fire_point/src/main/java/com/xkrs/common/config/WebSecurityConfig.java

package com.xkrs.common.config;

import com.xkrs.common.account.CustomAuthenticationProvider;
import com.xkrs.common.account.JwtAuthenticationFilter;
import com.xkrs.common.account.JwtLoginFilter;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    /**
     * 设置 HTTP 验证规则
     *
     * @param http
     * @throws Exception
     */
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        // 关闭csrf验证
        http.csrf().disable()
                // 对请求进行认证
                .authorizeRequests()
                // 所有 / 的所有请求 都放行
                //.antMatchers("/").permitAll()
                // 所有OPTIONS请求都放行
                .antMatchers(HttpMethod.OPTIONS).permitAll()
                .antMatchers("/global/configuration/**").permitAll()
                .antMatchers("/push/**").permitAll()
                .antMatchers("/dispatch/**").permitAll()
                .antMatchers("/queryFirePoint").permitAll()
                .antMatchers(HttpMethod.POST, "/api/user/updateSysUser").permitAll()
                .antMatchers(HttpMethod.GET, "/selectGlobalConfigDict").permitAll()
                .antMatchers(HttpMethod.GET, "/selectGlobalConfigValue").permitAll()
                .antMatchers(HttpMethod.GET, "/selectGlobalConfig").permitAll()
                .antMatchers(HttpMethod.POST, "/globalConfig").permitAll()
                .antMatchers(HttpMethod.POST, "/globalConfigDict").permitAll()
                .antMatchers(HttpMethod.POST, "/api/user/add").permitAll()
                .antMatchers(HttpMethod.POST, "/api/user/check/duplicate").permitAll()
                .antMatchers(HttpMethod.POST, "/api/login").permitAll()
                // 所有 app 用户注册 的POST请求 都放行
                .antMatchers(HttpMethod.POST, "/api/person-investigator/add").permitAll()
                .antMatchers("/ws/asset").permitAll()
                .antMatchers(HttpMethod.GET, "/api/user/booleanUserName").permitAll()
                .antMatchers(HttpMethod.GET, "/queryzzhd").permitAll()
                .antMatchers(HttpMethod.POST, "/insertFirePoint").permitAll()
                .antMatchers(HttpMethod.POST, "/insertAppTask").permitAll()
                .antMatchers(HttpMethod.GET, "/selectAppTask").permitAll()
                .antMatchers(HttpMethod.GET, "/selectCityName").permitAll()
                .antMatchers(HttpMethod.GET, "/weather/cityName").permitAll()
                .antMatchers(HttpMethod.GET, "/weather/cityId").permitAll()
                .antMatchers(HttpMethod.GET, "/selectFirePointByCode").permitAll()
                .antMatchers(HttpMethod.GET, "/api/user/verificationCode").permitAll()
                .antMatchers(HttpMethod.GET, "/api/user/selectAgentOrgList").permitAll()//获取代理组织列表
                .antMatchers(HttpMethod.POST, "/uploadFileMore").permitAll()
                .antMatchers(HttpMethod.POST, "/uploadFile").permitAll()
                .antMatchers(HttpMethod.GET, "/api/user/verificationCodeUpdate").permitAll()
                .antMatchers(HttpMethod.GET, "/api/user/getVerificationCode").permitAll()
                .antMatchers(HttpMethod.POST, "/api/user/userUnRememberPassword").permitAll()
                .antMatchers(HttpMethod.POST, "/updateBeforeFireAndAfterFireImage").permitAll()
                .antMatchers(HttpMethod.GET, "/getProvinceList").permitAll()//获取省列表
                .antMatchers(HttpMethod.GET, "/getCityList").permitAll()//根据省编号获取市列表
                .antMatchers(HttpMethod.GET, "/getCountyList").permitAll()//根据市编号获取区县列表
                .antMatchers(HttpMethod.GET, "/getStreetList").permitAll()//根据区县编号获取街道列表
                .antMatchers(HttpMethod.GET, "/api/adm/getProvinceList").permitAll()//获取省列表
                .antMatchers(HttpMethod.GET, "/api/adm/getCityList").permitAll()//根据省编号获取市列表
                .antMatchers(HttpMethod.GET, "/api/adm/getCountyList").permitAll()//根据市编号获取区县列表
                .antMatchers(HttpMethod.GET, "/api/adm/getStreetList").permitAll()//根据区县编号获取街道列表
                .antMatchers(HttpMethod.GET, "/updateFirePointStreetCode").permitAll()
                .antMatchers(HttpMethod.GET, "/selectTodayFirePoint").permitAll()
                .antMatchers(HttpMethod.GET, "/api/user/selectVipUser").permitAll()
                // 所有其它请求需要身份认证
                .anyRequest().authenticated()
                .and()
                // 添加一个过滤器 所有访问 /login 的请求交给 JWTLoginFilter 来处理 这个类处理所有的JWT相关内容
                .addFilterBefore(new JwtLoginFilter("/api/login", authenticationManager()), UsernamePasswordAuthenticationFilter.class)
                // 添加一个过滤器验证其他请求的Token是否合法
                .addFilterBefore(new JwtAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class);
        ;
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        // 使用自定义身份验证组件
        auth.authenticationProvider(new CustomAuthenticationProvider());
    }
}
搭建项目的框架 2021-07-12 14:51:34 +08:00			`package com.xkrs.common.config;`

