From 42a2772d1aa7493bcc4fac3e24ee8eda4eebc23d Mon Sep 17 00:00:00 2001
From: xubinbin <1323875150@qq.com>
Date: 星期二, 12 十二月 2023 17:09:04 +0800
Subject: [PATCH] bugfix:请求头带token, SecurityUtils 获取用户id 一直为0 #1195
---
src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java | 28 ++++++++++------------------
1 files changed, 10 insertions(+), 18 deletions(-)
diff --git a/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java b/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java
index be2850f..9cb3a1f 100644
--- a/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java
+++ b/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java
@@ -1,12 +1,12 @@
package com.genersoft.iot.vmp.conf.security;
import com.genersoft.iot.vmp.conf.UserSetting;
-import org.junit.jupiter.api.Order;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
+import org.springframework.core.annotation.Order;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
@@ -28,6 +28,7 @@
/**
* 閰嶇疆Spring Security
+ *
* @author lin
*/
@Configuration
@@ -47,16 +48,6 @@
* 鐧诲嚭鎴愬姛鐨勫鐞�
*/
@Autowired
- private LoginFailureHandler loginFailureHandler;
- /**
- * 鐧诲綍鎴愬姛鐨勫鐞�
- */
- @Autowired
- private LoginSuccessHandler loginSuccessHandler;
- /**
- * 鐧诲嚭鎴愬姛鐨勫鐞�
- */
- @Autowired
private LogoutHandler logoutHandler;
/**
* 鏈櫥褰曠殑澶勭悊
@@ -72,10 +63,7 @@
**/
@Override
public void configure(WebSecurity web) {
-
- if (!userSetting.isInterfaceAuthentication()) {
- web.ignoring().antMatchers("**");
- }else {
+ if (userSetting.isInterfaceAuthentication()) {
ArrayList<String> matchers = new ArrayList<>();
matchers.add("/");
matchers.add("/#/**");
@@ -86,6 +74,9 @@
matchers.add("/swagger-resources/**");
matchers.add("/v3/api-docs/**");
matchers.add("/js/**");
+ matchers.add("/api/device/query/snap/**");
+ matchers.add("/record_proxy/*/**");
+ matchers.add("/api/emit");
matchers.addAll(userSetting.getInterfaceAuthenticationExcludes());
// 鍙互鐩存帴璁块棶鐨勯潤鎬佹暟鎹�
web.ignoring().antMatchers(matchers.toArray(new String[0]));
@@ -94,6 +85,7 @@
/**
* 閰嶇疆璁よ瘉鏂瑰紡
+ *
* @param auth
* @throws Exception
*/
@@ -122,7 +114,7 @@
.authorizeRequests()
.requestMatchers(CorsUtils::isPreFlightRequest).permitAll()
.antMatchers(userSetting.getInterfaceAuthenticationExcludes().toArray(new String[0])).permitAll()
- .antMatchers("/api/user/login","/index/hook/**").permitAll()
+ .antMatchers("/api/user/login", "/index/hook/**").permitAll()
.anyRequest().authenticated()
// 寮傚父澶勭悊鍣�
.and()
@@ -135,7 +127,7 @@
}
- CorsConfigurationSource configurationSource(){
+ CorsConfigurationSource configurationSource() {
// 閰嶇疆璺ㄥ煙
CorsConfiguration corsConfiguration = new CorsConfiguration();
corsConfiguration.setAllowedHeaders(Arrays.asList("*"));
@@ -146,7 +138,7 @@
corsConfiguration.setExposedHeaders(Arrays.asList(JwtUtils.getHeader()));
UrlBasedCorsConfigurationSource url = new UrlBasedCorsConfigurationSource();
- url.registerCorsConfiguration("/**",corsConfiguration);
+ url.registerCorsConfiguration("/**", corsConfiguration);
return url;
}
--
Gitblit v1.8.0