mirror of
https://gitee.com/hhyykk/ipms-sjy.git
synced 2025-11-04 12:18:42 +08:00
1. 【新增】接口支持通过 @PermitAll 注解,允许匿名(未登录)进行访问
2. 【新增】`yudao.security.permit-all-urls` 配置项,允许匿名(未登录)进行访问
This commit is contained in:
YunaiV
@@ -27,6 +27,7 @@ import org.springframework.validation.annotation.Validated;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import javax.annotation.Resource;
|
||||
import javax.annotation.security.PermitAll;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.validation.Valid;
|
||||
import java.util.List;
|
||||
@@ -59,6 +60,7 @@ public class AuthController {
|
||||
private SecurityProperties securityProperties;
|
||||
|
||||
@PostMapping("/login")
|
||||
@PermitAll
|
||||
@ApiOperation("使用账号密码登录")
|
||||
@OperateLog(enable = false) // 避免 Post 请求被记录操作日志
|
||||
public CommonResult<AuthLoginRespVO> login(@RequestBody @Valid AuthLoginReqVO reqVO) {
|
||||
@@ -66,6 +68,7 @@ public class AuthController {
|
||||
}
|
||||
|
||||
@PostMapping("/logout")
|
||||
@PermitAll
|
||||
@ApiOperation("登出系统")
|
||||
@OperateLog(enable = false) // 避免 Post 请求被记录操作日志
|
||||
public CommonResult<Boolean> logout(HttpServletRequest request) {
|
||||
@@ -77,6 +80,7 @@ public class AuthController {
|
||||
}
|
||||
|
||||
@PostMapping("/refresh-token")
|
||||
@PermitAll
|
||||
@ApiOperation("刷新令牌")
|
||||
@ApiImplicitParam(name = "refreshToken", value = "刷新令牌", required = true, dataTypeClass = String.class)
|
||||
@OperateLog(enable = false) // 避免 Post 请求被记录操作日志
|
||||
@@ -119,6 +123,7 @@ public class AuthController {
|
||||
// ========== 短信登录相关 ==========
|
||||
|
||||
@PostMapping("/sms-login")
|
||||
@PermitAll
|
||||
@ApiOperation("使用短信验证码登录")
|
||||
@OperateLog(enable = false) // 避免 Post 请求被记录操作日志
|
||||
public CommonResult<AuthLoginRespVO> smsLogin(@RequestBody @Valid AuthSmsLoginReqVO reqVO) {
|
||||
@@ -126,6 +131,7 @@ public class AuthController {
|
||||
}
|
||||
|
||||
@PostMapping("/send-sms-code")
|
||||
@PermitAll
|
||||
@ApiOperation(value = "发送手机验证码")
|
||||
@OperateLog(enable = false) // 避免 Post 请求被记录操作日志
|
||||
public CommonResult<Boolean> sendLoginSmsCode(@RequestBody @Valid AuthSmsSendReqVO reqVO) {
|
||||
@@ -136,6 +142,7 @@ public class AuthController {
|
||||
// ========== 社交登录相关 ==========
|
||||
|
||||
@GetMapping("/social-auth-redirect")
|
||||
@PermitAll
|
||||
@ApiOperation("社交授权的跳转")
|
||||
@ApiImplicitParams({
|
||||
@ApiImplicitParam(name = "type", value = "社交类型", required = true, dataTypeClass = Integer.class),
|
||||
@@ -147,6 +154,7 @@ public class AuthController {
|
||||
}
|
||||
|
||||
@PostMapping("/social-login")
|
||||
@PermitAll
|
||||
@ApiOperation(value = "社交快捷登录,使用 code 授权码", notes = "适合未登录的用户,但是社交账号已绑定用户")
|
||||
@OperateLog(enable = false) // 避免 Post 请求被记录操作日志
|
||||
public CommonResult<AuthLoginRespVO> socialQuickLogin(@RequestBody @Valid AuthSocialLoginReqVO reqVO) {
|
||||
|
||||
@@ -10,6 +10,7 @@ import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
import javax.annotation.Resource;
|
||||
import javax.annotation.security.PermitAll;
|
||||
|
||||
import static cn.iocoder.yudao.framework.common.pojo.CommonResult.success;
