|
|
|
@ -21,11 +21,10 @@ import com.baiye.modules.security.security.JwtAccessDeniedHandler;
|
|
|
|
|
import com.baiye.modules.security.security.JwtAuthenticationEntryPoint;
|
|
|
|
|
import com.baiye.modules.security.security.TokenConfigurer;
|
|
|
|
|
import com.baiye.modules.security.service.OnlineUserService;
|
|
|
|
|
import com.baiye.service.UserCacheClean;
|
|
|
|
|
import com.baiye.properties.SecurityProperties;
|
|
|
|
|
import com.baiye.security.TokenProvider;
|
|
|
|
|
import com.baiye.service.UserCacheClean;
|
|
|
|
|
import lombok.RequiredArgsConstructor;
|
|
|
|
|
|
|
|
|
|
import org.springframework.context.ApplicationContext;
|
|
|
|
|
import org.springframework.context.annotation.Bean;
|
|
|
|
|
import org.springframework.context.annotation.Configuration;
|
|
|
|
@ -39,9 +38,7 @@ import org.springframework.security.config.core.GrantedAuthorityDefaults;
|
|
|
|
|
import org.springframework.security.config.http.SessionCreationPolicy;
|
|
|
|
|
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
|
|
|
|
import org.springframework.security.crypto.password.PasswordEncoder;
|
|
|
|
|
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
|
|
|
|
import org.springframework.web.bind.annotation.RequestMethod;
|
|
|
|
|
import org.springframework.web.filter.CorsFilter;
|
|
|
|
|
import org.springframework.web.method.HandlerMethod;
|
|
|
|
|
import org.springframework.web.servlet.mvc.method.RequestMappingInfo;
|
|
|
|
|
import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping;
|
|
|
|
@ -58,7 +55,6 @@ import java.util.*;
|
|
|
|
|
public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
|
|
|
|
|
|
|
|
|
|
private final TokenProvider tokenProvider;
|
|
|
|
|
private final CorsFilter corsFilter;
|
|
|
|
|
private final JwtAuthenticationEntryPoint authenticationErrorHandler;
|
|
|
|
|
private final JwtAccessDeniedHandler jwtAccessDeniedHandler;
|
|
|
|
|
private final ApplicationContext applicationContext;
|
|
|
|
@ -88,7 +84,6 @@ public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
|
|
|
|
|
httpSecurity
|
|
|
|
|
// 禁用 CSRF
|
|
|
|
|
.csrf().disable()
|
|
|
|
|
.addFilterBefore(corsFilter, UsernamePasswordAuthenticationFilter.class)
|
|
|
|
|
// 授权异常
|
|
|
|
|
.exceptionHandling()
|
|
|
|
|
.authenticationEntryPoint(authenticationErrorHandler)
|
|
|
|
|