fix: 改用SaRouter路由拦截替代Spring excludePathPatterns，确保public路径不鉴权

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

miniapp/src/main/java/com/kym/miniapp/config/SaTokenConfigure.java

@@ -1,6 +1,7 @@
 package com.kym.miniapp.config;
 
 import cn.dev33.satoken.interceptor.SaInterceptor;
+import cn.dev33.satoken.router.SaRouter;
 import cn.dev33.satoken.stp.StpUtil;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
@@ -13,39 +14,46 @@ import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
  */
 @Configuration
 public class SaTokenConfigure implements WebMvcConfigurer {
-    // 注册拦截器
+
+    private static final String[] PUBLIC_PATHS = {
+            "/wx/notify",
+            "/payment/notify",
+            "/payment/refundNotify",
+            "/error",
+            "/user/wxLogin",
+            "/user/refresh",
+            "/banner",
+            "/common/contact",
+            "/charge/listStation",
+            "/charge/stationStatus",
+            "/charge/businessPolicy/*",
+            "/charge/stationInfo/*",
+            "/charge/stationInfoByShortId/*",
+            "/charge/stationInfoByConnectorId/*",
+            "/charge/stationInfoByEquipmentId/*",
+            "/charge/pullEnStations/*",
+    };
+
+    private static final String[] PUBLIC_WILDCARD_PATHS = {
+            "/charge/*/query_token",
+            "/charge/*/notification_stationStatus",
+            "/charge/*/notification_start_charge_result",
+            "/charge/*/notification_start_charge_status",
+            "/charge/*/notification_equip_charge_status",
+            "/charge/*/notification_stop_charge_result",
+            "/charge/*/notification_charge_order_info",
+            "/charge/*/check_charge_orders",
+    };
+
     @Override
     public void addInterceptors(InterceptorRegistry registry) {
-        // 注册 Sa-Token 拦截器，校验规则为 StpUtil.checkLogin() 登录校验。
-        registry.addInterceptor(new SaInterceptor(handle -> StpUtil.checkLogin()))
-                .addPathPatterns("/**")
-                // login/refresh接口不鉴权
-                .excludePathPatterns(
-                        "/wx/notify",
-                        "/payment/notify",
-                        "/payment/refundNotify",
-                        "/error",
-                        "/user/wxLogin",
-                        "/user/refresh",
-                        "/banner",
-                        "/common/contact",
-                        "/charge/pullEnStations/*",
-                        "/charge/listStation",
-                        "/charge/stationStatus",
-                        "/charge/businessPolicy/*",
-                        "/charge/stationInfo/*",
-                        "/charge/stationInfoByShortId/*",
-                        "/charge/stationInfoByConnectorId/*",
-                        "/charge/stationInfoByEquipmentId/*",
-                        "/charge/*/query_token",
-                        "/charge/*/notification_stationStatus",
-                        "/charge/*/notification_start_charge_result",
-                        "/charge/*/notification_start_charge_status",
-                        "/charge/*/notification_equip_charge_status",
-                        "/charge/*/notification_stop_charge_result",
-                        "/charge/*/notification_charge_order_info",
-                        "/charge/*/check_charge_orders"
-                );
+        registry.addInterceptor(new SaInterceptor(handle -> {
+                    SaRouter
+                            .match("/**")
+                            .notMatch(PUBLIC_PATHS)
+                            .notMatch(PUBLIC_WILDCARD_PATHS)
+                            .check(r -> StpUtil.checkLogin());
+                }))
+                .addPathPatterns("/**");
     }
-
 }