| | |
|---|
| | | * @author ruoyi |
|---|
| | | */ |
|---|
| | | @EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true) |
|---|
| | | public class SecurityConfig extends WebSecurityConfigurerAdapter |
|---|
| | | { |
|---|
| | | public class SecurityConfig extends WebSecurityConfigurerAdapter { |
|---|
| | | /** |
|---|
| | | * 自定义用户认证逻辑 |
|---|
| | | */ |
|---|
| | |
|---|
| | | |
|---|
| | | @Autowired |
|---|
| | | private WxOpenIDAuthenticationSecurityConfig wxOpenIDAuthenticationSecurityConfig; |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * 解决 无法直接注入 AuthenticationManager |
|---|
| | | * |
|---|
| | |
|---|
| | | */ |
|---|
| | | @Bean |
|---|
| | | @Override |
|---|
| | | public AuthenticationManager authenticationManagerBean() throws Exception |
|---|
| | | { |
|---|
| | | public AuthenticationManager authenticationManagerBean() throws Exception { |
|---|
| | | return super.authenticationManagerBean(); |
|---|
| | | } |
|---|
| | | |
|---|
| | |
|---|
| | | * authenticated | 用户登录后可访问 |
|---|
| | | */ |
|---|
| | | @Override |
|---|
| | | protected void configure(HttpSecurity httpSecurity) throws Exception |
|---|
| | | { |
|---|
| | | protected void configure(HttpSecurity httpSecurity) throws Exception { |
|---|
| | | httpSecurity |
|---|
| | | //微信openid注入 |
|---|
| | | .apply(wxOpenIDAuthenticationSecurityConfig).and() |
|---|
| | |
|---|
| | | // 过滤请求 |
|---|
| | | .authorizeRequests() |
|---|
| | | // 对于登录login 注册register 验证码captchaImage 允许匿名访问 |
|---|
| | | .antMatchers("/login","/openidlogin", "/register", "/captchaImage", "/getToken").anonymous() |
|---|
| | | .antMatchers("/login", "/openidlogin", "/register", "/captchaImage", "/getToken").anonymous() |
|---|
| | | .antMatchers( |
|---|
| | | HttpMethod.GET, |
|---|
| | | "/", |
|---|
| | | "/*.html", |
|---|
| | | "/**/*.html", |
|---|
| | | "/**/*.css", |
|---|
| | | "/**/*.js" |
|---|
| | | // "/profile/**" |
|---|
| | | "/**/*.js", |
|---|
| | | "/profile/**" |
|---|
| | | ).permitAll() |
|---|
| | | // .antMatchers("/swagger-ui.html").anonymous() |
|---|
| | | // .antMatchers("/swagger-resources/**").anonymous() |
|---|
| | | // .antMatchers("/webjars/**").anonymous() |
|---|
| | | // .antMatchers("/*/api-docs").anonymous() |
|---|
| | | .antMatchers("/swagger-ui.html").permitAll() |
|---|
| | | .antMatchers("/swagger-resources/**").permitAll() |
|---|
| | | .antMatchers("/webjars/**").permitAll() |
|---|
| | | .antMatchers("/*/api-docs").permitAll() |
|---|
| | | // .antMatchers("/druid/**").anonymous() |
|---|
| | | // 除上面外的所有请求全部需要鉴权认证 |
|---|
| | | .anyRequest().authenticated() |
|---|
| | |
|---|
| | | * 强散列哈希加密实现 |
|---|
| | | */ |
|---|
| | | @Bean |
|---|
| | | public BCryptPasswordEncoder bCryptPasswordEncoder() |
|---|
| | | { |
|---|
| | | public BCryptPasswordEncoder bCryptPasswordEncoder() { |
|---|
| | | return new BCryptPasswordEncoder(); |
|---|
| | | } |
|---|
| | | |
|---|
| | |
|---|
| | | * 身份认证接口 |
|---|
| | | */ |
|---|
| | | @Override |
|---|
| | | protected void configure(AuthenticationManagerBuilder auth) throws Exception |
|---|
| | | { |
|---|
| | | protected void configure(AuthenticationManagerBuilder auth) throws Exception { |
|---|
| | | auth.userDetailsService(userDetailsService).passwordEncoder(bCryptPasswordEncoder()); |
|---|
| | | } |
|---|
| | | } |
|---|
