feat: 完善比赛晋级功能并清理测试文件

lrj

1 天以前 93eb6b470773bc49ea6e1a9d4cbd914eb95d525b

 backend/src/main/java/com/rongyichuang/config/SecurityConfig.java

@@ -1,5 +1,7 @@
package com.rongyichuang.config;

import com.rongyichuang.auth.filter.JwtAuthenticationFilter;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
@@ -11,6 +13,7 @@
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.CorsConfigurationSource;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
@@ -24,6 +27,9 @@
@EnableWebSecurity
@EnableMethodSecurity
public class SecurityConfig {

    @Autowired
    private JwtAuthenticationFilter jwtAuthenticationFilter;

    @Bean
    public PasswordEncoder passwordEncoder() {
@@ -42,14 +48,12 @@
            .csrf(csrf -> csrf.disable())
            .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
            .authorizeHttpRequests(auth -> auth
                .requestMatchers("/api/auth/**").permitAll()
                .requestMatchers("/api/graphql/**").permitAll()
                .requestMatchers("/graphql/**").permitAll()
                .requestMatchers("/graphql").permitAll()
                .requestMatchers("/api/graphiql").permitAll()
                .requestMatchers("/api/test/**").permitAll()
                .anyRequest().permitAll()
            );
                .requestMatchers("/api/auth/**", "/api/actuator/**", "/api/test/**", "/api/cleanup/**").permitAll()
                .requestMatchers("/api/graphql", "/api/graphql/**", "/api/graphiql").permitAll()
                .requestMatchers("/graphql", "/graphql/**").permitAll()
                .anyRequest().authenticated()
            )
            .addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);

        return http.build();
    }