From 247cb86585a1d1894596ed18a6c93efecb992946 Mon Sep 17 00:00:00 2001
From: luohairen <3399054449@qq.com>
Date: 星期四, 14 十一月 2024 10:34:27 +0800
Subject: [PATCH] 班级成绩图表分析
---
src/main/java/com/ycl/jxkg/config/spring/security/SecurityConfigurer.java | 12 ++++++++++--
1 files changed, 10 insertions(+), 2 deletions(-)
diff --git a/src/main/java/com/ycl/jxkg/config/spring/security/SecurityConfigurer.java b/src/main/java/com/ycl/jxkg/config/spring/security/SecurityConfigurer.java
index 39405f8..fb2a490 100644
--- a/src/main/java/com/ycl/jxkg/config/spring/security/SecurityConfigurer.java
+++ b/src/main/java/com/ycl/jxkg/config/spring/security/SecurityConfigurer.java
@@ -67,6 +67,12 @@
this.restAccessDeniedHandler = restAccessDeniedHandler;
}
+ @Bean
+ public SessionFilter sessionFilter() throws Exception {
+ SessionFilter jwtTokenFilter = new SessionFilter(authenticationManagerBean());
+ return jwtTokenFilter;
+ }
+
/**
* @param http http
* @throws Exception exception
@@ -84,8 +90,9 @@
.and().authenticationProvider(restAuthenticationProvider)
.authorizeRequests()
.antMatchers(securityIgnoreUrls.toArray(ignores)).permitAll()
- .antMatchers("/api/admin/**").hasRole(RoleEnum.ADMIN.getName())
- .antMatchers("/api/student/**").hasAnyRole(RoleEnum.STUDENT.getName(),RoleEnum.ADMIN.getName())
+ .antMatchers("/api/admin/user/update/password").permitAll()
+ .antMatchers("/api/admin/**").hasAnyRole(RoleEnum.ADMIN.getName(),RoleEnum.TEACHER.getName())
+ .antMatchers("/api/student/**").hasRole(RoleEnum.STUDENT.getName())
.antMatchers("/api/register/**").anonymous()
.anyRequest().permitAll()
.and().exceptionHandling().accessDeniedHandler(restAccessDeniedHandler)
@@ -94,6 +101,7 @@
.and().rememberMe().key(CookieConfig.getName()).tokenValiditySeconds(CookieConfig.getInterval()).userDetailsService(formDetailsService)
.and().csrf().disable()
.cors();
+ http.addFilter(sessionFilter());
}
--
Gitblit v1.8.0