|
|
@@ -1,6 +1,5 @@
|
|
|
package cn.hobbystocks.auc.config;
|
|
|
|
|
|
-import cn.hobbystocks.auc.common.filter.AuthenticationFilter;
|
|
|
import org.springframework.context.annotation.Bean;
|
|
|
import org.springframework.context.annotation.Configuration;
|
|
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
|
|
@@ -8,31 +7,20 @@ import org.springframework.security.config.annotation.web.configuration.EnableWe
|
|
|
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
|
|
|
import org.springframework.security.config.http.SessionCreationPolicy;
|
|
|
import org.springframework.security.web.SecurityFilterChain;
|
|
|
-import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
|
|
|
|
|
@Configuration
|
|
|
@EnableWebSecurity
|
|
|
public class SecurityConfig {
|
|
|
|
|
|
- private final AuthenticationFilter authenticationFilter;
|
|
|
-
|
|
|
- private String [] ignoreUrl={"/error","/*/error","/actuator/**","/api/local/**","/api-docs/*","/doc.html","/webjars/**","/swagger-resources/**","/v3/api-docs/**","/swagger-ui/**"};
|
|
|
-
|
|
|
- public SecurityConfig(AuthenticationFilter authenticationFilter) {
|
|
|
- this.authenticationFilter = authenticationFilter;
|
|
|
- }
|
|
|
-
|
|
|
@Bean
|
|
|
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
|
|
|
http
|
|
|
- .csrf(AbstractHttpConfigurer::disable) // 禁用 CSRF
|
|
|
+ .csrf(AbstractHttpConfigurer::disable)
|
|
|
.sessionManagement(session -> session
|
|
|
- .sessionCreationPolicy(SessionCreationPolicy.STATELESS)) // 使用无状态会话
|
|
|
+ .sessionCreationPolicy(SessionCreationPolicy.STATELESS))
|
|
|
.authorizeHttpRequests(auth -> auth
|
|
|
- .antMatchers(ignoreUrl).permitAll()
|
|
|
- .anyRequest().authenticated() // 其他请求需要身份验证
|
|
|
- )
|
|
|
- .addFilterBefore(authenticationFilter, UsernamePasswordAuthenticationFilter.class); // 添加自定义过滤器
|
|
|
+ .anyRequest().permitAll()
|
|
|
+ );
|
|
|
|
|
|
return http.build();
|
|
|
}
|
