Skip to content

Commit

Permalink
启用WebSecurity,只是token交给自己进行校验
Browse files Browse the repository at this point in the history
  • Loading branch information
@FrozenWatermelon
FrozenWatermelon committed Feb 21, 2023
1 parent 53a2d96 commit b91119e
Show file tree
Hide file tree
Showing 2 changed files with 25 additions and 21 deletions.
30 changes: 15 additions & 15 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,21 +45,21 @@ uni-app:https://gitee.com/gz-yami/mall4uni

## 技术选型

| 技术 | 版本 | 说明 |
|------------------------|--------|------------------------------|
| Spring Boot | 2.7.0 | MVC核心框架 |
| Spring Security oauth2 | 2.7.0 | 认证和授权框架 |
| MyBatis | 3.5.0 | ORM框架 |
| MyBatisPlus | 3.1.0 | 基于mybatis,使用lambda表达式的 |
| spring-doc | 1.6.9 | 接口文档工具 |
| Hibernator-Validator | 6.0.17 | 验证框架 |
| redisson | 3.10.6 | 对redis进行封装、集成分布式锁等 |
| hikari | 3.2.0 | 数据库连接池 |
| logback | 1.2.11 | log日志工具 |
| orika | 1.5.4 | 更快的bean复制工具 |
| lombok | 1.18.8 | 简化对象封装工具 |
| hutool | 5.7.22 | 更适合国人的java工具集 |
| knife4j | 4.0.0 | 基于swagger,更便于国人使用的swagger ui |
| 技术 | 版本 | 说明 |
|----------------------|--------|------------------------------|
| Spring Boot | 2.7.0 | MVC核心框架 |
| Spring Security web | 2.7.0 | web应用安全防护 |
| MyBatis | 3.5.0 | ORM框架 |
| MyBatisPlus | 3.1.0 | 基于mybatis,使用lambda表达式的 |
| spring-doc | 1.6.9 | 接口文档工具 |
| Hibernator-Validator | 6.0.17 | 验证框架 |
| redisson | 3.10.6 | 对redis进行封装、集成分布式锁等 |
| hikari | 3.2.0 | 数据库连接池 |
| logback | 1.2.11 | log日志工具 |
| orika | 1.5.4 | 更快的bean复制工具 |
| lombok | 1.18.8 | 简化对象封装工具 |
| hutool | 5.7.22 | 更适合国人的java工具集 |
| knife4j | 4.0.0 | 基于swagger,更便于国人使用的swagger ui |



Expand Down
16 changes: 10 additions & 6 deletions ...src/main/java/com/yami/shop/security/common/adapter/MallWebSecurityConfigurerAdapter.java
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,10 @@
package com.yami.shop.security.common.adapter;

import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.stereotype.Component;
import org.springframework.web.cors.CorsUtils;

Expand All @@ -12,14 +14,16 @@
* @date 2022/3/25 17:33
*/
@Component
public class MallWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {
@Override
public void configure(HttpSecurity http) throws Exception {
http.csrf().disable().cors() // We don't need CSRF for token based authentication
@EnableWebSecurity
public class MallWebSecurityConfigurerAdapter {
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception{
return http.csrf().disable().cors() // We don't need CSRF for token based authentication
.and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and().authorizeRequests().requestMatchers(CorsUtils::isPreFlightRequest).permitAll()
.and()
.authorizeRequests().antMatchers(
"/**").permitAll();
"/**").permitAll().and().build();
}

}

0 comments on commit b91119e

Please sign in to comment.