feat(technology): 完善工艺路线工序管理功能

云

2026-04-22 20fc9ea9b6e4f885ced57a7ab7b98385834eb39a

 src/main/java/com/ruoyi/framework/config/SecurityConfig.java

@@ -108,16 +108,48 @@
            // 基于token，所以不需要session

            .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))

            // 注解标记允许匿名访问的url

            .authorizeHttpRequests((requests) -> {

                permitAllUrl.getUrls().forEach(url -> requests.antMatchers(url).permitAll());

                // 对于登录login 注册register 验证码captchaImage 允许匿名访问

                requests.antMatchers("/login", "/register", "/captchaImage","/loginCheck","/userLoginFacotryList/**","/loginCheckFactory").permitAll()

                    // 静态资源，可匿名访问

                    .antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll()

                    .antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**").permitAll()

                    // 除上面外的所有请求全部需要鉴权认证

                    .anyRequest().authenticated();

            })

                // todo ai生成， 后期若有问题请自行优化

                .authorizeHttpRequests(requests -> {



                    // 1. 放行动态配置的 URL

                    permitAllUrl.getUrls().forEach(url ->

                            requests.requestMatchers(url).permitAll()

                    );



                    // 2. 登录 / 注册 / 验证码 / 等放行

                    requests.requestMatchers(

                            "/login",

                            "/register",

                            "/captchaImage",

                            "/loginCheck",

                            "/userLoginFacotryList/**",

                            "/loginCheckFactory"

                    ).permitAll();



                    // 3. 静态资源放行

                    requests.requestMatchers(HttpMethod.GET,

                            "/",

                            "/*.html",

                            "/**/*.html",

                            "/**/*.css",

                            "/**/*.js",

                            "/profile/**",

                            "/javaWork/**",

                            "/**/*.pdf"

                    ).permitAll();



                    // 4. swagger / druid 放行

                    requests.requestMatchers(

                            "/swagger-ui.html",

                            "/swagger-resources/**",

                            "/webjars/**",

                            "/*/api-docs",

                            "/druid/**"

                    ).permitAll();



                    // 5. 其他全部拦截

                    requests.anyRequest().authenticated();

                })

            // 添加Logout filter

            .logout(logout -> logout.logoutUrl("/logout").logoutSuccessHandler(logoutSuccessHandler))

            // 添加JWT filter