fix 修复 sa-token.check-same-token 开关对网关鉴权无效问题

ruoyi-common/ruoyi-common-security/src/main/java/org/dromara/common/security/config/SecurityConfiguration.java

@@ -1,5 +1,6 @@
 package org.dromara.common.security.config;
 
+import cn.dev33.satoken.SaManager;
 import cn.dev33.satoken.filter.SaServletFilter;
 import cn.dev33.satoken.interceptor.SaInterceptor;
 import cn.dev33.satoken.same.SaSameUtil;
@@ -35,7 +36,11 @@ public class SecurityConfiguration implements WebMvcConfigurer {
         return new SaServletFilter()
             .addInclude("/**")
             .addExclude("/actuator/**")
-            .setAuth(obj -> SaSameUtil.checkCurrentRequestToken())
+            .setAuth(obj -> {
+                if (SaManager.getConfig().getCheckSameToken()) {
+                    SaSameUtil.checkCurrentRequestToken();
+                }
+            })
             .setError(e -> SaResult.error("认证失败，无法访问系统资源").setCode(HttpStatus.UNAUTHORIZED));
     }
 

ruoyi-gateway/src/main/java/org/dromara/gateway/filter/ForwardAuthFilter.java

@@ -1,5 +1,6 @@
 package org.dromara.gateway.filter;
 
+import cn.dev33.satoken.SaManager;
 import cn.dev33.satoken.same.SaSameUtil;
 import org.springframework.cloud.gateway.filter.GatewayFilterChain;
 import org.springframework.cloud.gateway.filter.GlobalFilter;
@@ -18,6 +19,10 @@ import reactor.core.publisher.Mono;
 public class ForwardAuthFilter implements GlobalFilter, Ordered {
     @Override
     public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
+        // 未开启配置则直接跳过
+        if (!SaManager.getConfig().getCheckSameToken()) {
+            return chain.filter(exchange);
+        }
         ServerHttpRequest newRequest = exchange
             .getRequest()
             .mutate()