update 调整代码格式化
This commit is contained in:
疯狂的狮子li
parent
223ff4ebff
commit
6904f38ea2
@ -21,18 +21,17 @@ import org.springframework.web.filter.CorsFilter;
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* spring security配置
|
* spring security配置
|
||||||
*
|
*
|
||||||
* @author ruoyi
|
* @author ruoyi
|
||||||
*/
|
*/
|
||||||
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
|
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
|
||||||
public class SecurityConfig extends WebSecurityConfigurerAdapter
|
public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
||||||
{
|
|
||||||
/**
|
/**
|
||||||
* 自定义用户认证逻辑
|
* 自定义用户认证逻辑
|
||||||
*/
|
*/
|
||||||
@Autowired
|
@Autowired
|
||||||
private UserDetailsService userDetailsService;
|
private UserDetailsService userDetailsService;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 认证失败处理类
|
* 认证失败处理类
|
||||||
*/
|
*/
|
||||||
@ -50,7 +49,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter
|
|||||||
*/
|
*/
|
||||||
@Autowired
|
@Autowired
|
||||||
private JwtAuthenticationTokenFilter authenticationTokenFilter;
|
private JwtAuthenticationTokenFilter authenticationTokenFilter;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 跨域过滤器
|
* 跨域过滤器
|
||||||
*/
|
*/
|
||||||
@ -68,8 +67,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter
|
|||||||
*/
|
*/
|
||||||
@Bean
|
@Bean
|
||||||
@Override
|
@Override
|
||||||
public AuthenticationManager authenticationManagerBean() throws Exception
|
public AuthenticationManager authenticationManagerBean() throws Exception {
|
||||||
{
|
|
||||||
return super.authenticationManagerBean();
|
return super.authenticationManagerBean();
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -89,31 +87,30 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter
|
|||||||
* authenticated | 用户登录后可访问
|
* authenticated | 用户登录后可访问
|
||||||
*/
|
*/
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity httpSecurity) throws Exception
|
protected void configure(HttpSecurity httpSecurity) throws Exception {
|
||||||
{
|
|
||||||
httpSecurity
|
httpSecurity
|
||||||
// CSRF禁用,因为不使用session
|
// CSRF禁用,因为不使用session
|
||||||
.csrf().disable()
|
.csrf().disable()
|
||||||
// 认证失败处理类
|
// 认证失败处理类
|
||||||
.exceptionHandling().authenticationEntryPoint(unauthorizedHandler).and()
|
.exceptionHandling().authenticationEntryPoint(unauthorizedHandler).and()
|
||||||
// 基于token,所以不需要session
|
// 基于token,所以不需要session
|
||||||
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
|
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
|
||||||
// 过滤请求
|
// 过滤请求
|
||||||
.authorizeRequests()
|
.authorizeRequests()
|
||||||
.antMatchers(
|
.antMatchers(
|
||||||
HttpMethod.GET,
|
HttpMethod.GET,
|
||||||
"/",
|
"/",
|
||||||
"/*.html",
|
"/*.html",
|
||||||
"/**/*.html",
|
"/**/*.html",
|
||||||
"/**/*.css",
|
"/**/*.css",
|
||||||
"/**/*.js"
|
"/**/*.js"
|
||||||
).permitAll()
|
).permitAll()
|
||||||
.antMatchers(securityProperties.getAnonymous()).anonymous()
|
.antMatchers(securityProperties.getAnonymous()).anonymous()
|
||||||
.antMatchers(securityProperties.getPermitAll()).permitAll()
|
.antMatchers(securityProperties.getPermitAll()).permitAll()
|
||||||
// 除上面外的所有请求全部需要鉴权认证
|
// 除上面外的所有请求全部需要鉴权认证
|
||||||
.anyRequest().authenticated()
|
.anyRequest().authenticated()
|
||||||
.and()
|
.and()
|
||||||
.headers().frameOptions().disable();
|
.headers().frameOptions().disable();
|
||||||
httpSecurity.logout().logoutUrl(securityProperties.getLogoutUrl()).logoutSuccessHandler(logoutSuccessHandler);
|
httpSecurity.logout().logoutUrl(securityProperties.getLogoutUrl()).logoutSuccessHandler(logoutSuccessHandler);
|
||||||
// 添加JWT filter
|
// 添加JWT filter
|
||||||
httpSecurity.addFilterBefore(authenticationTokenFilter, UsernamePasswordAuthenticationFilter.class);
|
httpSecurity.addFilterBefore(authenticationTokenFilter, UsernamePasswordAuthenticationFilter.class);
|
||||||
@ -126,8 +123,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter
|
|||||||
* 强散列哈希加密实现
|
* 强散列哈希加密实现
|
||||||
*/
|
*/
|
||||||
@Bean
|
@Bean
|
||||||
public BCryptPasswordEncoder bCryptPasswordEncoder()
|
public BCryptPasswordEncoder bCryptPasswordEncoder() {
|
||||||
{
|
|
||||||
return new BCryptPasswordEncoder();
|
return new BCryptPasswordEncoder();
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -135,8 +131,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter
|
|||||||
* 身份认证接口
|
* 身份认证接口
|
||||||
*/
|
*/
|
||||||
@Override
|
@Override
|
||||||
protected void configure(AuthenticationManagerBuilder auth) throws Exception
|
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
||||||
{
|
|
||||||
auth.userDetailsService(userDetailsService).passwordEncoder(bCryptPasswordEncoder());
|
auth.userDetailsService(userDetailsService).passwordEncoder(bCryptPasswordEncoder());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user