| | |
|---|
| | | **/ |
|---|
| | | @Override |
|---|
| | | public void configure(WebSecurity web) { |
|---|
| | | |
|---|
| | | if (!userSetting.isInterfaceAuthentication()) { |
|---|
| | | web.ignoring().antMatchers("**"); |
|---|
| | | }else { |
|---|
| | | if (userSetting.isInterfaceAuthentication()) { |
|---|
| | | ArrayList<String> matchers = new ArrayList<>(); |
|---|
| | | matchers.add("/"); |
|---|
| | | matchers.add("/#/**"); |
|---|
| | |
|---|
| | | matchers.add("/swagger-resources/**"); |
|---|
| | | matchers.add("/v3/api-docs/**"); |
|---|
| | | matchers.add("/js/**"); |
|---|
| | | matchers.add("/api/device/query/snap/**"); |
|---|
| | | matchers.add("/record_proxy/*/**"); |
|---|
| | | matchers.addAll(userSetting.getInterfaceAuthenticationExcludes()); |
|---|
| | | // 可以直接访问的静态数据 |
|---|
| | | web.ignoring().antMatchers(matchers.toArray(new String[0])); |
|---|
| | |
|---|
| | | .authorizeRequests() |
|---|
| | | .requestMatchers(CorsUtils::isPreFlightRequest).permitAll() |
|---|
| | | .antMatchers(userSetting.getInterfaceAuthenticationExcludes().toArray(new String[0])).permitAll() |
|---|
| | | .antMatchers("/api/user/login","/index/hook/**").permitAll() |
|---|
| | | .antMatchers("/api/user/login","/index/hook/**","/zlm_Proxy/FhTuMYqB2HeCuNOb/record/t/1/2023-03-25/16:35:07-16:35:16-9353.mp4").permitAll() |
|---|
| | | .anyRequest().authenticated() |
|---|
| | | // 异常处理器 |
|---|
| | | .and() |
|---|
