From 8535dce0940f48f8046e5d959cdaa7f17f1297ad Mon Sep 17 00:00:00 2001 From: admin Date: Wed, 14 May 2025 12:48:14 +0900 Subject: [PATCH] =?UTF-8?q?chian=E4=BF=AE=E6=AD=A3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../app/config/security/SecurityConfig.java | 30 ++++++------------- .../filter/JwtAuthenticationFilter.java | 1 - 2 files changed, 9 insertions(+), 22 deletions(-) diff --git a/src/main/java/co/jp/app/config/security/SecurityConfig.java b/src/main/java/co/jp/app/config/security/SecurityConfig.java index a912e8c..b0af187 100644 --- a/src/main/java/co/jp/app/config/security/SecurityConfig.java +++ b/src/main/java/co/jp/app/config/security/SecurityConfig.java @@ -1,7 +1,6 @@ package co.jp.app.config.security; import co.jp.app.config.security.filter.JwtAuthenticationFilter; -import co.jp.app.service.UserService; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Lazy; @@ -21,11 +20,11 @@ import org.springframework.security.web.authentication.UsernamePasswordAuthentic @Configuration public class SecurityConfig { - //private final JwtAuthenticationFilter jwtAuthenticationFilter; + private final JwtAuthenticationFilter jwtAuthenticationFilter; private final UserDetailsService userDetailsService; public SecurityConfig(@Lazy JwtAuthenticationFilter jwtAuthenticationFilter, @Lazy UserDetailsService userDetailsService) { - //this.jwtAuthenticationFilter = jwtAuthenticationFilter; + this.jwtAuthenticationFilter = jwtAuthenticationFilter; this.userDetailsService = userDetailsService; } @@ -47,29 +46,18 @@ public class SecurityConfig { return authenticationConfiguration.getAuthenticationManager(); } -// @Bean -// public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { -// http.csrf(AbstractHttpConfigurer::disable) -// .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) -// .authorizeHttpRequests(auth -> auth -// .requestMatchers("/api/user/login", "/api/user/register").permitAll() -// .anyRequest().authenticated() -// ) -// .authenticationProvider(authenticationProvider()) -// .addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class); -// -// return http.build(); -// } - @Bean - //暂时开放所有权限 public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { - http.csrf(AbstractHttpConfigurer::disable) + .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) .authorizeHttpRequests(auth -> auth - .anyRequest().permitAll() - ); + .requestMatchers("/api/user/login", "/api/user/register", "/api/inuhouse").permitAll() + .anyRequest().authenticated() + ) + .authenticationProvider(authenticationProvider()) + .addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class); return http.build(); } + } diff --git a/src/main/java/co/jp/app/config/security/filter/JwtAuthenticationFilter.java b/src/main/java/co/jp/app/config/security/filter/JwtAuthenticationFilter.java index 7102e75..2156dd0 100644 --- a/src/main/java/co/jp/app/config/security/filter/JwtAuthenticationFilter.java +++ b/src/main/java/co/jp/app/config/security/filter/JwtAuthenticationFilter.java @@ -16,7 +16,6 @@ import org.springframework.security.web.authentication.WebAuthenticationDetailsS import org.springframework.stereotype.Component; import org.springframework.web.filter.OncePerRequestFilter; - @Component public class JwtAuthenticationFilter extends OncePerRequestFilter {