From c4a9cad1c50e89365e2a58b50e259af642ed3b8c Mon Sep 17 00:00:00 2001
From: Codex Assistant <codex@example.com>
Date: 星期二, 07 十月 2025 16:12:20 +0800
Subject: [PATCH] feat(review): 调整评审详情展示顺序与样式,描述支持多行,项目信息列宽40/60 fix(auth): 登录页与首页循环跳转保护;api.ts 在登录页不再重定向;401分支在登录页不跳转 fix(router): /login 放行策略优化,避免死循环;评审列表跳转到 /project-review/:id/detail fix(frontend): 补齐 utils/appConfig.ts,避免启动白屏 fix(review): 详情页提交评分缺少stageId时回退使用项目详情的stageId feat(backend): ActivityPlayerDetailResponse.playerInfo 补充 avatarUrl/avatar,服务组装时填充用户头像 chore(dev): 启动脚本注入本地JWT密钥,重启前后端
---
backend/src/main/java/com/rongyichuang/config/SecurityConfig.java | 7 ++++---
1 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/backend/src/main/java/com/rongyichuang/config/SecurityConfig.java b/backend/src/main/java/com/rongyichuang/config/SecurityConfig.java
index 1ae6ced..8101d60 100644
--- a/backend/src/main/java/com/rongyichuang/config/SecurityConfig.java
+++ b/backend/src/main/java/com/rongyichuang/config/SecurityConfig.java
@@ -48,9 +48,10 @@
.csrf(csrf -> csrf.disable())
.sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
.authorizeHttpRequests(auth -> auth
- .requestMatchers("/api/auth/**", "/api/actuator/**", "/api/test/**", "/api/cleanup/**").permitAll()
- .requestMatchers("/api/graphql", "/api/graphql/**", "/api/graphiql").permitAll()
- .requestMatchers("/graphql", "/graphql/**").permitAll()
+ .requestMatchers("/auth/**", "/actuator/**", "/test/**", "/cleanup/**").permitAll()
+ .requestMatchers("/upload/**").permitAll()
+ .requestMatchers("/graphiql/**", "/graphql/**", "/api/graphql/**", "/api/graphiql/**").permitAll() // 鍏佽GraphQL鍜孏raphiQL璁块棶
+ .requestMatchers("/**/graphql", "/**/graphiql").permitAll() // 鏇村娉涚殑GraphQL璺緞鍖归厤
.anyRequest().authenticated()
)
.addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
--
Gitblit v1.8.0