			`import com.xkrs.common.account.CustomAuthenticationProvider;`
			`import com.xkrs.common.account.JwtAuthenticationFilter;`
			`import com.xkrs.common.account.JwtLoginFilter;`
			`import org.springframework.context.annotation.Configuration;`
			`import org.springframework.http.HttpMethod;`
			`import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;`
			`import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;`
			`import org.springframework.security.config.annotation.web.builders.HttpSecurity;`
			`import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;`
			`import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;`
			`import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;`

			`@Configuration`
			`@EnableWebSecurity`
格式化代码 2022-06-03 18:52:59 +08:00			`@EnableGlobalMethodSecurity(prePostEnabled = true)`
搭建项目的框架 2021-07-12 14:51:34 +08:00			`class WebSecurityConfig extends WebSecurityConfigurerAdapter {`

			`/**`
			`* 设置 HTTP 验证规则`
格式化代码 2022-06-03 18:52:59 +08:00			`*`
搭建项目的框架 2021-07-12 14:51:34 +08:00			`* @param http`
			`* @throws Exception`
			`*/`
			`@Override`
			`protected void configure(HttpSecurity http) throws Exception {`
			`// 关闭csrf验证`
			`http.csrf().disable()`
			`// 对请求进行认证`
			`.authorizeRequests()`
			`// 所有 / 的所有请求都放行`
			`//.antMatchers("/").permitAll()`
			`// 所有OPTIONS请求都放行`
			`.antMatchers(HttpMethod.OPTIONS).permitAll()`
优化全局配置表的增删改查操作 2022-08-31 17:03:09 +08:00			`.antMatchers("/global/configuration/**").permitAll()`
添加接口：测试推送 2022-09-06 17:15:58 +08:00			`.antMatchers("/push/**").permitAll()`
优化双火点渠道入库逻辑 2023-02-03 10:17:25 +08:00			`.antMatchers("/dispatch/**").permitAll()`
修复特殊情况下火点过滤混乱的错误 2022-09-16 13:59:12 +08:00			`.antMatchers("/queryFirePoint").permitAll()`
更新（批量）系统用户信息 2022-10-08 11:11:02 +08:00			`.antMatchers(HttpMethod.POST, "/api/user/updateSysUser").permitAll()`
普通用户和VIP用户区别对待： 1、普通用户不能查看历史火情，VIP可以。 2、普通用户不能导航，VIP可以。 3、普通用户不能接收短信通知，VIP可以。 2022-06-17 15:43:48 +08:00			`.antMatchers(HttpMethod.GET, "/selectGlobalConfigDict").permitAll()`
			`.antMatchers(HttpMethod.GET, "/selectGlobalConfigValue").permitAll()`
			`.antMatchers(HttpMethod.GET, "/selectGlobalConfig").permitAll()`
			`.antMatchers(HttpMethod.POST, "/globalConfig").permitAll()`
			`.antMatchers(HttpMethod.POST, "/globalConfigDict").permitAll()`
搭建项目的框架 2021-07-12 14:51:34 +08:00			`.antMatchers(HttpMethod.POST, "/api/user/add").permitAll()`
			`.antMatchers(HttpMethod.POST, "/api/user/check/duplicate").permitAll()`
			`.antMatchers(HttpMethod.POST, "/api/login").permitAll()`
			`// 所有 app 用户注册的POST请求都放行`
删除无用代码 2022-06-07 09:57:57 +08:00			`.antMatchers(HttpMethod.POST, "/api/person-investigator/add").permitAll()`
			`.antMatchers("/ws/asset").permitAll()`
			`.antMatchers(HttpMethod.GET, "/api/user/booleanUserName").permitAll()`
临时适配张庄火点查询需求 2022-07-26 15:57:08 +08:00			`.antMatchers(HttpMethod.GET, "/queryzzhd").permitAll()`
删除无用代码 2022-06-07 09:57:57 +08:00			`.antMatchers(HttpMethod.POST, "/insertFirePoint").permitAll()`
