From 1038a53e4b173bb853547e5250565567b8e85716 Mon Sep 17 00:00:00 2001
From: lohir <3399054449@qq.com>
Date: 星期一, 21 十月 2024 09:30:10 +0800
Subject: [PATCH] 删除江西空管关键字

---
 src/main/java/com/ycl/jxkg/config/spring/security/SecurityConfigurer.java |    9 ++++++++-
 1 files changed, 8 insertions(+), 1 deletions(-)

diff --git a/src/main/java/com/ycl/jxkg/config/spring/security/SecurityConfigurer.java b/src/main/java/com/ycl/jxkg/config/spring/security/SecurityConfigurer.java
index 596abfb..fb2a490 100644
--- a/src/main/java/com/ycl/jxkg/config/spring/security/SecurityConfigurer.java
+++ b/src/main/java/com/ycl/jxkg/config/spring/security/SecurityConfigurer.java
@@ -67,6 +67,12 @@
             this.restAccessDeniedHandler = restAccessDeniedHandler;
         }
 
+        @Bean
+        public SessionFilter sessionFilter() throws Exception {
+            SessionFilter jwtTokenFilter = new SessionFilter(authenticationManagerBean());
+            return jwtTokenFilter;
+        }
+
         /**
          * @param http http
          * @throws Exception exception
@@ -85,7 +91,7 @@
                     .authorizeRequests()
                     .antMatchers(securityIgnoreUrls.toArray(ignores)).permitAll()
                     .antMatchers("/api/admin/user/update/password").permitAll()
-                    .antMatchers("/api/admin/**").hasRole(RoleEnum.ADMIN.getName())
+                    .antMatchers("/api/admin/**").hasAnyRole(RoleEnum.ADMIN.getName(),RoleEnum.TEACHER.getName())
                     .antMatchers("/api/student/**").hasRole(RoleEnum.STUDENT.getName())
                     .antMatchers("/api/register/**").anonymous()
                     .anyRequest().permitAll()
@@ -95,6 +101,7 @@
                     .and().rememberMe().key(CookieConfig.getName()).tokenValiditySeconds(CookieConfig.getInterval()).userDetailsService(formDetailsService)
                     .and().csrf().disable()
                     .cors();
+            http.addFilter(sessionFilter());
         }
 
 

--
Gitblit v1.8.0