华泰-傅里叶后端
blame | 历史 | 原始文档
zhangf
2024-07-26 698995469a3fcdc3164fc486d18bdbe059b6c92e 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76

package com.gkhy.fourierSpecialGasMonitor.config.authorization;


 


import com.gkhy.fourierSpecialGasMonitor.infra.cache.domain.CacheUserInfo;


import org.springframework.beans.factory.annotation.Qualifier;


import org.springframework.context.annotation.Bean;


import org.springframework.context.annotation.Configuration;


import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;


import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;


import org.springframework.security.config.annotation.web.builders.HttpSecurity;


import org.springframework.security.config.annotation.web.builders.WebSecurity;


import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;


import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;


import org.springframework.security.config.http.SessionCreationPolicy;


import org.springframework.security.core.userdetails.UserDetailsService;


import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;


 


import javax.annotation.Resource;


 


@Configuration


@EnableWebSecurity


@EnableGlobalMethodSecurity(securedEnabled = true,prePostEnabled = true)


public class WebSecurityConfig extends WebSecurityConfigurerAdapter {


 


    @Resource


    private TokenAuthenticationFilter tokenAuthenticationFilter;


 


    @Override


    protected void configure(HttpSecurity http) throws Exception {


        // 关闭跨域攻击


        http.csrf().disable();


        // 关闭session


        http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);


        // 登录json放行 | websocket | 普通人员密码自行修改


//        http.authorizeRequests().antMatchers("/auth/login", "/ws/test/**", "/account/pwd/forget","/sys/lic/**").permitAll();


 


        //从白名单里面获取放行的接口


        http.authorizeRequests().antMatchers(TokenCheckWhiteListEnum.getWhitePathArray()).permitAll();


 


        // 关闭


        http.headers().cacheControl();


        // token过滤器


        http.addFilterBefore(tokenAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);


        // 请求认证访问


        http.authorizeRequests().anyRequest().authenticated();


        // 允许跨域访问


        http.cors();


 


    }


 


 


 


 


 


    /**


    * @Description: 自定义查询逻辑 & 密码处理器


    */


    @Override


    protected void configure(AuthenticationManagerBuilder auth) throws Exception {


        auth.userDetailsService(userDetailsService());


    }


 


    /**


    * @Description: 自定义查询逻辑


    */


    @Bean


    @Qualifier("myUserDetailService")


    protected UserDetailsService userDetailsService(){


        return (username)-> new CacheUserInfo();


    }


 


 


    @Override


    public void configure(WebSecurity web) {


        web.ignoring().mvcMatchers();


    }


}