From 3434610349c93037e9fc565600b151e0aed1672e Mon Sep 17 00:00:00 2001 From: 疯狂的狮子li <15040126243@163.com> Date: 星期日, 26 九月 2021 17:02:28 +0800 Subject: [PATCH] update 接口文档 支持分组配置 --- ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java | 23 ++++++++--------------- 1 files changed, 8 insertions(+), 15 deletions(-) diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java index 6715a18..229704f 100644 --- a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java +++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java @@ -1,5 +1,6 @@ package com.ruoyi.framework.config; +import com.ruoyi.framework.config.properties.SecurityProperties; import com.ruoyi.framework.security.filter.JwtAuthenticationTokenFilter; import com.ruoyi.framework.security.handle.AuthenticationEntryPointImpl; import com.ruoyi.framework.security.handle.LogoutSuccessHandlerImpl; @@ -56,6 +57,9 @@ @Autowired private CorsFilter corsFilter; + @Autowired + private SecurityProperties securityProperties; + /** * 瑙e喅 鏃犳硶鐩存帴娉ㄥ叆 AuthenticationManager * @@ -96,32 +100,21 @@ .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and() // 杩囨护璇锋眰 .authorizeRequests() - // 瀵逛簬鐧诲綍login 娉ㄥ唽register 楠岃瘉鐮乧aptchaImage 鍏佽鍖垮悕璁块棶 - .antMatchers("/login", "/register", "/captchaImage").anonymous() .antMatchers( HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", - "/**/*.js", - "/profile/**" + "/**/*.js" ).permitAll() - .antMatchers("/common/download**").anonymous() - .antMatchers("/common/download/resource**").anonymous() - .antMatchers("/doc.html").anonymous() - .antMatchers("/swagger-resources/**").anonymous() - .antMatchers("/webjars/**").anonymous() - .antMatchers("/*/api-docs").anonymous() - .antMatchers("/druid/**").anonymous() - // Spring Boot Actuator 鐨勫畨鍏ㄩ厤缃� - .antMatchers("/actuator").anonymous() - .antMatchers("/actuator/**").anonymous() + .antMatchers(securityProperties.getAnonymous()).anonymous() + .antMatchers(securityProperties.getPermitAll()).permitAll() // 闄や笂闈㈠鐨勬墍鏈夎姹傚叏閮ㄩ渶瑕侀壌鏉冭璇� .anyRequest().authenticated() .and() .headers().frameOptions().disable(); - httpSecurity.logout().logoutUrl("/logout").logoutSuccessHandler(logoutSuccessHandler); + httpSecurity.logout().logoutUrl(securityProperties.getLogoutUrl()).logoutSuccessHandler(logoutSuccessHandler); // 娣诲姞JWT filter httpSecurity.addFilterBefore(authenticationTokenFilter, UsernamePasswordAuthenticationFilter.class); // 娣诲姞CORS filter -- Gitblit v1.9.3