From bcac70b2abaf61ee3429cfcd8ed0b0d5b3c656b2 Mon Sep 17 00:00:00 2001
From: 疯狂的狮子li <15040126243@163.com>
Date: 星期日, 26 九月 2021 17:02:08 +0800
Subject: [PATCH] update 扩展 security 配置属性

---
 ruoyi-framework/src/main/java/com/ruoyi/framework/config/properties/SecurityProperties.java |   10 ++++++++++
 ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java                |    3 ++-
 ruoyi-admin/src/main/resources/application.yml                                              |    5 +++++
 3 files changed, 17 insertions(+), 1 deletions(-)

diff --git a/ruoyi-admin/src/main/resources/application.yml b/ruoyi-admin/src/main/resources/application.yml
index 9f649ed..6a7b7d0 100644
--- a/ruoyi-admin/src/main/resources/application.yml
+++ b/ruoyi-admin/src/main/resources/application.yml
@@ -108,6 +108,9 @@
 
 # security閰嶇疆
 security:
+  # 鐧诲嚭璺緞
+  logout-url: /logout
+  # 鍖垮悕璺緞
   anonymous:
     - /login
     - /register
@@ -122,6 +125,8 @@
     # actuator 鐩戞帶閰嶇疆
     - /actuator
     - /actuator/**
+  # 鐢ㄦ埛鏀捐
+  permit-all:
 
 # 閲嶅鎻愪氦
 repeat-submit:
diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
index 855be65..229704f 100644
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
@@ -109,11 +109,12 @@
                         "/**/*.js"
                 ).permitAll()
                 .antMatchers(securityProperties.getAnonymous()).anonymous()
+                .antMatchers(securityProperties.getPermitAll()).permitAll()
                 // 闄や笂闈㈠鐨勬墍鏈夎姹傚叏閮ㄩ渶瑕侀壌鏉冭璇�
                 .anyRequest().authenticated()
                 .and()
                 .headers().frameOptions().disable();
-        httpSecurity.logout().logoutUrl("/logout").logoutSuccessHandler(logoutSuccessHandler);
+        httpSecurity.logout().logoutUrl(securityProperties.getLogoutUrl()).logoutSuccessHandler(logoutSuccessHandler);
         // 娣诲姞JWT filter
         httpSecurity.addFilterBefore(authenticationTokenFilter, UsernamePasswordAuthenticationFilter.class);
         // 娣诲姞CORS filter
diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/properties/SecurityProperties.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/properties/SecurityProperties.java
index 33414ce..c83ffcc 100644
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/properties/SecurityProperties.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/properties/SecurityProperties.java
@@ -15,8 +15,18 @@
 public class SecurityProperties {
 
     /**
+     * 閫�鍑虹櫥褰晆rl
+     */
+    private String logoutUrl;
+
+    /**
      * 鍖垮悕鏀捐璺緞
      */
     private String[] anonymous;
 
+    /**
+     * 鐢ㄦ埛浠绘剰璁块棶鏀捐璺緞
+     */
+    private String[] permitAll;
+
 }

--
Gitblit v1.9.3