chore(security): 增加安全配置及第三方JWT过滤器日志输出

- 在SecurityConfig中添加@Slf4j日志支持
- 配置SecurityFilterChain时加入启动日志输出
- 将ThirdPartyJwtAuthFilter中的日志级别由info调整为warn
- 日志内容涵盖处理请求、检测第三方接口及Token提取和验证过程

src/main/java/com/zsElectric/boot/common/util/electric/queryToken/ThirdPartyJwtAuthFilter.java

@@ -47,14 +47,14 @@ public class ThirdPartyJwtAuthFilter extends OncePerRequestFilter {
     protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
         
         String requestUri = request.getRequestURI();
-        log.info("第三方JWT过滤器处理请求: {}", requestUri);
+        log.warn("第三方JWT过滤器处理请求: {}", requestUri);
 
         boolean isThirdPartyRequest = thirdPartyApiPaths.stream()
                 .anyMatch(pattern -> pathMatcher.match(pattern, requestUri));
 
         // 检查当前请求是否是需要第三方Token验证的接口
         if (isThirdPartyRequest) {
-            log.info("检测到第三方接口请求: {}", requestUri);
+            log.warn("检测到第三方接口请求: {}", requestUri);
             String token = extractToken(request);
             
             if (token == null) {
@@ -65,14 +65,14 @@ public class ThirdPartyJwtAuthFilter extends OncePerRequestFilter {
                 return; // 重要：直接返回，不再执行过滤链后续操作
             }
             
-            log.info("提取到Token: {}...", token.substring(0, Math.min(20, token.length())));
+            log.warn("提取到Token: {}...", token.substring(0, Math.min(20, token.length())));
             
             try {
                 // 验证Token的有效性（例如是否过期、签名是否正确）
                 if (jwtTokenUtil.validateToken(token)) {
                     // 从Token中解析用户标识
                     String principal = jwtTokenUtil.getOperatorIdFromToken(token);
-                    log.info("Token验证成功，OperatorID: {}", principal);
+                    log.warn("Token验证成功，OperatorID: {}", principal);
                     // 构建Authentication对象，细节见下文
                     UsernamePasswordAuthenticationToken authentication =
                         new UsernamePasswordAuthenticationToken(principal, null, new ArrayList<>());

src/main/java/com/zsElectric/boot/config/SecurityConfig.java

@@ -18,6 +18,7 @@ import com.zsElectric.boot.security.service.SysUserDetailsService;
 import com.zsElectric.boot.system.service.ConfigService;
 import com.zsElectric.boot.system.service.UserService;
 import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.data.redis.core.RedisTemplate;
@@ -41,6 +42,7 @@ import org.springframework.security.web.authentication.UsernamePasswordAuthentic
  * @author Ray.Hao
  * @since 2023/2/17
  */
+@Slf4j
 @Configuration
 @EnableWebSecurity
 @EnableMethodSecurity
@@ -65,6 +67,9 @@ public class SecurityConfig {
      */
     @Bean
     public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+        
+        log.info("========== 配置 SecurityFilterChain ==========");
+        log.info("第三方认证过滤器: {}", thirdPartyAuthFilter);
 
         return http
                 .authorizeHttpRequests(requestMatcherRegistry -> {