| | |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * spring security配置 |
|---|
| | | * |
|---|
| | | * |
|---|
| | | * @author ruoyi |
|---|
| | | */ |
|---|
| | | @EnableMethodSecurity(prePostEnabled = true, securedEnabled = true) |
|---|
| | |
|---|
| | | */ |
|---|
| | | @Autowired |
|---|
| | | private UserDetailsService userDetailsService; |
|---|
| | | |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * 认证失败处理类 |
|---|
| | | */ |
|---|
| | |
|---|
| | | */ |
|---|
| | | @Autowired |
|---|
| | | private JwtAuthenticationTokenFilter authenticationTokenFilter; |
|---|
| | | |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * 跨域过滤器 |
|---|
| | | */ |
|---|
| | |
|---|
| | | .authorizeHttpRequests((requests) -> { |
|---|
| | | permitAllUrl.getUrls().forEach(url -> requests.antMatchers(url).permitAll()); |
|---|
| | | // 对于登录login 注册register 验证码captchaImage 允许匿名访问 |
|---|
| | | requests.antMatchers("/login", "/register", "/captchaImage").permitAll() |
|---|
| | | requests.antMatchers("/login", "/register", "/captchaImage", "/unqualifiedHandler/callback").permitAll() |
|---|
| | | // 静态资源,可匿名访问 |
|---|
| | | .antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll() |
|---|
| | | .antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**").permitAll() |
|---|
