Página inicial Explorar Ajuda
Entrar
AHX-Bid
/
auction
3
0
Fork 0
Arquivos Issues 0 Pull Requests 0 Wiki
Ver código fonte

默认api放行

hr~ 4 semanas atrás
pai
7a795a9e7b
commit
4426547944
1 arquivos alterados com 43 adições e 2 exclusões
Visão dividida Mostrar estatísticas do Diff
  1. 43 2
      bid/src/main/java/cn/hobbystocks/auc/config/SecurityConfig.java

+ 43 - 2
bid/src/main/java/cn/hobbystocks/auc/config/SecurityConfig.java
Ver arquivo 

@@ -1,5 +1,6 @@
 
 package cn.hobbystocks.auc.config;
 
 
+import cn.hobbystocks.auc.common.filter.AuthenticationFilter;
 
 import org.springframework.context.annotation.Bean;
 
 import org.springframework.context.annotation.Configuration;
 
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 
@@ -7,11 +8,49 @@ import org.springframework.security.config.annotation.web.configuration.EnableWe
 
 import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 
 import org.springframework.security.config.http.SessionCreationPolicy;
 
 import org.springframework.security.web.SecurityFilterChain;
 
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 
 
 @Configuration
 
 @EnableWebSecurity
 
 public class SecurityConfig {
 
 
+    private final AuthenticationFilter authenticationFilter;
 
+
 
+    private String[] ignoreUrl = {
 
+            "/error",
 
+            "/*/error",
 
+            "/actuator/**",
 
+            "/api/local/**",
 
+            "/api-docs/*",
 
+            "/doc.html",
 
+            "/webjars/**",
 
+            "/swagger-resources/**",
 
+            "/v3/api-docs/**",
 
+            "/swagger-ui/**",
 
+            "/bid/bid/bidding/addPrice",
 
+            "/bid/auction/banner/list",
 
+            "/bid/lot/hot/list",
 
+            "/bid/lot/list/search",
 
+            "/bid/lot/category/query",
 
+            "/bid/auction/details",
 
+            "/bid/lot/detail/**",
 
+            "/bid/lot/notice/list",
 
+            "/bid/lot/notice/detail/**",
 
+            "/bid/bidding/addPrice",
 
+            "/auction/banner/list",
 
+            "/lot/hot/list",
 
+            "/lot/list/search",
 
+            "/lot/category/query",
 
+            "/auction/details",
 
+            "/lot/detail/**",
 
+            "/lot/notice/list",
 
+            "/lot/notice/detail/**"
 
+    };
 
+
 
+    public SecurityConfig(AuthenticationFilter authenticationFilter) {
 
+        this.authenticationFilter = authenticationFilter;
 
+    }
 
+
 
     @Bean
 
     public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 
         http
 
@@ -19,8 +58,10 @@ public class SecurityConfig {
 
                 .sessionManagement(session -> session
 
                         .sessionCreationPolicy(SessionCreationPolicy.STATELESS))
 
                 .authorizeHttpRequests(auth -> auth
 
-                        .anyRequest().permitAll()
 
-                );
 
+                        .antMatchers(ignoreUrl).permitAll()
 
+                        .anyRequest().authenticated()
 
+                )
 
+                .addFilterBefore(authenticationFilter, UsernamePasswordAuthenticationFilter.class);
 
 
         return http.build();
 
     }