Browse Source

jwt权限走通

前后分离
燕鹏 4 years ago
parent
commit
9d80a93fd5
  1. 8
      src/main/java/com/aiprose/scauth/conf/WebSecurityConfig.java
  2. 4
      src/main/java/com/aiprose/scauth/entity/User.java

8
src/main/java/com/aiprose/scauth/conf/WebSecurityConfig.java

@ -40,7 +40,7 @@ import java.util.List;
* @since 1.0 * @since 1.0
*/ */
@Configuration @Configuration
//@EnableGlobalMethodSecurity(securedEnabled = true, prePostEnabled = true, jsr250Enabled = true) @EnableGlobalMethodSecurity(securedEnabled = true, prePostEnabled = true, jsr250Enabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter { public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired @Autowired
private IUserService userService; private IUserService userService;
@ -50,8 +50,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override @Override
public void configure(WebSecurity web) throws Exception { public void configure(WebSecurity web) throws Exception {
// super.configure(web); web.ignoring().antMatchers("/v3/api-docs/**", "/swagger-resources/**", "/swagger-ui/**","/swagger-ui/index.html");
web.ignoring().antMatchers("login", "/v2/api-docs/**", "/swagger-resources/**", "/swagger-ui.html");
} }
@Override @Override
@ -60,7 +59,6 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
// 授权配置 // 授权配置
http.authorizeRequests().anyRequest().authenticated(); http.authorizeRequests().anyRequest().authenticated();
// 配置登录 // 配置登录
http.formLogin().usernameParameter("username").passwordParameter("password").loginProcessingUrl("/login"); http.formLogin().usernameParameter("username").passwordParameter("password").loginProcessingUrl("/login");
@ -76,9 +74,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
// 登出授权 // 登出授权
// http.logout().permitAll(); // http.logout().permitAll();
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS); http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
/* 配置token验证过滤器 */ /* 配置token验证过滤器 */
http.addFilterBefore(new JWTAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class); http.addFilterBefore(new JWTAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class);
} }

4
src/main/java/com/aiprose/scauth/entity/User.java

@ -1,5 +1,7 @@
package com.aiprose.scauth.entity; package com.aiprose.scauth.entity;
import com.alibaba.fastjson.annotation.JSONField;
import com.fasterxml.jackson.annotation.JsonIgnore;
import lombok.Data; import lombok.Data;
import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetails;
@ -42,6 +44,8 @@ public class User extends IDEntity implements UserDetails {
@Transient @Transient
private List<Role> roles; private List<Role> roles;
@JsonIgnore
@JSONField(serialize = false)
@Override @Override
public Collection<? extends GrantedAuthority> getAuthorities() { public Collection<? extends GrantedAuthority> getAuthorities() {
return roles; return roles;

Loading…
Cancel
Save