| | |
|---|
| | | package com.rongyichuang.config; |
|---|
| | | |
|---|
| | | import com.rongyichuang.auth.filter.JwtAuthenticationFilter; |
|---|
| | | import org.springframework.beans.factory.annotation.Autowired; |
|---|
| | | import org.springframework.context.annotation.Bean; |
|---|
| | | import org.springframework.context.annotation.Configuration; |
|---|
| | | import org.springframework.security.authentication.AuthenticationManager; |
|---|
| | |
|---|
| | | import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; |
|---|
| | | import org.springframework.security.crypto.password.PasswordEncoder; |
|---|
| | | import org.springframework.security.web.SecurityFilterChain; |
|---|
| | | import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; |
|---|
| | | import org.springframework.security.web.util.matcher.AntPathRequestMatcher; |
|---|
| | | import org.springframework.web.cors.CorsConfiguration; |
|---|
| | | import org.springframework.web.cors.CorsConfigurationSource; |
|---|
| | | import org.springframework.web.cors.UrlBasedCorsConfigurationSource; |
|---|
| | |
|---|
| | | @EnableWebSecurity |
|---|
| | | @EnableMethodSecurity |
|---|
| | | public class SecurityConfig { |
|---|
| | | |
|---|
| | | @Autowired |
|---|
| | | private JwtAuthenticationFilter jwtAuthenticationFilter; |
|---|
| | | |
|---|
| | | @Bean |
|---|
| | | public PasswordEncoder passwordEncoder() { |
|---|
| | |
|---|
| | | .csrf(csrf -> csrf.disable()) |
|---|
| | | .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) |
|---|
| | | .authorizeHttpRequests(auth -> auth |
|---|
| | | .requestMatchers("/api/auth/**").permitAll() |
|---|
| | | .requestMatchers("/api/graphql/**").permitAll() |
|---|
| | | .requestMatchers("/graphql/**").permitAll() |
|---|
| | | .requestMatchers("/graphql").permitAll() |
|---|
| | | .requestMatchers("/api/graphiql").permitAll() |
|---|
| | | .requestMatchers("/api/test/**").permitAll() |
|---|
| | | .anyRequest().permitAll() |
|---|
| | | ); |
|---|
| | | .requestMatchers( |
|---|
| | | new AntPathRequestMatcher("/auth/**"), |
|---|
| | | new AntPathRequestMatcher("/api/auth/**"), |
|---|
| | | new AntPathRequestMatcher("/actuator/**"), |
|---|
| | | new AntPathRequestMatcher("/test/**"), |
|---|
| | | new AntPathRequestMatcher("/cleanup/**"), |
|---|
| | | new AntPathRequestMatcher("/api/health/**"), |
|---|
| | | new AntPathRequestMatcher("/upload/**"), |
|---|
| | | new AntPathRequestMatcher("/api/upload/**"), |
|---|
| | | new AntPathRequestMatcher("/graphiql/**"), |
|---|
| | | new AntPathRequestMatcher("/graphql/**"), |
|---|
| | | new AntPathRequestMatcher("/api/graphql/**"), |
|---|
| | | new AntPathRequestMatcher("/api/graphiql/**"), |
|---|
| | | new AntPathRequestMatcher("/player/export/applications"), |
|---|
| | | new AntPathRequestMatcher("/api/player/export/applications") |
|---|
| | | ).permitAll() |
|---|
| | | .anyRequest().authenticated() |
|---|
| | | ) |
|---|
| | | .addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class); |
|---|
| | | |
|---|
| | | return http.build(); |
|---|
| | | } |
|---|
