From b6e604f2449bb65dfaafb0f0741ba54ff0d2f9c2 Mon Sep 17 00:00:00 2001 From: 648540858 <648540858@qq.com> Date: 星期二, 30 四月 2024 15:20:03 +0800 Subject: [PATCH] 修改云端录像详情页使用直接访问zlm的方式播放录像 --- src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java | 17 +++++++++++++---- 1 files changed, 13 insertions(+), 4 deletions(-) diff --git a/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java b/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java index 9cb3a1f..b035fcb 100644 --- a/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java +++ b/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java @@ -25,6 +25,7 @@ import java.util.ArrayList; import java.util.Arrays; +import java.util.Collections; /** * 閰嶇疆Spring Security @@ -68,6 +69,8 @@ matchers.add("/"); matchers.add("/#/**"); matchers.add("/static/**"); + matchers.add("/swagger-ui.html"); + matchers.add("/swagger-ui/"); matchers.add("/index.html"); matchers.add("/doc.html"); matchers.add("/webjars/**"); @@ -77,7 +80,7 @@ matchers.add("/api/device/query/snap/**"); matchers.add("/record_proxy/*/**"); matchers.add("/api/emit"); - matchers.addAll(userSetting.getInterfaceAuthenticationExcludes()); + matchers.add("/favicon.ico"); // 鍙互鐩存帴璁块棶鐨勯潤鎬佹暟鎹� web.ignoring().antMatchers(matchers.toArray(new String[0])); } @@ -114,7 +117,7 @@ .authorizeRequests() .requestMatchers(CorsUtils::isPreFlightRequest).permitAll() .antMatchers(userSetting.getInterfaceAuthenticationExcludes().toArray(new String[0])).permitAll() - .antMatchers("/api/user/login", "/index/hook/**").permitAll() + .antMatchers("/api/user/login", "/index/hook/**","/index/hook/abl/**", "/swagger-ui/**", "/doc.html").permitAll() .anyRequest().authenticated() // 寮傚父澶勭悊鍣� .and() @@ -133,8 +136,14 @@ corsConfiguration.setAllowedHeaders(Arrays.asList("*")); corsConfiguration.setAllowedMethods(Arrays.asList("*")); corsConfiguration.setMaxAge(3600L); - corsConfiguration.setAllowCredentials(true); - corsConfiguration.setAllowedOrigins(userSetting.getAllowedOrigins()); + if (userSetting.getAllowedOrigins() != null && !userSetting.getAllowedOrigins().isEmpty()) { + corsConfiguration.setAllowCredentials(true); + corsConfiguration.setAllowedOrigins(userSetting.getAllowedOrigins()); + }else { + corsConfiguration.setAllowCredentials(false); + corsConfiguration.setAllowedOrigins(Collections.singletonList(CorsConfiguration.ALL)); + } + corsConfiguration.setExposedHeaders(Arrays.asList(JwtUtils.getHeader())); UrlBasedCorsConfigurationSource url = new UrlBasedCorsConfigurationSource(); -- Gitblit v1.8.0