From 45435f1cb41762ee80a813549ba540873c7a2490 Mon Sep 17 00:00:00 2001
From: weihongyang <1075331873@qq.com>
Date: Thu, 23 Jun 2022 11:52:54 +0800
Subject: [PATCH] =?UTF-8?q?feat:=20=E6=96=B0=E5=A2=9Esercurity=E7=9A=84?=
 =?UTF-8?q?=E9=80=80=E5=87=BA=E8=B4=A6=E5=8F=B7=E7=9A=84=E9=85=8D=E7=BD=AE?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../java/com/cnbm/admin/config/SecurityConfig.java  | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/ym-admin/src/main/java/com/cnbm/admin/config/SecurityConfig.java b/ym-admin/src/main/java/com/cnbm/admin/config/SecurityConfig.java
index d6fb33b..fbbd13b 100644
--- a/ym-admin/src/main/java/com/cnbm/admin/config/SecurityConfig.java
+++ b/ym-admin/src/main/java/com/cnbm/admin/config/SecurityConfig.java
@@ -1,6 +1,7 @@
 package com.cnbm.admin.config;
 
 import com.cnbm.admin.filter.JwtAuthenticationTokenFilter;
+import com.cnbm.admin.handler.LogoutSuccessHandlerImpl;
 import com.cnbm.admin.service.impl.UserDetailsServiceImpl;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
@@ -45,6 +46,9 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
     @Autowired
     private UserDetailsServiceImpl userDetailsService;
 
+    @Autowired
+    private LogoutSuccessHandlerImpl logoutSuccessHandler;
+
 
     @Override
     protected void configure(HttpSecurity http) throws Exception {
@@ -56,14 +60,19 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
                 .and()
                 .authorizeRequests()
                 // 对于登录接口 允许匿名访问
-                .antMatchers("/login","/swagger/**","/v2/**",
+                .antMatchers("/login","/doLogout","/swagger/**","/v2/**",
                         "/doc.html",
                         "/swagger-resources/**",
                         "/swagger-ui/**",
                         "/webjars/**").anonymous()
 //                .antMatchers("/testCors").hasAuthority("system:dept:list222")
                 // 除上面外的所有请求全部需要鉴权认证
-                .anyRequest().authenticated();
+                .anyRequest()
+                .authenticated()
+                // 退出登录，默认为/logout，这里修改接口地址为 /doLogout
+                .and().logout().logoutUrl("/doLogout")
+                // 设置退出登录成功处理程序，退出成功后返回JSON字符串
+                .logoutSuccessHandler(logoutSuccessHandler);
 
         //添加过滤器
         http.addFilterBefore(jwtAuthenticationTokenFilter, UsernamePasswordAuthenticationFilter.class);