mirror of
https://github.com/FatttSnake/Pinnacle-OA.git
synced 2026-04-05 23:11:24 +08:00
110 lines
4.4 KiB
Java
110 lines
4.4 KiB
Java
package com.cfive.pinnacle.config;
|
|
|
|
import com.cfive.pinnacle.filter.JwtAuthenticationTokenFilter;
|
|
import com.cfive.pinnacle.handler.CustomAuthenticationEntryPointHandler;
|
|
import com.cfive.pinnacle.service.permission.impl.UserDetailsServiceImpl;
|
|
import org.springframework.beans.factory.annotation.Autowired;
|
|
import org.springframework.context.annotation.Bean;
|
|
import org.springframework.context.annotation.Configuration;
|
|
import org.springframework.security.authentication.AuthenticationManager;
|
|
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
|
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
|
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
|
import org.springframework.security.config.http.SessionCreationPolicy;
|
|
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
|
import org.springframework.security.crypto.password.PasswordEncoder;
|
|
import org.springframework.security.web.SecurityFilterChain;
|
|
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
|
import org.springframework.web.cors.CorsConfiguration;
|
|
import org.springframework.web.cors.CorsConfigurationSource;
|
|
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
|
|
|
|
import java.util.List;
|
|
|
|
@Configuration
|
|
@EnableMethodSecurity()
|
|
public class SecurityConfig {
|
|
private UserDetailsServiceImpl userDetailsService;
|
|
private JwtAuthenticationTokenFilter jwtAuthenticationTokenFilter;
|
|
private CustomAuthenticationEntryPointHandler authenticationEntryPointHandler;
|
|
|
|
@Autowired
|
|
public void setUserDetailsService(UserDetailsServiceImpl userDetailsService) {
|
|
this.userDetailsService = userDetailsService;
|
|
}
|
|
|
|
@Autowired
|
|
public void setJwtAuthenticationTokenFilter(JwtAuthenticationTokenFilter jwtAuthenticationTokenFilter) {
|
|
this.jwtAuthenticationTokenFilter = jwtAuthenticationTokenFilter;
|
|
}
|
|
|
|
@Autowired
|
|
public void setAuthenticationEntryPointHandler(CustomAuthenticationEntryPointHandler authenticationEntryPointHandler) {
|
|
this.authenticationEntryPointHandler = authenticationEntryPointHandler;
|
|
}
|
|
|
|
@Bean
|
|
public PasswordEncoder passwordEncoder() {
|
|
return new BCryptPasswordEncoder();
|
|
}
|
|
|
|
@Bean
|
|
public AuthenticationManager authenticationManager(HttpSecurity httpSecurity, PasswordEncoder passwordEncoder) throws Exception {
|
|
return httpSecurity.getSharedObject(AuthenticationManagerBuilder.class)
|
|
.userDetailsService(userDetailsService)
|
|
.passwordEncoder(passwordEncoder)
|
|
.and()
|
|
.build();
|
|
}
|
|
|
|
@Bean
|
|
public CorsConfigurationSource corsConfigurationSource(){
|
|
CorsConfiguration corsConfiguration = new CorsConfiguration();
|
|
corsConfiguration.setAllowedMethods(List.of("*"));
|
|
corsConfiguration.setAllowedHeaders(List.of("*"));
|
|
corsConfiguration.setMaxAge(3600L);
|
|
corsConfiguration.setAllowedOrigins(List.of("*"));
|
|
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
|
|
source.registerCorsConfiguration("/**",corsConfiguration);
|
|
return source;
|
|
}
|
|
|
|
@Bean
|
|
public SecurityFilterChain securityFilterChain(HttpSecurity httpSecurity) throws Exception {
|
|
return httpSecurity
|
|
// Disable CSRF
|
|
.csrf()
|
|
.disable()
|
|
|
|
// Do not get SecurityContent by Session
|
|
.sessionManagement()
|
|
.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
|
|
.and()
|
|
|
|
// Allow anonymous access
|
|
.authorizeHttpRequests()
|
|
.requestMatchers("/login", "/doc.html", "swagger-ui/**", "/webjars/**", "/v3/**")
|
|
.anonymous()
|
|
|
|
// Authentication required
|
|
.anyRequest()
|
|
.authenticated()
|
|
// .anonymous()
|
|
.and()
|
|
|
|
.logout()
|
|
.disable()
|
|
|
|
.exceptionHandling()
|
|
.authenticationEntryPoint(authenticationEntryPointHandler)
|
|
.and()
|
|
|
|
.cors()
|
|
.configurationSource(corsConfigurationSource())
|
|
.and()
|
|
|
|
.addFilterBefore(jwtAuthenticationTokenFilter, UsernamePasswordAuthenticationFilter.class)
|
|
.build();
|
|
}
|
|
}
|