From b8317a562c1e144f74435ccedf7db68a8e1cd5ee Mon Sep 17 00:00:00 2001
From: 若依 <yzz_ivy@163.com>
Date: 星期一, 30 八月 2021 16:59:55 +0800
Subject: [PATCH] !303 修改非管理员登录时,获取菜单报错sql Merge pull request !303 from Gold_Fish/master
---
ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java | 14 +++++++-------
1 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
index 1053159..bd36229 100644
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
@@ -49,7 +49,7 @@
*/
@Autowired
private JwtAuthenticationTokenFilter authenticationTokenFilter;
-
+
/**
* 跨域过滤器
*/
@@ -88,7 +88,7 @@
protected void configure(HttpSecurity httpSecurity) throws Exception
{
httpSecurity
- // CRSF禁用,因为不使用session
+ // CSRF禁用,因为不使用session
.csrf().disable()
// 认证失败处理类
.exceptionHandling().authenticationEntryPoint(unauthorizedHandler).and()
@@ -96,16 +96,17 @@
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
// 过滤请求
.authorizeRequests()
- // 对于登录login 验证码captchaImage 允许匿名访问
- .antMatchers("/login", "/captchaImage").anonymous()
+ // 对于登录login 注册register 验证码captchaImage 允许匿名访问
+ .antMatchers("/login", "/register", "/captchaImage").anonymous()
.antMatchers(
HttpMethod.GET,
+ "/",
"/*.html",
"/**/*.html",
"/**/*.css",
- "/**/*.js"
+ "/**/*.js",
+ "/profile/**"
).permitAll()
- .antMatchers("/profile/**").anonymous()
.antMatchers("/common/download**").anonymous()
.antMatchers("/common/download/resource**").anonymous()
.antMatchers("/swagger-ui.html").anonymous()
@@ -125,7 +126,6 @@
httpSecurity.addFilterBefore(corsFilter, LogoutFilter.class);
}
-
/**
* 强散列哈希加密实现
*/
--
Gitblit v1.9.2