chian修正

2025-05-14 12:48:14 +09:00
parent 057a066404
commit 8535dce094
2 changed files with 9 additions and 22 deletions
--- a/src/main/java/co/jp/app/config/security/SecurityConfig.java
+++ b/src/main/java/co/jp/app/config/security/SecurityConfig.java
@ -1,7 +1,6 @@
 package co.jp.app.config.security;

 import co.jp.app.config.security.filter.JwtAuthenticationFilter;
-import co.jp.app.service.UserService;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Lazy;
@ -21,11 +20,11 @@ import org.springframework.security.web.authentication.UsernamePasswordAuthentic
@Configuration
 public class SecurityConfig {

-    //private final JwtAuthenticationFilter jwtAuthenticationFilter;
+    private final JwtAuthenticationFilter jwtAuthenticationFilter;
    private final UserDetailsService userDetailsService;

    public SecurityConfig(@Lazy JwtAuthenticationFilter jwtAuthenticationFilter, @Lazy UserDetailsService userDetailsService) {
-        //this.jwtAuthenticationFilter = jwtAuthenticationFilter;
+        this.jwtAuthenticationFilter = jwtAuthenticationFilter;
        this.userDetailsService = userDetailsService;
    }

@ -47,29 +46,18 @@ public class SecurityConfig {
        return authenticationConfiguration.getAuthenticationManager();
    }

-//    @Bean
-//    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
-//        http.csrf(AbstractHttpConfigurer::disable)
-//                .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
-//                .authorizeHttpRequests(auth -> auth
-//                        .requestMatchers("/api/user/login", "/api/user/register").permitAll()
-//                        .anyRequest().authenticated()
-//                )
-//                .authenticationProvider(authenticationProvider())
-//                .addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
-//
-//        return http.build();
-//    }
-
    @Bean
-    //暂时开放所有权限
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
-
        http.csrf(AbstractHttpConfigurer::disable)
+                .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
                .authorizeHttpRequests(auth -> auth
-                        .anyRequest().permitAll()
-                );
+                        .requestMatchers("/api/user/login", "/api/user/register", "/api/inuhouse").permitAll()
+                        .anyRequest().authenticated()
+                )
+                .authenticationProvider(authenticationProvider())
+                .addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);

        return http.build();
    }
+
 }
--- a/src/main/java/co/jp/app/config/security/filter/JwtAuthenticationFilter.java
+++ b/src/main/java/co/jp/app/config/security/filter/JwtAuthenticationFilter.java
@ -16,7 +16,6 @@ import org.springframework.security.web.authentication.WebAuthenticationDetailsS
 import org.springframework.stereotype.Component;
 import org.springframework.web.filter.OncePerRequestFilter;

-
@Component
 public class JwtAuthenticationFilter extends OncePerRequestFilter {