Browse Source

jwt权限走通

前后分离
燕鹏 4 years ago
parent
commit
9d80a93fd5
  1. 8
      src/main/java/com/aiprose/scauth/conf/WebSecurityConfig.java
  2. 2
      src/main/java/com/aiprose/scauth/entity/Menu.java
  3. 4
      src/main/java/com/aiprose/scauth/entity/User.java

8
src/main/java/com/aiprose/scauth/conf/WebSecurityConfig.java

@ -40,7 +40,7 @@ import java.util.List;
* @since 1.0
*/
@Configuration
//@EnableGlobalMethodSecurity(securedEnabled = true, prePostEnabled = true, jsr250Enabled = true)
@EnableGlobalMethodSecurity(securedEnabled = true, prePostEnabled = true, jsr250Enabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private IUserService userService;
@ -50,8 +50,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
public void configure(WebSecurity web) throws Exception {
// super.configure(web);
web.ignoring().antMatchers("login", "/v2/api-docs/**", "/swagger-resources/**", "/swagger-ui.html");
web.ignoring().antMatchers("/v3/api-docs/**", "/swagger-resources/**", "/swagger-ui/**","/swagger-ui/index.html");
}
@Override
@ -60,7 +59,6 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
// 授权配置
http.authorizeRequests().anyRequest().authenticated();
// 配置登录
http.formLogin().usernameParameter("username").passwordParameter("password").loginProcessingUrl("/login");
@ -76,9 +74,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
// 登出授权
// http.logout().permitAll();
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
/* 配置token验证过滤器 */
http.addFilterBefore(new JWTAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class);
}

2
src/main/java/com/aiprose/scauth/entity/Menu.java

@ -13,7 +13,7 @@ import javax.persistence.Table;
* @date 2020/11/27 17:04
* @since 1.0
*/
@Data
@Data
@Entity
@Table(name = "sys_menu")
public class Menu extends IDEntity {

4
src/main/java/com/aiprose/scauth/entity/User.java

@ -1,5 +1,7 @@
package com.aiprose.scauth.entity;
import com.alibaba.fastjson.annotation.JSONField;
import com.fasterxml.jackson.annotation.JsonIgnore;
import lombok.Data;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
@ -42,6 +44,8 @@ public class User extends IDEntity implements UserDetails {
@Transient
private List<Role> roles;
@JsonIgnore
@JSONField(serialize = false)
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
return roles;

Loading…
Cancel
Save