From 1de344674afd6bb35b51b165bbad76dbe6299b7e Mon Sep 17 00:00:00 2001
From: 648540858 <648540858@qq.com>
Date: 星期四, 28 三月 2024 18:08:33 +0800
Subject: [PATCH] 使用冒号分隔redis的key
---
src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java | 26 +++++++++++++++++++-------
1 files changed, 19 insertions(+), 7 deletions(-)
diff --git a/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java b/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java
index 6a24735..ad959d6 100644
--- a/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java
+++ b/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java
@@ -1,12 +1,12 @@
package com.genersoft.iot.vmp.conf.security;
import com.genersoft.iot.vmp.conf.UserSetting;
-import org.springframework.core.annotation.Order;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
+import org.springframework.core.annotation.Order;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
@@ -25,9 +25,11 @@
import java.util.ArrayList;
import java.util.Arrays;
+import java.util.Collections;
/**
* 閰嶇疆Spring Security
+ *
* @author lin
*/
@Configuration
@@ -67,6 +69,8 @@
matchers.add("/");
matchers.add("/#/**");
matchers.add("/static/**");
+ matchers.add("/swagger-ui.html");
+ matchers.add("/swagger-ui/");
matchers.add("/index.html");
matchers.add("/doc.html");
matchers.add("/webjars/**");
@@ -75,7 +79,8 @@
matchers.add("/js/**");
matchers.add("/api/device/query/snap/**");
matchers.add("/record_proxy/*/**");
- matchers.addAll(userSetting.getInterfaceAuthenticationExcludes());
+ matchers.add("/api/emit");
+ matchers.add("/favicon.ico");
// 鍙互鐩存帴璁块棶鐨勯潤鎬佹暟鎹�
web.ignoring().antMatchers(matchers.toArray(new String[0]));
}
@@ -83,6 +88,7 @@
/**
* 閰嶇疆璁よ瘉鏂瑰紡
+ *
* @param auth
* @throws Exception
*/
@@ -111,7 +117,7 @@
.authorizeRequests()
.requestMatchers(CorsUtils::isPreFlightRequest).permitAll()
.antMatchers(userSetting.getInterfaceAuthenticationExcludes().toArray(new String[0])).permitAll()
- .antMatchers("/api/user/login","/index/hook/**","/zlm_Proxy/FhTuMYqB2HeCuNOb/record/t/1/2023-03-25/16:35:07-16:35:16-9353.mp4").permitAll()
+ .antMatchers("/api/user/login", "/index/hook/**", "/swagger-ui/**", "/doc.html").permitAll()
.anyRequest().authenticated()
// 寮傚父澶勭悊鍣�
.and()
@@ -124,18 +130,24 @@
}
- CorsConfigurationSource configurationSource(){
+ CorsConfigurationSource configurationSource() {
// 閰嶇疆璺ㄥ煙
CorsConfiguration corsConfiguration = new CorsConfiguration();
corsConfiguration.setAllowedHeaders(Arrays.asList("*"));
corsConfiguration.setAllowedMethods(Arrays.asList("*"));
corsConfiguration.setMaxAge(3600L);
- corsConfiguration.setAllowCredentials(true);
- corsConfiguration.setAllowedOrigins(userSetting.getAllowedOrigins());
+ if (userSetting.getAllowedOrigins() != null && !userSetting.getAllowedOrigins().isEmpty()) {
+ corsConfiguration.setAllowCredentials(true);
+ corsConfiguration.setAllowedOrigins(userSetting.getAllowedOrigins());
+ }else {
+ corsConfiguration.setAllowCredentials(false);
+ corsConfiguration.setAllowedOrigins(Collections.singletonList(CorsConfiguration.ALL));
+ }
+
corsConfiguration.setExposedHeaders(Arrays.asList(JwtUtils.getHeader()));
UrlBasedCorsConfigurationSource url = new UrlBasedCorsConfigurationSource();
- url.registerCorsConfiguration("/**",corsConfiguration);
+ url.registerCorsConfiguration("/**", corsConfiguration);
return url;
}
--
Gitblit v1.8.0