| | |
|---|
| | | |
|---|
| | | import com.everyday.word.entity.AdminUser; |
|---|
| | | import com.everyday.word.exception.VerificationCodeException; |
|---|
| | | import com.everyday.word.service.AdminUserService; |
|---|
| | | import com.everyday.word.service.inter.AdminUserService; |
|---|
| | | import com.google.code.kaptcha.Producer; |
|---|
| | | import com.google.code.kaptcha.impl.DefaultKaptcha; |
|---|
| | | import com.google.code.kaptcha.util.Config; |
|---|
| | |
|---|
| | | |
|---|
| | | private final static String[] STATIC_RESOURCE_PATHS = new String[]{ |
|---|
| | | "/*.html", "/**/*.css", "/**/*.js", "/**/*.png", "/**/*.jpg", "/**/*.jpeg", "/**/*.gif", "/**/*.xml", "/**/font/*", "/**/fonts/*", "/**/layui/**" |
|---|
| | | }; |
|---|
| | | |
|---|
| | | private final static String[] PERMIT_URIS = new String[]{ |
|---|
| | | "/admin/api/captcha.jpg*", "/api/**" |
|---|
| | | }; |
|---|
| | | |
|---|
| | | |
|---|
| | |
|---|
| | | //非登录接口 |
|---|
| | | String url = httpServletRequest.getRequestURI(); |
|---|
| | | //不验证静态资源 |
|---|
| | | System.out.println("过滤链接:"+url); |
|---|
| | | AntPathMatcher pathMatcher = new AntPathMatcher(); |
|---|
| | | for (String resource : STATIC_RESOURCE_PATHS) { |
|---|
| | | if (pathMatcher.match(resource, url)) { |
|---|
| | |
|---|
| | | http.headers().frameOptions().disable(); |
|---|
| | | http.authorizeRequests() |
|---|
| | | // 配置不需要鉴权的接口 |
|---|
| | | .antMatchers("/admin/api/captcha.jpg*", "/api/**", "/webapi/**","*/agentapi/**").permitAll() |
|---|
| | | .antMatchers(PERMIT_URIS).permitAll() |
|---|
| | | //配置需要鉴权的接口 |
|---|
| | | .antMatchers("/admin/api/**", "/admin/index.html").authenticated() |
|---|
| | | .and() |
|---|
| | |
|---|
| | | .csrf().disable() |
|---|
| | | .rememberMe().userDetailsService(new MyUserDetailsService()) |
|---|
| | | .and().exceptionHandling().authenticationEntryPoint(new NotLoginAuthenticationEntryPoint()); |
|---|
| | | // TODO 暂时不验证 |
|---|
| | | http.addFilterBefore(new PreRequestVerifyFilter(), UsernamePasswordAuthenticationFilter.class); |
|---|
| | | |
|---|
| | | |
|---|
| | | // http.addFilterBefore(new PreRequestVerifyFilter(), UsernamePasswordAuthenticationFilter.class); |
|---|
| | | } |
|---|
| | | |
|---|
| | | |
|---|
| | |
|---|
| | | } |
|---|
| | | } |
|---|
| | | |
|---|
| | | public static void main(String[] args) { |
|---|
| | | |
|---|
| | | boolean match = new AntPathMatcher().match("/api/**","/api/user/login/wx"); |
|---|
| | | System.out.println(match); |
|---|
| | | |
|---|
| | | } |
|---|
| | | |
|---|
| | | |
|---|
| | | } |
|---|
