修改网关调用问题

tacit-admin/src/main/java/com/tacit/admin/controller/AuthController.java

@@ -0,0 +1,34 @@
+package com.tacit.admin.controller;
+
+import com.tacit.admin.entity.dto.LoginRequest;
+import com.tacit.admin.entity.dto.LoginResponse;
+import com.tacit.admin.entity.dto.RegisterRequest;
+import com.tacit.admin.service.UserService;
+import com.tacit.common.entity.ResponseResult;
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.tags.Tag;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.bind.annotation.*;
+
+@RestController
+@RequestMapping("/auth")
+@Tag(name = "认证管理", description = "登录注册相关接口")
+public class AuthController {
+
+    @Autowired
+    private UserService userService;
+
+    @Operation(summary = "用户登录", description = "用户登录获取JWT令牌")
+    @PostMapping("/login")
+    public ResponseResult<LoginResponse> login(@RequestBody LoginRequest loginRequest) {
+        LoginResponse loginResponse = userService.login(loginRequest);
+        return ResponseResult.success(loginResponse);
+    }
+
+    @Operation(summary = "用户注册", description = "注册新用户")
+    @PostMapping("/register")
+    public ResponseResult<Void> register(@RequestBody RegisterRequest registerRequest) {
+        userService.register(registerRequest);
+        return ResponseResult.success();
+    }
+}

tacit-admin/src/main/java/com/tacit/admin/entity/dto/RegisterRequest.java

@@ -0,0 +1,20 @@
+package com.tacit.admin.entity.dto;
+
+import lombok.Data;
+
+import java.io.Serializable;
+
+@Data
+public class RegisterRequest implements Serializable {
+    private static final long serialVersionUID = 1L;
+
+    private String username;
+
+    private String password;
+
+    private String nickname;
+
+    private String email;
+
+    private String phone;
+}

tacit-gateway/src/main/java/com/tacit/gateway/config/SecurityConfig.java

@@ -0,0 +1,31 @@
+package com.tacit.gateway.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
+import org.springframework.security.config.web.server.ServerHttpSecurity;
+import org.springframework.security.config.web.server.ServerHttpSecurity.CsrfSpec;
+import org.springframework.security.web.server.SecurityWebFilterChain;
+
+/**
+ * Spring Cloud Gateway 响应式 Security 配置
+ * 禁用 CSRF 保护，因为 Gateway 通常作为 API 网关，使用 JWT 等无状态认证
+ */
+@Configuration
+@EnableWebFluxSecurity
+public class SecurityConfig {
+
+    @Bean
+    public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
+        return http
+                // 禁用 CSRF 保护
+                .csrf(CsrfSpec::disable)
+                // 允许所有请求通过（认证由 JwtAuthenticationFilter 处理）
+                .authorizeExchange(exchanges -> exchanges
+                        .anyExchange().permitAll()
+                )
+                .build();
+    }
+}
+
+