package com.weiwojc.config;
|
|
import com.weiwojc.security.JwtAuthenticationFilter;
|
import lombok.RequiredArgsConstructor;
|
import org.springframework.context.annotation.Bean;
|
import org.springframework.context.annotation.Configuration;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
|
import org.springframework.security.config.http.SessionCreationPolicy;
|
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
import org.springframework.security.crypto.password.PasswordEncoder;
|
import org.springframework.security.web.SecurityFilterChain;
|
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
|
@Configuration
|
@EnableWebSecurity
|
@RequiredArgsConstructor
|
public class SecurityConfig {
|
|
private final JwtAuthenticationFilter jwtAuthenticationFilter;
|
|
@Bean
|
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
|
http
|
.csrf(AbstractHttpConfigurer::disable)
|
.sessionManagement(session -> session
|
.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
|
.authorizeHttpRequests(auth -> auth
|
.requestMatchers("/api/users/register", "/api/users/login").permitAll()
|
.anyRequest().permitAll()) // 暂时允许所有请求,后续可以根据需要调整
|
.addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
|
|
return http.build();
|
}
|
|
@Bean
|
public PasswordEncoder passwordEncoder() {
|
return new BCryptPasswordEncoder();
|
}
|
}
|
