产品供销存-后端
blame | 历史 | 补丁 | 提交 | 提交对比 | 忽略空白
RuoYi
2020-09-17 ab8ccdc7f4b7b8574bf557ebb7f95fa7d80ed146 
 src/main/java/com/ruoyi/framework/config/SecurityConfig.java


@@ -12,6 +12,8 @@


import org.springframework.security.core.userdetails.UserDetailsService;



import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;



import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;



import org.springframework.security.web.authentication.logout.LogoutFilter;



import org.springframework.web.filter.CorsFilter;



import com.ruoyi.framework.security.filter.JwtAuthenticationTokenFilter;



import com.ruoyi.framework.security.handle.AuthenticationEntryPointImpl;



import com.ruoyi.framework.security.handle.LogoutSuccessHandlerImpl;



@@ -49,6 +51,12 @@


    private JwtAuthenticationTokenFilter authenticationTokenFilter;



    



    /**



     * 跨域过滤器



     */



    @Autowired



    private CorsFilter corsFilter;



    


    /**



     * 解决 无法直接注入 AuthenticationManager



     *



     * @return



@@ -80,7 +88,7 @@


    protected void configure(HttpSecurity httpSecurity) throws Exception



    {



        httpSecurity



                // CRSF禁用,因为不使用session



                // CSRF禁用,因为不使用session



                .csrf().disable()



                // 认证失败处理类



                .exceptionHandling().authenticationEntryPoint(unauthorizedHandler).and()



@@ -112,9 +120,11 @@


        httpSecurity.logout().logoutUrl("/logout").logoutSuccessHandler(logoutSuccessHandler);



        // 添加JWT filter



        httpSecurity.addFilterBefore(authenticationTokenFilter, UsernamePasswordAuthenticationFilter.class);



        // 添加CORS filter



        httpSecurity.addFilterBefore(corsFilter, JwtAuthenticationTokenFilter.class);



        httpSecurity.addFilterBefore(corsFilter, LogoutFilter.class);



    }







    


    /**



     * 强散列哈希加密实现



     */