兰宝车间质量管理系统
上一版本: 77021751 | 补丁 | 提交 | 忽略空白
疯狂的狮子li
2021-09-26 6976c7f386568ad3f935a606d25173242032a4b7 
update security 路径配置抽取到配置文件
已修改3个文件
52 ■■■■■ 文件已修改
ruoyi-admin/src/main/resources/application.yml 14 ●●●●● 补丁 | 查看 | 原始文档 | blame | 历史
ruoyi-framework/src/main/java/com/ruoyi/framework/config/ResourcesConfig.java 25 ●●●● 补丁 | 查看 | 原始文档 | blame | 历史
ruoyi-framework/src/main/java/com/ruoyi/framework/config/properties/SecurityProperties.java 13 ●●●● 补丁 | 查看 | 原始文档 | blame | 历史 
 ruoyi-admin/src/main/resources/application.yml


@@ -124,13 +124,17 @@




# security配置


security:


  # 登出路径


  logout-url: /logout


  # 匿名路径


  anonymous:


  # 排除路径


  excludes:


    - /login


    - /logout


    - /register


    - /captchaImage


    # 静态资源


    - /*.html


    - /**/*.html


    - /**/*.css


    - /**/*.js


    # swagger 文档配置


    - /doc.html


    - /swagger-resources/**


@@ -141,8 +145,6 @@


    # actuator 监控配置


    - /actuator


    - /actuator/**


  # 用户放行


  permit-all:




# 重复提交


repeat-submit:




 ruoyi-framework/src/main/java/com/ruoyi/framework/config/ResourcesConfig.java


@@ -6,6 +6,8 @@


import cn.dev33.satoken.stp.StpUtil;


import com.ruoyi.common.utils.SecurityUtils;


import com.ruoyi.common.utils.StringUtils;


import com.ruoyi.framework.config.properties.SecurityProperties;


import org.springframework.beans.factory.annotation.Autowired;


import org.springframework.context.annotation.Bean;


import org.springframework.context.annotation.Configuration;


import org.springframework.web.cors.CorsConfiguration;


@@ -17,7 +19,6 @@




import java.util.Arrays;


import java.util.Collections;


import java.util.List;




/**


 * 通用配置


@@ -27,26 +28,12 @@


@Configuration


public class ResourcesConfig implements WebMvcConfigurer {




    @Autowired


    private SecurityProperties securityProperties;




    // 注册sa-token的拦截器


    @Override


    public void addInterceptors(InterceptorRegistry registry) {


        List<String> urlPath = Arrays.asList(


                "/login",


                "/logout",


                "/register",


                "/captchaImage",


                "/*.html",


                "/**/*.html",


                "/**/*.css",


                "/**/*.js",


                "/doc.html",


                "/swagger-resources/**",


                "/webjars/**",


                "/*/api-docs",


                "/druid/**",


                "/actuator",


                "/actuator/**"


        );


        // 注册路由拦截器,自定义验证规则


        registry.addInterceptor(new SaRouteInterceptor((request, response, handler) -> {


            // 登录验证 -- 排除多个路径


@@ -54,7 +41,7 @@


                    //获取所有的


                    Collections.singletonList("/**"),


                    //排除下不需要拦截的


                    urlPath,


                    Arrays.asList(securityProperties.getExcludes()),


                    () -> {


                        Long userId = SecurityUtils.getUserId();


                        if(StringUtils.isNotNull(userId) ) {




 ruoyi-framework/src/main/java/com/ruoyi/framework/config/properties/SecurityProperties.java


@@ -15,18 +15,9 @@


public class SecurityProperties {




    /**


     * 退出登录url


     * 排除路径


     */


    private String logoutUrl;


    private String[] excludes;




    /**


     * 匿名放行路径


     */


    private String[] anonymous;




    /**


     * 用户任意访问放行路径


     */


    private String[] permitAll;




}