			`.antMatchers(HttpMethod.POST, "/insertAppTask").permitAll()`
			`.antMatchers(HttpMethod.GET, "/selectAppTask").permitAll()`
			`.antMatchers(HttpMethod.GET, "/selectCityName").permitAll()`
			`.antMatchers(HttpMethod.GET, "/weather/cityName").permitAll()`
			`.antMatchers(HttpMethod.GET, "/weather/cityId").permitAll()`
			`.antMatchers(HttpMethod.GET, "/selectFirePointByCode").permitAll()`
			`.antMatchers(HttpMethod.GET, "/api/user/verificationCode").permitAll()`
添加接口获取代理组织列表 2022-07-07 08:57:51 +08:00			`.antMatchers(HttpMethod.GET, "/api/user/selectAgentOrgList").permitAll()//获取代理组织列表`
删除无用代码 2022-06-07 09:57:57 +08:00			`.antMatchers(HttpMethod.POST, "/uploadFileMore").permitAll()`
			`.antMatchers(HttpMethod.POST, "/uploadFile").permitAll()`
			`.antMatchers(HttpMethod.GET, "/api/user/verificationCodeUpdate").permitAll()`
			`.antMatchers(HttpMethod.GET, "/api/user/getVerificationCode").permitAll()`
			`.antMatchers(HttpMethod.POST, "/api/user/userUnRememberPassword").permitAll()`
			`.antMatchers(HttpMethod.POST, "/updateBeforeFireAndAfterFireImage").permitAll()`
			`.antMatchers(HttpMethod.GET, "/getProvinceList").permitAll()//获取省列表`
格式化代码 2022-06-03 18:52:59 +08:00			`.antMatchers(HttpMethod.GET, "/getCityList").permitAll()//根据省编号获取市列表`
			`.antMatchers(HttpMethod.GET, "/getCountyList").permitAll()//根据市编号获取区县列表`
			`.antMatchers(HttpMethod.GET, "/getStreetList").permitAll()//根据区县编号获取街道列表`
			`.antMatchers(HttpMethod.GET, "/api/adm/getProvinceList").permitAll()//获取省列表`
			`.antMatchers(HttpMethod.GET, "/api/adm/getCityList").permitAll()//根据省编号获取市列表`
			`.antMatchers(HttpMethod.GET, "/api/adm/getCountyList").permitAll()//根据市编号获取区县列表`
			`.antMatchers(HttpMethod.GET, "/api/adm/getStreetList").permitAll()//根据区县编号获取街道列表`
			`.antMatchers(HttpMethod.GET, "/updateFirePointStreetCode").permitAll()`
修复 endTime1.getDayOfMonth() + 1 的bug 2022-08-31 09:36:50 +08:00			`.antMatchers(HttpMethod.GET, "/selectTodayFirePoint").permitAll()`
新增接口：查询Vip用户 2023-01-30 13:57:46 +08:00			`.antMatchers(HttpMethod.GET, "/api/user/selectVipUser").permitAll()`
搭建项目的框架 2021-07-12 14:51:34 +08:00			`// 所有其它请求需要身份认证`
火点审核新逻辑 2022-06-07 11:21:13 +08:00			`.anyRequest().authenticated()`
			`.and()`
搭建项目的框架 2021-07-12 14:51:34 +08:00			`// 添加一个过滤器所有访问 /login 的请求交给 JWTLoginFilter 来处理这个类处理所有的JWT相关内容`
格式化代码 2022-06-03 18:52:59 +08:00			`.addFilterBefore(new JwtLoginFilter("/api/login", authenticationManager()), UsernamePasswordAuthenticationFilter.class)`
搭建项目的框架 2021-07-12 14:51:34 +08:00			`// 添加一个过滤器验证其他请求的Token是否合法`
格式化代码 2022-06-03 18:52:59 +08:00			`.addFilterBefore(new JwtAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class);`
			`;`
			`}`
搭建项目的框架 2021-07-12 14:51:34 +08:00
			`@Override`
			`protected void configure(AuthenticationManagerBuilder auth) throws Exception {`
			`// 使用自定义身份验证组件`
			`auth.authenticationProvider(new CustomAuthenticationProvider());`
			`}`
			`}`