产品供销存-后端
blame | 历史 | 补丁 | 提交 | 提交对比 | 忽略空白
chenhj
2026-04-22 fa3428b4bb32179a42d5618357c22fe2695716ae 
 src/main/java/com/ruoyi/framework/config/SecurityConfig.java


@@ -1,6 +1,10 @@


package com.ruoyi.framework.config;







import org.springframework.beans.factory.annotation.Autowired;



import com.ruoyi.framework.config.properties.PermitAllUrlProperties;



import com.ruoyi.framework.security.filter.JwtAuthenticationTokenFilter;



import com.ruoyi.framework.security.handle.AuthenticationEntryPointImpl;



import com.ruoyi.framework.security.handle.LogoutSuccessHandlerImpl;



import lombok.RequiredArgsConstructor;



import org.springframework.context.annotation.Bean;



import org.springframework.context.annotation.Configuration;



import org.springframework.http.HttpMethod;



@@ -16,10 +20,6 @@


import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;



import org.springframework.security.web.authentication.logout.LogoutFilter;



import org.springframework.web.filter.CorsFilter;



import com.ruoyi.framework.config.properties.PermitAllUrlProperties;



import com.ruoyi.framework.security.filter.JwtAuthenticationTokenFilter;



import com.ruoyi.framework.security.handle.AuthenticationEntryPointImpl;



import com.ruoyi.framework.security.handle.LogoutSuccessHandlerImpl;







/**



 * spring security配置



@@ -28,43 +28,38 @@


 */



@EnableMethodSecurity(prePostEnabled = true, securedEnabled = true)



@Configuration



@RequiredArgsConstructor



public class SecurityConfig



{



    /**



     * 自定义用户认证逻辑



     */



    @Autowired



    private UserDetailsService userDetailsService;



    private final UserDetailsService userDetailsService;



    



    /**



     * 认证失败处理类



     */



    @Autowired



    private AuthenticationEntryPointImpl unauthorizedHandler;



    private final AuthenticationEntryPointImpl unauthorizedHandler;







    /**



     * 退出处理类



     */



    @Autowired



    private LogoutSuccessHandlerImpl logoutSuccessHandler;



    private final LogoutSuccessHandlerImpl logoutSuccessHandler;







    /**



     * token认证过滤器



     */



    @Autowired



    private JwtAuthenticationTokenFilter authenticationTokenFilter;



    private final JwtAuthenticationTokenFilter authenticationTokenFilter;



    



    /**



     * 跨域过滤器



     */



    @Autowired



    private CorsFilter corsFilter;



    private final CorsFilter corsFilter;







    /**



     * 允许匿名访问的地址



     */



    @Autowired



    private PermitAllUrlProperties permitAllUrl;



    private final PermitAllUrlProperties permitAllUrl;







    /**



     * 身份验证实现