hhyykk/ipms-sjy
1
1
Fork 0
mirror of https://gitee.com/hhyykk/ipms-sjy.git synced 2025-07-13 10:35:07 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

* 【新增】每次发布大版本时,将 yudao-ui-admin 编译后,放到 yudao-server 项目中,可以快速体验,无需搭建前端开发环境

Browse Source
This commit is contained in:
YunaiV
2022-02-04 22:56:00 +08:00
parent 470d1a3a35
commit cb3b172ecc
172 changed files with 34378 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/config/YudaoWebSecurityConfigurerAdapter.java
View File

@ -3,31 +3,24 @@ package cn.iocoder.yudao.framework.security.config;
import cn.hutool.core.util.StrUtil;
import cn.iocoder.yudao.framework.security.core.authentication.MultiUserDetailsAuthenticationProvider;
import cn.iocoder.yudao.framework.security.core.filter.JWTAuthenticationTokenFilter;
import cn.iocoder.yudao.framework.security.core.service.SecurityAuthFrameworkService;
import cn.iocoder.yudao.framework.web.config.WebProperties;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
import org.springframework.security.web.util.matcher.RequestMatcher;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import java.util.List;
import java.util.function.Consumer;
/**
* 自定义的 Spring Security 配置适配器实现
@ -64,15 +57,6 @@ public class YudaoWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdap
@Resource
private JWTAuthenticationTokenFilter authenticationTokenFilter;
// /**
// * 自定义的权限映射 Bean
// *
// * @see #configure(HttpSecurity)
// */
// @Resource
// private Customizer<ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry>
// authorizeRequestsCustomizer;
/**
* 自定义的权限映射 Bean 们
*
@ -142,6 +126,7 @@ public class YudaoWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdap
.authorizeRequests()
// 静态资源,可匿名访问
.antMatchers(HttpMethod.GET, "/*.html", "/**/*.html", "/**/*.css", "/**/*.js").permitAll()
.antMatchers(HttpMethod.GET, "/admin-ui/**").permitAll()
// 设置 App API 无需认证
.antMatchers(buildAppApi("/**")).permitAll()
// ②:每个项目的自定义规则