添加jwt支持
This commit is contained in:
zhh
@@ -1,19 +1,23 @@
|
||||
package com.macro.mall.config;
|
||||
|
||||
import com.macro.mall.bo.AdminUserDetails;
|
||||
import com.macro.mall.component.JwtAuthenticationTokenFilter;
|
||||
import com.macro.mall.model.UmsAdmin;
|
||||
import com.macro.mall.service.UmsAdminService;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.http.HttpMethod;
|
||||
import org.springframework.security.authentication.encoding.Md5PasswordEncoder;
|
||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.config.http.SessionCreationPolicy;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
||||
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
||||
|
||||
|
||||
/**
|
||||
@@ -26,37 +30,38 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
||||
private UmsAdminService adminService;
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http.authorizeRequests()//配置权限
|
||||
// .antMatchers("/").access("hasRole('TEST')")//该路径需要TEST角色
|
||||
.antMatchers("/").authenticated()//该路径需要登录认证
|
||||
// .antMatchers("/brand/getList").hasAuthority("TEST")//该路径需要TEST权限
|
||||
.antMatchers("/**").permitAll()
|
||||
.and()//启用基于http的认证
|
||||
.httpBasic()
|
||||
.realmName("/")
|
||||
.and()//配置登录页面
|
||||
.formLogin()
|
||||
.loginPage("/login")
|
||||
.failureUrl("/login?error=true")
|
||||
.and()//配置退出路径
|
||||
.logout()
|
||||
.logoutSuccessUrl("/")
|
||||
// .and()//记住密码功能
|
||||
// .rememberMe()
|
||||
// .tokenValiditySeconds(60*60*24)
|
||||
// .key("rememberMeKey")
|
||||
.and()//关闭跨域伪造
|
||||
.csrf()
|
||||
.disable()
|
||||
.headers()//去除X-Frame-Options
|
||||
.frameOptions()
|
||||
.disable();
|
||||
protected void configure(HttpSecurity httpSecurity) throws Exception {
|
||||
httpSecurity.csrf()// 由于使用的是JWT,我们这里不需要csrf
|
||||
.disable()
|
||||
.sessionManagement()// 基于token,所以不需要session
|
||||
.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
|
||||
.and()
|
||||
.authorizeRequests()
|
||||
.antMatchers(HttpMethod.GET, // 允许对于网站静态资源的无授权访问
|
||||
"/",
|
||||
"/*.html",
|
||||
"/favicon.ico",
|
||||
"/**/*.html",
|
||||
"/**/*.css",
|
||||
"/**/*.js",
|
||||
"/swagger-resources/**",
|
||||
"/v2/api-docs/**"
|
||||
)
|
||||
.permitAll()
|
||||
.antMatchers("/auth/**")// 对于获取token的rest api要允许匿名访问
|
||||
.permitAll()
|
||||
.anyRequest()// 除上面外的所有请求全部需要鉴权认证
|
||||
.authenticated();
|
||||
// 禁用缓存
|
||||
httpSecurity.headers().cacheControl();
|
||||
// 添加JWT filter
|
||||
httpSecurity.addFilterBefore(jwtAuthenticationTokenFilter(), UsernamePasswordAuthenticationFilter.class);
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
||||
auth.userDetailsService(userDetailsService()).passwordEncoder(new Md5PasswordEncoder());
|
||||
auth.userDetailsService(userDetailsService())
|
||||
.passwordEncoder(new Md5PasswordEncoder());
|
||||
}
|
||||
|
||||
@Bean
|
||||
@@ -73,4 +78,9 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
||||
}
|
||||
};
|
||||
}
|
||||
|
||||
@Bean
|
||||
public JwtAuthenticationTokenFilter jwtAuthenticationTokenFilter(){
|
||||
return new JwtAuthenticationTokenFilter();
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user