From 95688e400b6974953505c159f8fbf9d65784c724 Mon Sep 17 00:00:00 2001
From: 648540858 <648540858@qq.com>
Date: 星期一, 13 三月 2023 09:45:00 +0800
Subject: [PATCH] 初步实现登录返回token
---
src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java | 123 +++++++++++++++++++++++++++--------------
1 files changed, 81 insertions(+), 42 deletions(-)
diff --git a/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java b/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java
index c6e77ca..c700b8c 100644
--- a/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java
+++ b/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java
@@ -1,7 +1,10 @@
package com.genersoft.iot.vmp.conf.security;
+import com.genersoft.iot.vmp.conf.UserSetting;
+import org.junit.jupiter.api.Order;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
@@ -12,18 +15,26 @@
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+
+import java.util.List;
/**
* 閰嶇疆Spring Security
+ * @author lin
*/
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
+@Order(1)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
- @Value("${userSettings.interfaceAuthentication}")
- private boolean interfaceAuthentication;
+ private final static Logger logger = LoggerFactory.getLogger(WebSecurityConfig.class);
+
+ @Autowired
+ private UserSetting userSetting;
@Autowired
private DefaultUserDetailsServiceImpl userDetailsService;
@@ -47,22 +58,14 @@
*/
@Autowired
private AnonymousAuthenticationEntryPoint anonymousAuthenticationEntryPoint;
-// /**
-// * 瓒呮椂澶勭悊
-// */
-// @Autowired
-// private InvalidSessionHandler invalidSessionHandler;
+ @Autowired
+ private JwtAuthenticationFilter jwtAuthenticationFilter;
-// /**
-// * 椤跺彿澶勭悊
-// */
-// @Autowired
-// private SessionInformationExpiredHandler sessionInformationExpiredHandler;
-// /**
-// * 鐧诲綍鐢ㄦ埛娌℃湁鏉冮檺璁块棶璧勬簮
-// */
-// @Autowired
-// private LoginUserAccessDeniedHandler accessDeniedHandler;
+// @Bean
+// JwtAuthenticationFilter jwtAuthenticationFilter() throws Exception {
+// JwtAuthenticationFilter jwtAuthenticationFilter = new JwtAuthenticationFilter(authenticationManager());
+// return jwtAuthenticationFilter;
+// }
/**
@@ -71,19 +74,30 @@
@Override
public void configure(WebSecurity web) {
- if (!interfaceAuthentication) {
+ if (!userSetting.isInterfaceAuthentication()) {
web.ignoring().antMatchers("**");
}else {
// 鍙互鐩存帴璁块棶鐨勯潤鎬佹暟鎹�
web.ignoring()
.antMatchers("/")
+ .antMatchers("/#/**")
.antMatchers("/static/**")
.antMatchers("/index.html")
.antMatchers("/doc.html") // "/webjars/**", "/swagger-resources/**", "/v3/api-docs/**"
.antMatchers("/webjars/**")
.antMatchers("/swagger-resources/**")
.antMatchers("/v3/api-docs/**")
+ .antMatchers("/favicon.ico")
.antMatchers("/js/**");
+ List<String> interfaceAuthenticationExcludes = userSetting.getInterfaceAuthenticationExcludes();
+ for (String interfaceAuthenticationExclude : interfaceAuthenticationExcludes) {
