package com.xkrs.common.config; import com.xkrs.common.account.CustomAuthenticationProvider; import com.xkrs.common.account.JwtAuthenticationFilter; import com.xkrs.common.account.JwtLoginFilter; import org.springframework.context.annotation.Configuration; import org.springframework.http.HttpMethod; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; @Configuration @EnableWebSecurity @EnableGlobalMethodSecurity(prePostEnabled = true) class WebSecurityConfig extends WebSecurityConfigurerAdapter { /** * 设置 HTTP 验证规则 * * @param http * @throws Exception */ @Override protected void configure(HttpSecurity http) throws Exception { // 关闭csrf验证 http.csrf().disable() // 对请求进行认证 .authorizeRequests() // 所有OPTIONS请求都放行 .antMatchers(HttpMethod.OPTIONS).permitAll() .antMatchers("/global/configuration/**").permitAll() .antMatchers("/push/**").permitAll() .antMatchers("/dispatch/**").permitAll() .antMatchers("/queryFirePoint").permitAll() .antMatchers( "/insertFirePoint").permitAll() .antMatchers( "/insertFirePointChannelPrecise").permitAll() .antMatchers("/queryFirePointBroadcast").permitAll() .antMatchers("/autoSync").permitAll() .antMatchers(HttpMethod.GET, "/queryNotice").permitAll()//查询通知 .antMatchers(HttpMethod.POST, "/api/user/updateSysUser").permitAll() .antMatchers(HttpMethod.POST, "/api/user/add").permitAll() .antMatchers(HttpMethod.POST, "/api/user/check/duplicate").permitAll() .antMatchers(HttpMethod.POST, "/api/login").permitAll() .antMatchers(HttpMethod.GET, "/api/user/booleanUserName").permitAll() .antMatchers(HttpMethod.GET, "/selectCityName").permitAll() .antMatchers(HttpMethod.GET, "/weather/cityName").permitAll() .antMatchers(HttpMethod.GET, "/weather/cityId").permitAll() .antMatchers(HttpMethod.GET, "/selectFirePointByCode").permitAll() .antMatchers(HttpMethod.GET, "/api/user/verificationCode").permitAll() .antMatchers(HttpMethod.GET, "/api/user/verificationCodeUpdate").permitAll() .antMatchers(HttpMethod.GET, "/api/user/getVerificationCode").permitAll() .antMatchers(HttpMethod.POST, "/api/user/userUnRememberPassword").permitAll() .antMatchers(HttpMethod.GET, "/getProvinceList").permitAll()//获取省列表 .antMatchers(HttpMethod.GET, "/getCityList").permitAll()//根据省编号获取市列表 .antMatchers(HttpMethod.GET, "/getCountyList").permitAll()//根据市编号获取区县列表 .antMatchers(HttpMethod.GET, "/getStreetList").permitAll()//根据区县编号获取街道列表 .antMatchers(HttpMethod.GET, "/api/adm/getProvinceList").permitAll()//获取省列表 .antMatchers(HttpMethod.GET, "/api/adm/getCityList").permitAll()//根据省编号获取市列表 .antMatchers(HttpMethod.GET, "/api/adm/getCountyList").permitAll()//根据市编号获取区县列表 .antMatchers(HttpMethod.GET, "/api/adm/getStreetList").permitAll()//根据区县编号获取街道列表 .antMatchers(HttpMethod.GET, "/selectTodayFirePoint").permitAll() .antMatchers(HttpMethod.GET, "/debug").permitAll() // 所有其它请求需要身份认证 .anyRequest().authenticated() .and() // 添加一个过滤器 所有访问 /login 的请求交给 JWTLoginFilter 来处理 这个类处理所有的JWT相关内容 .addFilterBefore(new JwtLoginFilter("/api/login", authenticationManager()), UsernamePasswordAuthenticationFilter.class) // 添加一个过滤器验证其他请求的Token是否合法 .addFilterBefore(new JwtAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class); ; } @Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { // 使用自定义身份验证组件 auth.authenticationProvider(new CustomAuthenticationProvider()); } }