From 38f9471ecf47b7c15b352113bc0f5a2ec1e64e7b Mon Sep 17 00:00:00 2001
From: fuliqi <fuliqi@qq.com>
Date: 星期二, 16 七月 2024 09:24:13 +0800
Subject: [PATCH] 登录返回vo修改,个人中心接口,用户列表权限验证
---
src/main/java/com/ycl/jxkg/config/spring/security/SecurityConfigurer.java | 9 ++++++++-
1 files changed, 8 insertions(+), 1 deletions(-)
diff --git a/src/main/java/com/ycl/jxkg/config/spring/security/SecurityConfigurer.java b/src/main/java/com/ycl/jxkg/config/spring/security/SecurityConfigurer.java
index 596abfb..fb2a490 100644
--- a/src/main/java/com/ycl/jxkg/config/spring/security/SecurityConfigurer.java
+++ b/src/main/java/com/ycl/jxkg/config/spring/security/SecurityConfigurer.java
@@ -67,6 +67,12 @@
this.restAccessDeniedHandler = restAccessDeniedHandler;
}
+ @Bean
+ public SessionFilter sessionFilter() throws Exception {
+ SessionFilter jwtTokenFilter = new SessionFilter(authenticationManagerBean());
+ return jwtTokenFilter;
+ }
+
/**
* @param http http
* @throws Exception exception
@@ -85,7 +91,7 @@
.authorizeRequests()
.antMatchers(securityIgnoreUrls.toArray(ignores)).permitAll()
.antMatchers("/api/admin/user/update/password").permitAll()
- .antMatchers("/api/admin/**").hasRole(RoleEnum.ADMIN.getName())
+ .antMatchers("/api/admin/**").hasAnyRole(RoleEnum.ADMIN.getName(),RoleEnum.TEACHER.getName())
.antMatchers("/api/student/**").hasRole(RoleEnum.STUDENT.getName())
.antMatchers("/api/register/**").anonymous()
.anyRequest().permitAll()
@@ -95,6 +101,7 @@
.and().rememberMe().key(CookieConfig.getName()).tokenValiditySeconds(CookieConfig.getInterval()).userDetailsService(formDetailsService)
.and().csrf().disable()
.cors();
+ http.addFilter(sessionFilter());
}
--
Gitblit v1.8.0