MES-Springboot/docs/WebSecurityConfig.java

69 lines
2.5 KiB
Java

package com.songpeng.common.config.security;
import com.songpeng.system.service.impl.SysUserServiceImpl;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
/**
* Controller
*
* @author songpeng
* @date 2019/5/23
*/
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
/**
* 注册UserDetailsService 的bean
*
* @return
*/
@Bean
UserDetailsService customUserService() {
return new SysUserServiceImpl();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
// 用户认证
// 使用加密验证
auth.userDetailsService(customUserService()).passwordEncoder(passwordEncoder());
}
@Override
public void configure(WebSecurity web) {
web.ignoring().antMatchers("/css/**", "/fonts/**", "/img/**", "/js/**", "/lib/**", "/favicon.ico", "/blog", "/", "/sign_in");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
// TODO 1. csrf 暂时关闭
http.headers()
.and().authorizeRequests()
.antMatchers("/registry").permitAll()
.anyRequest().authenticated()
.and().formLogin().loginPage("/sign_in")
.loginProcessingUrl("/login").defaultSuccessUrl("/personal_center", true)
.failureUrl("/sign_in?error").permitAll()
.and().sessionManagement().invalidSessionUrl("/sign_in")
.and().rememberMe().tokenValiditySeconds(1209600)
.and().logout().logoutSuccessUrl("/sign_in").permitAll()
.and().csrf().disable();
}
}