| | |
| | | package com.genersoft.iot.vmp.conf.security; |
| | | |
| | | import com.genersoft.iot.vmp.conf.UserSetting; |
| | | import org.junit.jupiter.api.Order; |
| | | import org.springframework.core.annotation.Order; |
| | | import org.slf4j.Logger; |
| | | import org.slf4j.LoggerFactory; |
| | | import org.springframework.beans.factory.annotation.Autowired; |
| | |
| | | * 登出成功的处理 |
| | | */ |
| | | @Autowired |
| | | private LoginFailureHandler loginFailureHandler; |
| | | /** |
| | | * 登录成功的处理 |
| | | */ |
| | | @Autowired |
| | | private LoginSuccessHandler loginSuccessHandler; |
| | | /** |
| | | * 登出成功的处理 |
| | | */ |
| | | @Autowired |
| | | private LogoutHandler logoutHandler; |
| | | /** |
| | | * 未登录的处理 |
| | |
| | | **/ |
| | | @Override |
| | | public void configure(WebSecurity web) { |
| | | |
| | | if (!userSetting.isInterfaceAuthentication()) { |
| | | web.ignoring().antMatchers("**"); |
| | | }else { |
| | | if (userSetting.isInterfaceAuthentication()) { |
| | | ArrayList<String> matchers = new ArrayList<>(); |
| | | matchers.add("/"); |
| | | matchers.add("/#/**"); |
| | |
| | | matchers.add("/swagger-resources/**"); |
| | | matchers.add("/v3/api-docs/**"); |
| | | matchers.add("/js/**"); |
| | | matchers.addAll(userSetting.getInterfaceAuthenticationExcludes()); |
| | | matchers.add("/api/device/query/snap/**"); |
| | | matchers.add("/record_proxy/*/**"); |
| | | // 可以直接访问的静态数据 |
| | | web.ignoring().antMatchers(matchers.toArray(new String[0])); |
| | | } |
| | |
| | | .authorizeRequests() |
| | | .requestMatchers(CorsUtils::isPreFlightRequest).permitAll() |
| | | .antMatchers(userSetting.getInterfaceAuthenticationExcludes().toArray(new String[0])).permitAll() |
| | | .antMatchers("/api/user/login","/index/hook/**").permitAll() |
| | | .antMatchers("/api/user/login","/index/hook/**","/zlm_Proxy/FhTuMYqB2HeCuNOb/record/t/1/2023-03-25/16:35:07-16:35:16-9353.mp4").permitAll() |
| | | .anyRequest().authenticated() |
| | | // 异常处理器 |
| | | .and() |