提交 e56d5829 编写于 作者: zhouweidong's avatar zhouweidong

补充api授权认证

上级 e3194413
...@@ -67,6 +67,58 @@ public class ${item.codeName}SecurityConfig extends WebSecurityConfigurerAdapter ...@@ -67,6 +67,58 @@ public class ${item.codeName}SecurityConfig extends WebSecurityConfigurerAdapter
return super.authenticationManagerBean(); return super.authenticationManagerBean();
} }
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
@Autowired
private AuthenticationEntryPoint unauthorizedHandler;
@Autowired
private AuthenticationUserService userDetailsService;
/**
* 自定义基于JWT的安全过滤器
*/
@Autowired
AuthorizationTokenFilter authenticationTokenFilter;
@Value("${r'${ibiz.auth.path:v7/login}"'})
private String loginPath;
@Value("${r'${ibiz.auth.logoutpath:v7/logout}"'})
private String logoutPath;
@Value("${r'${ibiz.file.uploadpath:ibizutil/upload}"'})
private String uploadpath;
@Value("${r'${ibiz.file.downloadpath:ibizutil/download}"'})
private String downloadpath;
@Value("${r'${ibiz.file.previewpath:ibizutil/preview}"'})
private String previewpath;
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoderBean());
}
@Bean
GrantedAuthorityDefaults grantedAuthorityDefaults() {
// Remove the ROLE_ prefix
return new GrantedAuthorityDefaults("");
}
@Bean
public PasswordEncoder passwordEncoderBean() {
return new BCryptPasswordEncoder();
}
@Bean
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
@Override @Override
protected void configure(HttpSecurity httpSecurity) throws Exception { protected void configure(HttpSecurity httpSecurity) throws Exception {
...@@ -91,15 +143,21 @@ public class ${item.codeName}SecurityConfig extends WebSecurityConfigurerAdapter ...@@ -91,15 +143,21 @@ public class ${item.codeName}SecurityConfig extends WebSecurityConfigurerAdapter
"/**/fonts/**", "/**/fonts/**",
"/**/js/**", "/**/js/**",
"/**/img/**", "/**/img/**",
"/", "/"
"/webjars/**",
"/swagger-resources/**",
"/v2/**"
).permitAll() ).permitAll()
// 服务中暂时只为重构用户身份,不进行身份认证 //放行登录请求
.anyRequest().permitAll() .antMatchers( HttpMethod.POST,"/"+loginPath).permitAll()
//放行注销请求
.antMatchers( HttpMethod.GET,"/"+logoutPath).permitAll()
// 文件操作
.antMatchers("/"+downloadpath+"/**").permitAll()
.antMatchers("/"+uploadpath).permitAll()
.antMatchers("/"+previewpath+"/**").permitAll()
// 所有请求都需要认证
.anyRequest().authenticated()
// 防止iframe 造成跨域 // 防止iframe 造成跨域
.and().headers().frameOptions().disable(); .and().headers().frameOptions().disable();
httpSecurity httpSecurity
.addFilterBefore(authenticationTokenFilter, UsernamePasswordAuthenticationFilter.class); .addFilterBefore(authenticationTokenFilter, UsernamePasswordAuthenticationFilter.class);
} }
......
Markdown 格式
0% or
您添加了 0 到此讨论。请谨慎行事。
先完成此消息的编辑!
想要评论请 注册