新增放行路径多例配置

2021-08-20 16:22:10 +08:00 · 2021-08-20 16:22:10 +08:00 · 9767f49a06
commit 9767f49a06
parent fe40966c0f
1 changed files with 29 additions and 14 deletions
--- a/login-base/src/main/java/ink/wgink/login/base/security/WebSecurityConfig.java
+++ b/login-base/src/main/java/ink/wgink/login/base/security/WebSecurityConfig.java
@ -7,6 +7,8 @@ import ink.wgink.login.base.security.user.UserSecurityConfig;
 import ink.wgink.login.base.service.user.UserDetailServiceImpl;
 import ink.wgink.login.base.service.user.UserLoginService;
 import ink.wgink.properties.BaseProperties;
+import org.apache.commons.lang3.ArrayUtils;
+import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
 import org.springframework.security.authentication.AuthenticationManager;
@ -33,9 +35,35 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    private UserLoginService userLoginService;
    @Autowired
    private PasswordEncoder passwordEncoder;
+    /**
+     * 默认放行配置
+     */
+    private String[] defaultAntMatchers = {
+            baseProperties.getLoginUrl(),
+            baseProperties.getLoginProcess(),
+            baseProperties.getLoginFailure(),
+            "/oauth/**",
+            "/oauth_client/**",
+            "/app/**",
+            "/approute/**",
+            "/wechat/**",
+            "/wechat/route/**",
+            "/wechat-miniapp/**",
+            "/route/file/**",
+            "/api/sms/getverificationcode/*",
+            "/api/user/getsignintype/**"
+    };

    @Override
    protected void configure(HttpSecurity http) throws Exception {
+        String assetsMatchers = baseProperties.getAssetsMatchers();
+        String[] fullAntMatchers;
+        if (!StringUtils.isBlank(assetsMatchers)) {
+            String[] assetsMatchersArray = baseProperties.getAssetsMatchers().split(",");
+            fullAntMatchers = ArrayUtils.addAll(defaultAntMatchers, assetsMatchers);
+        } else {
+            fullAntMatchers = defaultAntMatchers;
+        }
        LoginFailureHandler loginFailureHandler = new LoginFailureHandler(baseProperties.getLoginFailure());
        http
                .formLogin()
@ -52,20 +80,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
                .disable()
                .and()
                .authorizeRequests()
-                .antMatchers(baseProperties.getAssetsMatchers(),
-                        baseProperties.getLoginUrl(),
-                        baseProperties.getLoginProcess(),
-                        baseProperties.getLoginFailure(),
-                        "/oauth/**",
-                        "/oauth_client/**",
-                        "/app/**",
-                        "/approute/**",
-                        "/wechat/**",
-                        "/wechat/route/**",
-                        "/wechat-miniapp/**",
-                        "/route/file/**",
-                        "/api/sms/getverificationcode/*",
-                        "/api/user/getsignintype/**")
+                .antMatchers(fullAntMatchers)
                .permitAll()
                .and()
                .authorizeRequests()