controller變更

2025-05-14 14:19:51 +09:00
parent 31639a6e98 2aae88278c
commit 4ab23b99c8
12 changed files with 135 additions and 50 deletions
--- a/src/main/java/co/jp/app/config/security/SecurityConfig.java
+++ b/src/main/java/co/jp/app/config/security/SecurityConfig.java
@ -1,5 +1,9 @@
 package co.jp.app.config.security;

+<<<<<<< HEAD
+=======
+import co.jp.app.config.security.filter.JwtAuthenticationFilter;
+>>>>>>> 2aae88278c46cf937380317aae1f9d229bcb3c37
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Lazy;
@ -19,11 +23,11 @@ import co.jp.app.config.security.filter.JwtAuthenticationFilter;
@Configuration
 public class SecurityConfig {

-    //private final JwtAuthenticationFilter jwtAuthenticationFilter;
+    private final JwtAuthenticationFilter jwtAuthenticationFilter;
    private final UserDetailsService userDetailsService;

    public SecurityConfig(@Lazy JwtAuthenticationFilter jwtAuthenticationFilter, @Lazy UserDetailsService userDetailsService) {
-        //this.jwtAuthenticationFilter = jwtAuthenticationFilter;
+        this.jwtAuthenticationFilter = jwtAuthenticationFilter;
        this.userDetailsService = userDetailsService;
    }

@ -45,29 +49,18 @@ public class SecurityConfig {
        return authenticationConfiguration.getAuthenticationManager();
    }

-//    @Bean
-//    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
-//        http.csrf(AbstractHttpConfigurer::disable)
-//                .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
-//                .authorizeHttpRequests(auth -> auth
-//                        .requestMatchers("/api/user/login", "/api/user/register").permitAll()
-//                        .anyRequest().authenticated()
-//                )
-//                .authenticationProvider(authenticationProvider())
-//                .addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
-//
-//        return http.build();
-//    }
-
    @Bean
-    //暂时开放所有权限
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
-
        http.csrf(AbstractHttpConfigurer::disable)
+                .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
                .authorizeHttpRequests(auth -> auth
-                        .anyRequest().permitAll()
-                );
+                        .requestMatchers("/api/user/login", "/api/user/register", "/api/inuhouse").permitAll()
+                        .anyRequest().authenticated()
+                )
+                .authenticationProvider(authenticationProvider())
+                .addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);

        return http.build();
    }
+
 }