多模块重构 12：【新增】Spring Security 新增 AuthorizeRequestsCustomizer 抽象类，自定义每个 Maven Module 的 URL 的安全配置

2025-07-25 16:35:06 +08:00 · 2022-02-04 01:36:27 +08:00
parent 4890cf05de
commit c2ccfa3bd6
33 changed files with 212 additions and 137 deletions
--- a/yudao-server/src/main/java/cn/iocoder/yudao/server/framework/monitor/config/AdminServerConfiguration.java
+++ b/yudao-server/src/main/java/cn/iocoder/yudao/server/framework/monitor/config/AdminServerConfiguration.java
@ -1,9 +0,0 @@
-package cn.iocoder.yudao.server.framework.monitor.config;
-
-import de.codecentric.boot.admin.server.config.EnableAdminServer;
-import org.springframework.context.annotation.Configuration;
-
-@Configuration
-@EnableAdminServer
-public class AdminServerConfiguration {
-}
--- a/yudao-server/src/main/java/cn/iocoder/yudao/server/framework/monitor/package-info.java
+++ b/yudao-server/src/main/java/cn/iocoder/yudao/server/framework/monitor/package-info.java
@ -1,4 +0,0 @@
-/**
- * 使用 Spring Boot Admin 实现简单的监控平台
- */
-package cn.iocoder.yudao.server.framework.monitor;
--- a/yudao-server/src/main/java/cn/iocoder/yudao/server/framework/monitor/《芋道
+++ b/yudao-server/src/main/java/cn/iocoder/yudao/server/framework/monitor/《芋道
@ -1 +0,0 @@
-<http://www.iocoder.cn/Spring-Boot/Admin/?yudao>
--- a/yudao-server/src/main/java/cn/iocoder/yudao/server/framework/security/SecurityConfiguration.java
+++ b/yudao-server/src/main/java/cn/iocoder/yudao/server/framework/security/SecurityConfiguration.java
@ -1,50 +0,0 @@
-package cn.iocoder.yudao.server.framework.security;
-
-import cn.iocoder.yudao.framework.web.config.WebProperties;
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.security.config.Customizer;
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
-
-import javax.annotation.Resource;
-
-@Configuration
-public class SecurityConfiguration {
-
-    @Resource
-    private WebProperties webProperties;
-
-    @Value("${spring.boot.admin.context-path:''}")
-    private String adminSeverContextPath;
-
-    @Bean
-    public Customizer<ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry> authorizeRequestsCustomizer() {
-        return registry -> {
-            // 验证码的接口
-            registry.antMatchers(buildAdminApi("/system/captcha/**")).anonymous();
-            // 获得租户编号的接口
-            registry.antMatchers(buildAdminApi("/system/tenant/get-id-by-name")).anonymous();
-            // Spring Boot Admin Server 的安全配置
-            registry.antMatchers(adminSeverContextPath).anonymous()
-                    .antMatchers(adminSeverContextPath + "/**").anonymous();
-            // 短信回调 API
-            registry.antMatchers(buildAdminApi("/system/sms/callback/**")).anonymous();
-
-            // 设置 App API 无需认证
-            registry.antMatchers(buildAppApi("/**")).permitAll();
-        };
-    }
-
-    private String buildAdminApi(String url) {
-        // TODO 芋艿：多模块
-        return webProperties.getAdminApi().getPrefix() + url;
-    }
-
-    private String buildAppApi(String url) {
-        // TODO 芋艿：多模块
-        return webProperties.getAppApi().getPrefix() + url;
-    }
-
-}
				`@ -1 +0,0 @@`
				`<http://www.iocoder.cn/Spring-Boot/Admin/?yudao>`