|
||||
|
||||
@@ -22,6 +23,7 @@ public class CaptchaController {
|
||||
private CaptchaService captchaService;
|
||||
|
||||
@GetMapping("/get-image")
|
||||
@PermitAll
|
||||
@ApiOperation("生成图片验证码")
|
||||
public CommonResult<CaptchaImageRespVO> getCaptchaImage() {
|
||||
return success(captchaService.getCaptchaImage());
|
||||
|
||||
@@ -31,6 +31,7 @@ import org.springframework.validation.annotation.Validated;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import javax.annotation.Resource;
|
||||
import javax.annotation.security.PermitAll;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
@@ -82,6 +83,7 @@ public class OAuth2OpenController {
|
||||
* 注意,默认需要传递 client_id + client_secret 参数
|
||||
*/
|
||||
@PostMapping("/token")
|
||||
@PermitAll
|
||||
@ApiOperation(value = "获得访问令牌", notes = "适合 code 授权码模式,或者 implicit 简化模式;在 sso.vue 单点登录界面被【获取】调用")
|
||||
@ApiImplicitParams({
|
||||
@ApiImplicitParam(name = "grant_type", required = true, value = "授权类型", example = "code", dataTypeClass = String.class),
|
||||
@@ -141,6 +143,7 @@ public class OAuth2OpenController {
|
||||
}
|
||||
|
||||
@DeleteMapping("/token")
|
||||
@PermitAll
|
||||
@ApiOperation(value = "删除访问令牌")
|
||||
@ApiImplicitParam(name = "token", required = true, value = "访问令牌", example = "biu", dataTypeClass = String.class)
|
||||
@OperateLog(enable = false) // 避免 Post 请求被记录操作日志
|
||||
@@ -159,6 +162,7 @@ public class OAuth2OpenController {
|
||||
* 对应 Spring Security OAuth 的 CheckTokenEndpoint 类的 checkToken 方法
|
||||
*/
|
||||
@PostMapping("/check-token")
|
||||
@PermitAll
|
||||
@ApiOperation(value = "校验访问令牌")
|
||||
@ApiImplicitParam(name = "token", required = true, value = "访问令牌", example = "biu", dataTypeClass = String.class)
|
||||
@OperateLog(enable = false) // 避免 Post 请求被记录操作日志
|
||||
|
||||
@@ -15,6 +15,7 @@ import org.springframework.web.bind.annotation.RequestParam;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
import javax.annotation.Resource;
|
||||
import javax.annotation.security.PermitAll;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
||||
import static cn.iocoder.yudao.framework.common.pojo.CommonResult.success;
|
||||
@@ -28,6 +29,7 @@ public class SmsCallbackController {
|
||||
private SmsSendService smsSendService;
|
||||
|
||||
@PostMapping("/yunpian")
|
||||
@PermitAll
|
||||
@ApiOperation(value = "云片短信的回调", notes = "参见 https://www.yunpian.com/official/document/sms/zh_cn/domestic_push_report 文档")
|
||||
@ApiImplicitParam(name = "sms_status", value = "发送状态", required = true, example = "[{具体内容}]", dataTypeClass = String.class)
|
||||
@OperateLog(enable = false)
|
||||
@@ -38,6 +40,7 @@ public class SmsCallbackController {
|
||||
}
|
||||
|
||||
@PostMapping("/aliyun")
|
||||
@PermitAll
|
||||
@ApiOperation(value = "阿里云短信的回调", notes = "参见 https://help.aliyun.com/document_detail/120998.html 文档")
|
||||
@OperateLog(enable = false)
|
||||
public CommonResult<Boolean> receiveAliyunSmsStatus(HttpServletRequest request) throws Throwable {
|
||||
@@ -47,6 +50,7 @@ public class SmsCallbackController {
|
||||
}
|
||||
|
||||