+ if (interfaceAuthenticationExclude.split("/").length < 4 ) {
+ logger.warn("{}涓嶆弧瓒充袱绾х洰褰曪紝宸插拷鐣�", interfaceAuthenticationExclude);
+ }else {
+ web.ignoring().antMatchers(interfaceAuthenticationExclude);
+ }
+
+ }
}
}
@@ -106,31 +120,56 @@
@Override
protected void configure(HttpSecurity http) throws Exception {
- http.cors().and().csrf().disable();
- // 璁剧疆鍏佽娣诲姞闈欐�佹枃浠�
- http.headers().contentTypeOptions().disable();
- http.authorizeRequests()
- // 鏀捐鎺ュ彛
- .antMatchers("/#/**", "/api/user/login","/index/hook/**").permitAll()
- // 闄や笂闈㈠鐨勬墍鏈夎姹傚叏閮ㄩ渶瑕侀壌鏉冭璇�
+ http.headers().contentTypeOptions().disable()
+ .and().cors()
+ .and().csrf().disable()
+ .sessionManagement()
+ .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
+
+ // 閰嶇疆鎷︽埅瑙勫垯
+ .and()
+ .authorizeRequests()
+ .antMatchers("/api/user/login","/index/hook/**").permitAll()
.anyRequest().authenticated()
- // 寮傚父澶勭悊(鏉冮檺鎷掔粷銆佺櫥褰曞け鏁堢瓑)
- .and().exceptionHandling()
- .authenticationEntryPoint(anonymousAuthenticationEntryPoint)//鍖垮悕鐢ㄦ埛璁块棶鏃犳潈闄愯祫婧愭椂鐨勫紓甯稿鐞�
-// .accessDeniedHandler(accessDeniedHandler)//鐧诲綍鐢ㄦ埛娌℃湁鏉冮檺璁块棶璧勬簮
- // 鐧诲叆
- .and().formLogin().permitAll()//鍏佽鎵�鏈夌敤鎴�
- .successHandler(loginSuccessHandler)//鐧诲綍鎴愬姛澶勭悊閫昏緫
- .failureHandler(loginFailureHandler)//鐧诲綍澶辫触澶勭悊閫昏緫
- // 鐧诲嚭
- .and().logout().logoutUrl("/api/user/logout").permitAll()//鍏佽鎵�鏈夌敤鎴�
- .logoutSuccessHandler(logoutHandler)//鐧诲嚭鎴愬姛澶勭悊閫昏緫
- .deleteCookies("JSESSIONID")
- // 浼氳瘽绠$悊
-// .and().sessionManagement().invalidSessionStrategy(invalidSessionHandler) // 瓒呮椂澶勭悊
-// .maximumSessions(1)//鍚屼竴璐﹀彿鍚屾椂鐧诲綍鏈�澶х敤鎴锋暟
-// .expiredSessionStrategy(sessionInformationExpiredHandler) // 椤跺彿澶勭悊
+ // 寮傚父澶勭悊鍣�
+ .and()
+ .exceptionHandling()
+ .authenticationEntryPoint(anonymousAuthenticationEntryPoint)
+// .accessDeniedHandler(jwtAccessDeniedHandler)
+ // 閰嶇疆鑷畾涔夌殑杩囨护鍣�
+// .and()
+// .addFilter(jwtAuthenticationFilter)
+ // 楠岃瘉鐮佽繃婊ゅ櫒鏀惧湪UsernamePassword杩囨护鍣ㄤ箣鍓�
+// .addFilterBefore(captchaFilter, UsernamePasswordAuthenticationFilter.class)
;
+ http.addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
+// // 璁剧疆鍏佽娣诲姞闈欐�佹枃浠�
+// http.headers().contentTypeOptions().disable();
+// http.authorizeRequests()
+// // 鏀捐鎺ュ彛
+// .antMatchers("/api/user/login","/index/hook/**").permitAll()
+// // 闄や笂闈㈠鐨勬墍鏈夎姹傚叏閮ㄩ渶瑕侀壌鏉冭璇�
+// .anyRequest().authenticated()
+// // 绂佺敤session
+// .and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
+// // 寮傚父澶勭悊(鏉冮檺鎷掔粷銆佺櫥褰曞け鏁堢瓑)
+// .and().exceptionHandling()
+// // 鍖垮悕鐢ㄦ埛璁块棶鏃犳潈闄愯祫婧愭椂鐨勫紓甯稿鐞�
+// .authenticationEntryPoint(anonymousAuthenticationEntryPoint)
+// // 鐧诲綍 鍏佽鎵�鏈夌敤鎴�
+// .and().formLogin()
+// // 鐧诲綍鎴愬姛澶勭悊閫昏緫 鍦ㄨ繖閲岀粰鍑篔WT
+// .successHandler(loginSuccessHandler)
+// // 鐧诲綍澶辫触澶勭悊閫昏緫
+// .failureHandler(loginFailureHandler)
+// // 鐧诲嚭
+// .and().logout().logoutUrl("/api/user/logout").permitAll()
+// // 鐧诲嚭鎴愬姛澶勭悊閫昏緫
+// .logoutSuccessHandler(logoutHandler)
+// // 閰嶇疆鑷畾涔夌殑杩囨护鍣�
+// .and()
+// .addFilter(jwtAuthenticationFilter())
+// ;
}
--
Gitblit v1.8.0