Gitiles
Code Review Sign In
gerrit.lilingkun.com / G8Backend / ff74a5c9eefd6fef8d7859ac3d6c2cbc90d4142c / . / src / main / java / com / example / g8backend / config / SecurityConfig.java
blob: 82c994657b16fb400f0ea7b4167338baf17de8a4 [file] [log] [blame]
wuchimedes079c1632025-04-02 22:01:20 +0800[diff] [blame]1package com.example.g8backend.config;
2
夜雨声烦451d71c2025-05-20 00:58:36 +0800[diff] [blame]3import com.example.g8backend.filter.JwtAuthenticationFilter;
wuchimedes079c1632025-04-02 22:01:20 +0800[diff] [blame]4import org.springframework.context.annotation.Bean;
5import org.springframework.context.annotation.Configuration;
wuchimedes223bfab2025-04-04 17:16:05 +0800[diff] [blame]6import org.springframework.security.authentication.AuthenticationManager;
7import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
8import org.springframework.security.config.annotation.web.builders.HttpSecurity;
夜雨声烦451d71c2025-05-20 00:58:36 +0800[diff] [blame]9import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
wuchimedes223bfab2025-04-04 17:16:05 +0800[diff] [blame]10import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
wuchimedes079c1632025-04-02 22:01:20 +0800[diff] [blame]11import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
wuchimedes223bfab2025-04-04 17:16:05 +0800[diff] [blame]12import org.springframework.security.web.SecurityFilterChain;
13import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
wuchimedes079c1632025-04-02 22:01:20 +0800[diff] [blame]14
wuchimedes079c1632025-04-02 22:01:20 +0800[diff] [blame]15@Configuration
wuchimedes223bfab2025-04-04 17:16:05 +0800[diff] [blame]16@EnableWebSecurity
wuchimedes079c1632025-04-02 22:01:20 +0800[diff] [blame]17public class SecurityConfig {
wuchimedes223bfab2025-04-04 17:16:05 +0800[diff] [blame]18 private final JwtAuthenticationFilter jwtAuthenticationFilter;
19
20 public SecurityConfig(JwtAuthenticationFilter jwtAuthenticationFilter) {
21 this.jwtAuthenticationFilter = jwtAuthenticationFilter;
22 }
23
24 @Bean
夜雨声烦451d71c2025-05-20 00:58:36 +0800[diff] [blame]25 public BCryptPasswordEncoder passwordEncoder() {
26 return new BCryptPasswordEncoder();
27 }
28
29 @Bean
wuchimedes223bfab2025-04-04 17:16:05 +0800[diff] [blame]30 public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
31 return http
夜雨声烦451d71c2025-05-20 00:58:36 +0800[diff] [blame]32 .csrf(AbstractHttpConfigurer::disable)
33 .authorizeHttpRequests(auth -> auth
34 // 管理员接口需ADMIN角色
35 .requestMatchers("/admin/**").hasRole("ADMIN")
36 // 用户签到接口需认证
37 .requestMatchers("/user/signin").authenticated()
38 // 其他请求允许匿名访问(感觉这里应该还需要做修改,暂时先放着)
39 .anyRequest().permitAll()
40 )
41 .addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class)
42 .build();
wuchimedes223bfab2025-04-04 17:16:05 +0800[diff] [blame]43 }
44
45 @Bean
46 public AuthenticationManager authenticationManager(AuthenticationConfiguration config) throws Exception {
47 return config.getAuthenticationManager();
48 }
夜雨声烦451d71c2025-05-20 00:58:36 +0800[diff] [blame]49}