@PostMapping("/tencent")
|
||||
@PermitAll
|
||||
@ApiOperation(value = "腾讯云短信的回调", notes = "参见 https://cloud.tencent.com/document/product/382/52077 文档")
|
||||
@OperateLog(enable = false)
|
||||
public CommonResult<Boolean> receiveTencentSmsStatus(HttpServletRequest request) throws Throwable {
|
||||
|
||||
@@ -15,6 +15,7 @@ import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import javax.annotation.Resource;
|
||||
import javax.annotation.security.PermitAll;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import javax.validation.Valid;
|
||||
import java.io.IOException;
|
||||
@@ -32,6 +33,7 @@ public class TenantController {
|
||||
private TenantService tenantService;
|
||||
|
||||
@GetMapping("/get-id-by-name")
|
||||
@PermitAll
|
||||
@ApiOperation(value = "使用租户名,获得租户编号", notes = "登录界面,根据用户的租户名,获得租户编号")
|
||||
@ApiImplicitParam(name = "name", value = "租户名", required = true, example = "1024", dataTypeClass = Long.class)
|
||||
public CommonResult<Long> getTenantIdByName(@RequestParam("name") String name) {
|
||||
|
||||
@@ -1,45 +0,0 @@
|
||||
package cn.iocoder.yudao.module.system.framework.security.config;
|
||||
|
||||
import cn.iocoder.yudao.framework.security.config.AuthorizeRequestsCustomizer;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
|
||||
|
||||
/**
|
||||
* System 模块的 Security 配置
|
||||
*/
|
||||
@Configuration("systemSecurityConfiguration")
|
||||
public class SecurityConfiguration {
|
||||
|
||||
@Bean("systemAuthorizeRequestsCustomizer")
|
||||
public AuthorizeRequestsCustomizer authorizeRequestsCustomizer() {
|
||||
return new AuthorizeRequestsCustomizer() {
|
||||
|
||||
@Override
|
||||
public void customize(ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry registry) {
|
||||
// 登录的接口
|
||||
registry.antMatchers(buildAdminApi("/system/auth/login")).permitAll();
|
||||
registry.antMatchers(buildAdminApi("/system/auth/logout")).permitAll();
|
||||
registry.antMatchers(buildAdminApi("/system/auth/refresh-token")).permitAll();
|
||||
// 社交登陆的接口
|
||||
registry.antMatchers(buildAdminApi("/system/auth/social-auth-redirect")).permitAll();
|
||||
registry.antMatchers(buildAdminApi("/system/auth/social-login")).permitAll();
|
||||
// 登录登录的接口
|
||||
registry.antMatchers(buildAdminApi("/system/auth/sms-login")).permitAll();
|
||||
registry.antMatchers(buildAdminApi("/system/auth/send-sms-code")).permitAll();
|
||||
// 验证码的接口
|
||||
registry.antMatchers(buildAdminApi("/system/captcha/**")).permitAll();
|
||||
// 获得租户编号的接口
|
||||
registry.antMatchers(buildAdminApi("/system/tenant/get-id-by-name")).permitAll();
|
||||
// 短信回调 API
|
||||
registry.antMatchers(buildAdminApi("/system/sms/callback/**")).permitAll();
|
||||
// OAuth2 API
|
||||
registry.antMatchers(buildAdminApi("/system/oauth2/token")).permitAll();
|
||||
registry.antMatchers(buildAdminApi("/system/oauth2/check-token")).permitAll();
|
||||
}
|
||||
|
||||
};
|
||||
}
|
||||
|
||||
}
|
||||
@@ -1,4 +0,0 @@
|
||||
/**
|
||||
* 占位
|
||||
*/
|
||||
package cn.iocoder.yudao.module.system.framework.security.core;
|
||||
Reference in New Issue
Block a user