wvp-pro.git - Gitblit

			@@ -1,7 +1,7 @@
			package com.genersoft.iot.vmp.conf.security;

			import com.genersoft.iot.vmp.conf.UserSetting;
			import org.junit.jupiter.api.Order;
			import org.springframework.core.annotation.Order;
			import org.slf4j.Logger;
			import org.slf4j.LoggerFactory;
			import org.springframework.beans.factory.annotation.Autowired;
			@@ -47,16 +47,6 @@
			* 登出成功的处理
			*/
			@Autowired
			private LoginFailureHandler loginFailureHandler;
			/**
			* 登录成功的处理
			*/
			@Autowired
			private LoginSuccessHandler loginSuccessHandler;
			/**
			* 登出成功的处理
			*/
			@Autowired
			private LogoutHandler logoutHandler;
			/**
			* 未登录的处理
			@@ -72,10 +62,7 @@
			**/
			@Override
			public void configure(WebSecurity web) {

			if (!userSetting.isInterfaceAuthentication()) {
			web.ignoring().antMatchers("**");
			}else {
			if (userSetting.isInterfaceAuthentication()) {
			ArrayList<String> matchers = new ArrayList<>();
			matchers.add("/");
			matchers.add("/#/**");
			@@ -87,6 +74,7 @@
			matchers.add("/v3/api-docs/**");
			matchers.add("/js/**");
			matchers.add("/api/device/query/snap/**");
			matchers.add("/record_proxy//*");
			matchers.addAll(userSetting.getInterfaceAuthenticationExcludes());
			// 可以直接访问的静态数据
			web.ignoring().antMatchers(matchers.toArray(new String[0]));
			@@ -123,7 +111,7 @@
			.authorizeRequests()
			.requestMatchers(CorsUtils::isPreFlightRequest).permitAll()
			.antMatchers(userSetting.getInterfaceAuthenticationExcludes().toArray(new String[0])).permitAll()
			.antMatchers("/api/user/login","/index/hook/**").permitAll()
			.antMatchers("/api/user/login","/index/hook/**","/zlm_Proxy/FhTuMYqB2HeCuNOb/record/t/1/2023-03-25/16:35:07-16:35:16-9353.mp4").permitAll()
			.anyRequest().authenticated()
			// 异常处理器
			.and()