JWT认证授权功能完善

2018-04-23 16:02:02 +08:00
parent cd1dd9190a
commit b0a945d242
10 changed files with 280 additions and 25 deletions
--- a/mall-admin/src/main/java/com/macro/mall/config/SecurityConfig.java
+++ b/mall-admin/src/main/java/com/macro/mall/config/SecurityConfig.java
@@ -9,6 +9,7 @@ import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.http.HttpMethod;
 import org.springframework.security.authentication.encoding.Md5PasswordEncoder;
+import org.springframework.security.authentication.encoding.PasswordEncoder;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
@@ -48,7 +49,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
                       "/v2/api-docs/**"
                       )
               .permitAll()
-               .antMatchers("/auth/**")// 对于获取token的rest api要允许匿名访问
+               .antMatchers("/admin/**")// 对于获取token的rest api要允许匿名访问
               .permitAll()
               .anyRequest()// 除上面外的所有请求全部需要鉴权认证
               .authenticated();
@@ -61,7 +62,12 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userDetailsService())
-                .passwordEncoder(new Md5PasswordEncoder());
+                .passwordEncoder(passwordEncoder());
+    }
+
+    @Bean
+    public PasswordEncoder passwordEncoder(){
+        return new Md5PasswordEncoder();
    }

    @Bean