沙钢智慧能源系统后端代码
查看 | 历史 | 提交 | 提交对比
liriming
2024-12-04 eb056c1cac152bf82bff5c7115186a66561bc73b
提交 | 用户 | 时间
97edd7 1 package com.iailab.module.shasteel.framework.security.config;
H 2
3 import com.iailab.framework.security.config.AuthorizeRequestsCustomizer;
4 import com.iailab.module.system.enums.ApiConstants;
5 import org.springframework.context.annotation.Bean;
6 import org.springframework.context.annotation.Configuration;
7 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
3b9fcc 8 import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer;
97edd7 9
H 10 /**
11  * System 模块的 Security 配置
12  */
877c15 13 @Configuration(proxyBeanMethods = false, value = "systemSecurityConfiguration")
97edd7 14 public class SecurityConfiguration {
H 15
877c15 16     @Bean("systemAuthorizeRequestsCustomizer")
97edd7 17     public AuthorizeRequestsCustomizer authorizeRequestsCustomizer() {
H 18         return new AuthorizeRequestsCustomizer() {
19
20             @Override
3b9fcc 21             public void customize(AuthorizeHttpRequestsConfigurer<HttpSecurity>.AuthorizationManagerRequestMatcherRegistry registry) {
97edd7 22                 // TODO iailab:这个每个项目都需要重复配置,得捉摸有没通用的方案
H 23                 // Swagger 接口文档
3b9fcc 24                 registry.requestMatchers("/v3/api-docs/**").permitAll() // 元数据
H 25                         .requestMatchers("/swagger-ui.html").permitAll(); // Swagger UI
97edd7 26                 // Druid 监控
3b9fcc 27                 registry.requestMatchers("/druid/**").anonymous();
97edd7 28                 // Spring Boot Actuator 的安全配置
3b9fcc 29                 registry.requestMatchers("/actuator").anonymous()
H 30                         .requestMatchers("/actuator/**").anonymous();
97edd7 31                 // RPC 服务的安全配置
3b9fcc 32                 registry.requestMatchers(ApiConstants.PREFIX + "/**").permitAll();
97edd7 33             }
H 34
35         };
36     }
37
38 }