatch>ACCEPT</onMatch>
|
||||||
|
<onMismatch>DENY</onMismatch>
|
||||||
|
</filter>
|
||||||
|
</appender>
|
||||||
|
|
||||||
|
<!-- 服务模块日志级别控制 -->
|
||||||
|
<logger name="com.aida.gateway" level="debug" />
|
||||||
|
<!-- Spring 日志级别控制 -->
|
||||||
|
<logger name="org.springframework" level="warn" />
|
||||||
|
|
||||||
|
<root level="info">
|
||||||
|
<appender-ref ref="console" />
|
||||||
|
</root>
|
||||||
|
|
||||||
|
<root level="info">
|
||||||
|
<appender-ref ref="file_info" />
|
||||||
|
<appender-ref ref="file_error" />
|
||||||
|
</root>
|
||||||
|
|
||||||
|
</configuration>
|
||||||
Reference in New Issue
Block a user