mirror of
https://gitee.com/gz-yami/mall4j.git
synced 2026-03-22 09:17:16 +08:00
启用WebSecurity,只是token交给自己进行校验
This commit is contained in:
FrozenWatermelon
30
README.md
30
README.md
@@ -45,21 +45,21 @@ uni-app:https://gitee.com/gz-yami/mall4uni
|
||||
|
||||
## 技术选型
|
||||
|
||||
| 技术 | 版本 | 说明 |
|
||||
|------------------------|--------|------------------------------|
|
||||
| Spring Boot | 2.7.0 | MVC核心框架 |
|
||||
| Spring Security oauth2 | 2.7.0 | 认证和授权框架 |
|
||||
| MyBatis | 3.5.0 | ORM框架 |
|
||||
| MyBatisPlus | 3.1.0 | 基于mybatis,使用lambda表达式的 |
|
||||
| spring-doc | 1.6.9 | 接口文档工具 |
|
||||
| Hibernator-Validator | 6.0.17 | 验证框架 |
|
||||
| redisson | 3.10.6 | 对redis进行封装、集成分布式锁等 |
|
||||
| hikari | 3.2.0 | 数据库连接池 |
|
||||
| logback | 1.2.11 | log日志工具 |
|
||||
| orika | 1.5.4 | 更快的bean复制工具 |
|
||||
| lombok | 1.18.8 | 简化对象封装工具 |
|
||||
| hutool | 5.7.22 | 更适合国人的java工具集 |
|
||||
| knife4j | 4.0.0 | 基于swagger,更便于国人使用的swagger ui |
|
||||
| 技术 | 版本 | 说明 |
|
||||
|----------------------|--------|------------------------------|
|
||||
| Spring Boot | 2.7.0 | MVC核心框架 |
|
||||
| Spring Security web | 2.7.0 | web应用安全防护 |
|
||||
| MyBatis | 3.5.0 | ORM框架 |
|
||||
| MyBatisPlus | 3.1.0 | 基于mybatis,使用lambda表达式的 |
|
||||
| spring-doc | 1.6.9 | 接口文档工具 |
|
||||
| Hibernator-Validator | 6.0.17 | 验证框架 |
|
||||
| redisson | 3.10.6 | 对redis进行封装、集成分布式锁等 |
|
||||
| hikari | 3.2.0 | 数据库连接池 |
|
||||
| logback | 1.2.11 | log日志工具 |
|
||||
| orika | 1.5.4 | 更快的bean复制工具 |
|
||||
| lombok | 1.18.8 | 简化对象封装工具 |
|
||||
| hutool | 5.7.22 | 更适合国人的java工具集 |
|
||||
| knife4j | 4.0.0 | 基于swagger,更便于国人使用的swagger ui |
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -1,8 +1,10 @@
|
||||
package com.yami.shop.security.common.adapter;
|
||||
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.http.SessionCreationPolicy;
|
||||
import org.springframework.security.web.SecurityFilterChain;
|
||||
import org.springframework.stereotype.Component;
|
||||
import org.springframework.web.cors.CorsUtils;
|
||||
|
||||
@@ -12,14 +14,16 @@ import org.springframework.web.cors.CorsUtils;
|
||||
* @date 2022/3/25 17:33
|
||||
*/
|
||||
@Component
|
||||
public class MallWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {
|
||||
@Override
|
||||
public void configure(HttpSecurity http) throws Exception {
|
||||
http.csrf().disable().cors() // We don't need CSRF for token based authentication
|
||||
@EnableWebSecurity
|
||||
public class MallWebSecurityConfigurerAdapter {
|
||||
@Bean
|
||||
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception{
|
||||
return http.csrf().disable().cors() // We don't need CSRF for token based authentication
|
||||
.and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
|
||||
.and().authorizeRequests().requestMatchers(CorsUtils::isPreFlightRequest).permitAll()
|
||||
.and()
|
||||
.authorizeRequests().antMatchers(
|
||||
"/**").permitAll();
|
||||
"/**").permitAll().and().build();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user