From 6b41922408dea0e31607916c20c0026cc3c501a5 Mon Sep 17 00:00:00 2001
From: zrj <646384940@qq.com>
Date: Wed, 05 Jun 2024 09:37:35 +0800
Subject: [PATCH] 鉴权开启及其他配置调整

---
 blade-auth/src/main/java/org/springblade/auth/config/SecurityConfiguration.java |   57 ++++++++++++++++++++++++++++++++++++++++-----------------
 1 files changed, 40 insertions(+), 17 deletions(-)

diff --git a/blade-auth/src/main/java/org/springblade/auth/config/SecurityConfiguration.java b/blade-auth/src/main/java/org/springblade/auth/config/SecurityConfiguration.java
index 6b84157..8a5d83a 100644
--- a/blade-auth/src/main/java/org/springblade/auth/config/SecurityConfiguration.java
+++ b/blade-auth/src/main/java/org/springblade/auth/config/SecurityConfiguration.java
@@ -1,25 +1,12 @@
-/*
- *      Copyright (c) 2018-2028, Chill Zhuang All rights reserved.
- *
- *  Redistribution and use in source and binary forms, with or without
- *  modification, are permitted provided that the following conditions are met:
- *
- *  Redistributions of source code must retain the above copyright notice,
- *  this list of conditions and the following disclaimer.
- *  Redistributions in binary form must reproduce the above copyright
- *  notice, this list of conditions and the following disclaimer in the
- *  documentation and/or other materials provided with the distribution.
- *  Neither the name of the dreamlu.net developer nor the names of its
- *  contributors may be used to endorse or promote products derived from
- *  this software without specific prior written permission.
- *  Author: Chill 庄骞 (smallchill@163.com)
- */
 package org.springblade.auth.config;
 
 import lombok.AllArgsConstructor;
 import lombok.SneakyThrows;
 import org.springblade.auth.constant.Oauth2Constants;
+import org.springblade.auth.handle.TokenFilterHandle;
 import org.springblade.auth.support.BladePasswordEncoderFactories;
+import org.springblade.core.secure.registry.SecureRegistry;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.core.annotation.Order;
@@ -28,6 +15,7 @@
 import org.springframework.security.config.annotation.web.builders.WebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 
 import javax.annotation.Resource;
 
@@ -43,6 +31,35 @@
 
 	@Resource
 	private Oauth2Constants oauth2Constants;
+
+	@Autowired
+	private TokenFilterHandle tokenFilterHandle;
+
+	/**
+	 * 安全框架配置
+	 */
+	@Bean
+	public SecureRegistry secureRegistry() {
+		SecureRegistry secureRegistry = new SecureRegistry();
+//		secureRegistry.setEnabled(false);
+		secureRegistry.setEnabled(true);
+		secureRegistry.excludePathPatterns("/oauth/login");
+		secureRegistry.excludePathPatterns("/oauth/authorize");
+		secureRegistry.excludePathPatterns("/oauth/form");
+		secureRegistry.excludePathPatterns("/blade-system/menu/routes");
+		secureRegistry.excludePathPatterns("/blade-system/menu/auth-routes");
+		secureRegistry.excludePathPatterns("/blade-system/menu/top-menu");
+		secureRegistry.excludePathPatterns("/blade-system/tenant/info");
+		secureRegistry.excludePathPatterns("/blade-flow/process/resource-view");
+		secureRegistry.excludePathPatterns("/blade-flow/process/diagram-view");
+		secureRegistry.excludePathPatterns("/blade-flow/manager/check-upload");
+		secureRegistry.excludePathPatterns("/doc.html");
+		secureRegistry.excludePathPatterns("/js/**");
+		secureRegistry.excludePathPatterns("/webjars/**");
+		secureRegistry.excludePathPatterns("/swagger-resources/**");
+		secureRegistry.excludePathPatterns("/druid/**");
+		return secureRegistry;
+	}
 
 	@Bean
 	@Override
@@ -64,19 +81,25 @@
 		http.formLogin()
 			//自定义认证成功跳转
 			.successHandler(new CustomAuthenticationSuccessHandler(oauth2Constants.getAuthorizeUrl()))
+			// 自定义登录页面
 			.loginPage(oauth2Constants.getLoginPage())
+			// 自定义登录接口url
 			.loginProcessingUrl(oauth2Constants.getLoginProcessingUrl())
+			// 自定义登录失败处理
 			.failureHandler(new CustomAuthenticationFailureHandler())
 		;
 		// 认证失败自定义登录页跳转
 		http.exceptionHandling()
 			.authenticationEntryPoint(new CustomAuthenticationEntryPoint(oauth2Constants.getLoginPage()));
 
+		//token 校验在前
+		http.addFilterBefore(tokenFilterHandle, UsernamePasswordAuthenticationFilter.class);
+
 	}
 
 	@Override
 	public void configure(WebSecurity web) {
-		web.ignoring().antMatchers("/js/*.js", "/css/*.css");
+		web.ignoring().antMatchers("/templates/**","/js/*.js", "/css/*.css");
 	}
 
 }

--
Gitblit v1.9.3