From 221f99c764b51c3cd284c6e5a41492c26c5c7ffc Mon Sep 17 00:00:00 2001
From: 648540858 <648540858@qq.com>
Date: 星期五, 09 九月 2022 17:06:19 +0800
Subject: [PATCH] 优化sip消息

---
 src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java |   69 +++++++++++++++++++++++++---------
 1 files changed, 50 insertions(+), 19 deletions(-)

diff --git a/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java b/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java
index 1de14e6..0d3a7d6 100644
--- a/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java
+++ b/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java
@@ -1,5 +1,8 @@
 package com.genersoft.iot.vmp.conf.security;
 
+import com.genersoft.iot.vmp.conf.UserSetting;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -13,13 +16,21 @@
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 
+import java.util.List;
+
 /**
  * 閰嶇疆Spring Security
+ * @author lin
  */
 @Configuration
 @EnableWebSecurity
 @EnableGlobalMethodSecurity(prePostEnabled = true)
 public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
+
+    private final static Logger logger = LoggerFactory.getLogger(WebSecurityConfig.class);
+
+    @Autowired
+    private UserSetting userSetting;
 
     @Autowired
     private DefaultUserDetailsServiceImpl userDetailsService;
@@ -66,18 +77,32 @@
      **/
     @Override
     public void configure(WebSecurity web) {
-        // 鍙互鐩存帴璁块棶鐨勯潤鎬佹暟鎹�
-        web.ignoring()
-                .antMatchers("/")
-                .antMatchers("/css/**")
-                .antMatchers("/img/**")
-                .antMatchers("/fonts/**")
-                .antMatchers("/index.html")
-                .antMatchers("/doc.html") // "/webjars/**", "/swagger-resources/**", "/v3/api-docs/**"
-                .antMatchers("/webjars/**")
-                .antMatchers("/swagger-resources/**")
-                .antMatchers("/v3/api-docs/**")
-                .antMatchers("/js/**");
+
+        if (!userSetting.isInterfaceAuthentication()) {
+            web.ignoring().antMatchers("**");
+        }else {
+            // 鍙互鐩存帴璁块棶鐨勯潤鎬佹暟鎹�
+            web.ignoring()
+                    .antMatchers("/")
+                    .antMatchers("/#/**")
+                    .antMatchers("/static/**")
+                    .antMatchers("/index.html")
+                    .antMatchers("/doc.html") // "/webjars/**", "/swagger-resources/**", "/v3/api-docs/**"
+                    .antMatchers("/webjars/**")
+                    .antMatchers("/swagger-resources/**")
+                    .antMatchers("/v3/api-docs/**")
+                    .antMatchers("/favicon.ico")
+                    .antMatchers("/js/**");
+            List<String> interfaceAuthenticationExcludes = userSetting.getInterfaceAuthenticationExcludes();
+            for (String interfaceAuthenticationExclude : interfaceAuthenticationExcludes) {
+                if (interfaceAuthenticationExclude.split("/").length < 4 ) {
+                    logger.warn("{}涓嶆弧瓒充袱绾х洰褰曪紝宸插拷鐣�", interfaceAuthenticationExclude);
+                }else {
+                    web.ignoring().antMatchers(interfaceAuthenticationExclude);
+                }
+
+            }
+        }
     }
 
     /**
@@ -100,6 +125,8 @@
     @Override
     protected void configure(HttpSecurity http) throws Exception {
         http.cors().and().csrf().disable();
+        // 璁剧疆鍏佽娣诲姞闈欐�佹枃浠�
+        http.headers().contentTypeOptions().disable();
         http.authorizeRequests()
                 // 鏀捐鎺ュ彛
                 .antMatchers("/api/user/login","/index/hook/**").permitAll()
@@ -107,15 +134,19 @@
                 .anyRequest().authenticated()
                 // 寮傚父澶勭悊(鏉冮檺鎷掔粷銆佺櫥褰曞け鏁堢瓑)
                 .and().exceptionHandling()
-                .authenticationEntryPoint(anonymousAuthenticationEntryPoint)//鍖垮悕鐢ㄦ埛璁块棶鏃犳潈闄愯祫婧愭椂鐨勫紓甯稿鐞�
+                //鍖垮悕鐢ㄦ埛璁块棶鏃犳潈闄愯祫婧愭椂鐨勫紓甯稿鐞�
+                .authenticationEntryPoint(anonymousAuthenticationEntryPoint)
 //                .accessDeniedHandler(accessDeniedHandler)//鐧诲綍鐢ㄦ埛娌℃湁鏉冮檺璁块棶璧勬簮
-                // 鐧诲叆
-                .and().formLogin().permitAll()//鍏佽鎵�鏈夌敤鎴�
-                .successHandler(loginSuccessHandler)//鐧诲綍鎴愬姛澶勭悊閫昏緫
-                .failureHandler(loginFailureHandler)//鐧诲綍澶辫触澶勭悊閫昏緫
+                // 鐧诲叆 鍏佽鎵�鏈夌敤鎴�
+                .and().formLogin().permitAll()
+                //鐧诲綍鎴愬姛澶勭悊閫昏緫
+                .successHandler(loginSuccessHandler)
+                //鐧诲綍澶辫触澶勭悊閫昏緫
+                .failureHandler(loginFailureHandler)
                 // 鐧诲嚭
-                .and().logout().logoutUrl("/api/user/logout").permitAll()//鍏佽鎵�鏈夌敤鎴�
-                .logoutSuccessHandler(logoutHandler)//鐧诲嚭鎴愬姛澶勭悊閫昏緫
+                .and().logout().logoutUrl("/api/user/logout").permitAll()
+                //鐧诲嚭鎴愬姛澶勭悊閫昏緫
+                .logoutSuccessHandler(logoutHandler)
                 .deleteCookies("JSESSIONID")
                 // 浼氳瘽绠＄悊
 //                .and().sessionManagement().invalidSessionStrategy(invalidSessionHandler) // 瓒呮椂澶勭悊

--
Gitblit v1.8.0