refactor: 重构安全架构，提取通用安全模块到common-security

- 将JwtAuthenticationFilter、JwtUtil、JwtProperties从auth服务移至common-security模块 - 新增common-security通用安全模块，提供JWT认证、权限验证等核心安全功能 - 重命名SecurityConfiguration为AuthSecurityConfiguration，使用common-security的filter - 新增JacksonConfiguration配置类，统一JSON序列化配置 - 新增头像更新功能AvatarUpdateRequestDTO - 移除冗余的UserLoginResponseDTO类 - 更新各服务模块的依赖配置以引入common-security模块 - 新增README.md项目说明文档 Co-Authored-By: Claude <noreply@anthropic.com>
2026-01-12 01:54:21 +08:00
parent 8bd56a6001
commit a4575cebd4
47 changed files with 704 additions and 317 deletions
--- a/aioj-backend-gateway/src/main/resources/application-dev.yml
+++ b/aioj-backend-gateway/src/main/resources/application-dev.yml
@@ -42,6 +42,8 @@ spring:
 aioj-backend-gateway:
  # 白名单配置
  white-list:
+    - /api/v1/user/email/send-code
+    - /api/file/**
    - /api/v1/auth/login
    - /api/v1/auth/register
    - /api/v1/auth/refresh
@@ -90,3 +92,8 @@ knife4j:
        url: /user-service/api/v3/api-docs
        context-path: /user-service
        order: 2
+      - name: 文件服务
+        service-name: file-service
+        url: /file-service/api/v3/api-docs
+        context-path: /file-service
+        order: 2
--- a/aioj-backend-gateway/src/main/resources/application.yml
+++ b/aioj-backend-gateway/src/main/resources/application.yml
@@ -1,5 +1,5 @@
 server:
-  port: 8085
+  port: 18085
  error:
    include-stacktrace: never

@@ -25,6 +25,13 @@ spring:
                - Path=/user-service/**
              filters:
                - StripPrefix=1
+            # auth服务 Swagger 文档路由
+            - id: file-service-doc
+              uri: lb://file-service
+              predicates:
+                - Path=/file-service/**
+              filters:
+                - StripPrefix=1
            # auth业务接口
            - id: auth-service
              uri: lb://auth-service
@@ -50,6 +57,23 @@ spring:
                    backoff:
                      firstBackoff: 50ms
                      maxBackoff: 500ms
+            - id: file-service
+              uri: lb://file-service
+              predicates:
+                - Path=/api/v1/file/**
+              filters:
+                - name: Retry
+                  args:
+                    retries: 3
+                    statuses: BAD_GATEWAY,SERVICE_UNAVAILABLE
+                    backoff:
+                      firstBackoff: 50ms
+                      maxBackoff: 500ms
+            # 文件访问路由（公开，直接转发不去前缀）
+            - id: file-access
+              uri: lb://file-service
+              predicates:
+                - Path=/api/file/**
  # 设置应用启动后的就绪探针
  lifecycle:
    timeout-per-shutdown-phase: 30s