配置Security白名单

This commit is contained in:
xiao-fajia 2024-08-31 10:17:41 +08:00
parent 5ebb3a8d2a
commit 78e62b4e56

View File

@ -136,7 +136,41 @@ public class YudaoWebSecurityConfigurerAdapter {
"/admin-api/rescue/wxLogin",
"/admin-api/system/auth/loginApp",
"/admin-api/rescue/driverLogin").anonymous()
// 对于登录login 注册register 验证码captchaImage 允许匿名访问
.antMatchers("/admin-api/*/login", "/admin-api/*/wxLogin","/admin-api/*/wxLoginJc","/admin-api/*/wxLoginRescue","/admin-api/*/register","/admin-api/*/registerSmsCode","/admin-api/*/registerPhone","/admin-api/*/loginApp","/admin-api/*/loginSmsCode","/admin-api/*/captchaImage","/admin-api/*/pwdSmsCode","/admin-api/*/updatePwd").permitAll()
// 公共接口 for 小程序
.antMatchers("/admin-api/system/dict/data/list","/admin-api/system/user/profile/avatar","/admin-api/system/user/profile/updateNickName","/admin-api/system/user/profile/saveUserProfile","/admin-api/system/userCar/getUserCar","/admin-api/system/userFeedback/addFeedbackWx").permitAll()
// 省市县联动接口
.antMatchers(HttpMethod.GET,"/admin-api/shop/region/**").permitAll()
// 微信支付接口
.antMatchers("/admin-api/notify/**").permitAll()
.antMatchers("/admin-api/websocket/**").permitAll()
// 小程序首页
.antMatchers("/admin-api/system/notice/listWx","/admin-api/system/swiper/listWx","/admin-api/system/shopconfig/listWx").permitAll()
// 蓝安救援
.antMatchers("/admin-api/rescuePayApi/payNotify").permitAll()
// 小程序二手车
.antMatchers("/admin-api/system/car/listWx","/admin-api/system/car/addWx","/admin-api/system/car/getInfoWx/**").permitAll()
// 小程序检测
.antMatchers("/admin-api/system/inspectionGoods/listWx","/admin-api/system/inspectionGoods/**").permitAll()
// 小程序维修
.antMatchers("/admin-api/system/repairCategory/listWx","/admin-api/system/repaiGoods/listWx").permitAll()
// 小程序保险
.antMatchers("/admin-api/system/insuranceGoods/listWx","/admin-api/system/insuranceGoods/getInfoWx/**").permitAll()
// 小程序学校
.antMatchers("/admin-api/system/schoolRegistrationInfo/addWx","/admin-api/system/schoolInstructor/listWx","/admin-api/system/schoolAppointmentInfo/addWx").permitAll()
// 驾校
.antMatchers("/admin-api/drivingSchool/system/driveSchoolCourse/list","/admin-api/loginJx","/admin-api/loginSmsCodeJx"," /admin-api/jxInfo/payNotify","/admin-api/drivingSchool/text/list","/admin-api/drivingSchool/system/swiper/list","/admin-api/drivingSchool/system/schoolInfo/list").permitAll()
// 检测app首页
.antMatchers("/admin-api/appInspection/appHome/**").permitAll()
//检测小程序相关
.antMatchers("/admin-api/appInspection/partner/list","/admin-api/appInspection/news/list","/admin-api/system/dict/data/type/inspection_hygg"
,"/admin-api/appInspection/goods/categoryList","/admin-api/appInspection/partner/shopDetail","/admin-api/appInspection/goods/list","/admin-api/appInspection/news/listType","/admin-api/inspection/info/list").permitAll()
// 驾校小程序首页
.antMatchers("/admin-api/drivingSchool/system/driveSchoolCourse/getOne","/admin-api/drivingSchool/text/list","/admin-api/drivingSchool/system/swiper/list","/admin-api/drivingSchool/system/schoolInfo/list","/admin-api/drivingSchool/system/driveSchoolCourse/list","/admin-api/drivingSchool/system/reservationCourse/applet/getReservationCourseListByUserId","/admin-api/driving/findSelfInfo","/admin-api/drivingSchool/system/swiper/pclist","/admin-api/drivingSchool/system/file/getOneFile","/admin-api/drivingSchool/system/news/applist","/admin-api/drivingSchool/system/schoolCoach/list","/admin-api/drivingSchool/system/phone/getPhone","/admin-api/drivingSchool/system/dynamic/applist").permitAll()
// 除上面外的所有请求全部需要鉴权认证
// 1.2 设置 @PermitAll 无需认证
.antMatchers(HttpMethod.GET, permitAllUrls.get(HttpMethod.GET).toArray(new String[0])).permitAll()
.antMatchers(HttpMethod.POST, permitAllUrls.get(HttpMethod.POST).toArray(new String[0])).permitAll()