feat: 新增sercurity的退出账号的配置

Cette révision appartient à :
weihongyang 2022-06-23 11:52:54 +08:00
Parent 4d57b45a02
révision 45435f1cb4

Voir le fichier

@ -1,6 +1,7 @@
package com.cnbm.admin.config;
import com.cnbm.admin.filter.JwtAuthenticationTokenFilter;
import com.cnbm.admin.handler.LogoutSuccessHandlerImpl;
import com.cnbm.admin.service.impl.UserDetailsServiceImpl;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
@ -45,6 +46,9 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private UserDetailsServiceImpl userDetailsService;
@Autowired
private LogoutSuccessHandlerImpl logoutSuccessHandler;
@Override
protected void configure(HttpSecurity http) throws Exception {
@ -56,14 +60,19 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
.and()
.authorizeRequests()
// 对于登录接口 允许匿名访问
.antMatchers("/login","/swagger/**","/v2/**",
.antMatchers("/login","/doLogout","/swagger/**","/v2/**",
"/doc.html",
"/swagger-resources/**",
"/swagger-ui/**",
"/webjars/**").anonymous()
// .antMatchers("/testCors").hasAuthority("system:dept:list222")
// 除上面外的所有请求全部需要鉴权认证
.anyRequest().authenticated();
.anyRequest()
.authenticated()
// 退出登录默认为/logout这里修改接口地址为 /doLogout
.and().logout().logoutUrl("/doLogout")
// 设置退出登录成功处理程序退出成功后返回JSON字符串
.logoutSuccessHandler(logoutSuccessHandler);
//添加过滤器
http.addFilterBefore(jwtAuthenticationTokenFilter, UsernamePasswordAuthenticationFilter.class);