publish 1.1.3
This commit is contained in:
曾文豪
@@ -0,0 +1,43 @@
|
||||
//package com.tiesheng.demo.config;
|
||||
//
|
||||
//import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||
//import org.springframework.security.core.GrantedAuthority;
|
||||
//import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
||||
//import org.springframework.security.core.context.SecurityContextHolder;
|
||||
//import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
|
||||
//import org.springframework.web.filter.OncePerRequestFilter;
|
||||
//
|
||||
//import javax.servlet.FilterChain;
|
||||
//import javax.servlet.ServletException;
|
||||
//import javax.servlet.http.HttpServletRequest;
|
||||
//import javax.servlet.http.HttpServletResponse;
|
||||
//import java.io.IOException;
|
||||
//import java.util.ArrayList;
|
||||
//import java.util.List;
|
||||
//
|
||||
//public class JWTAuthenticationFilter extends OncePerRequestFilter {
|
||||
//
|
||||
// public JWTAuthenticationFilter(JwtTokenProvider tokenProvider) {
|
||||
// this.tokenProvider = tokenProvider;
|
||||
// }
|
||||
//
|
||||
// @Override
|
||||
// protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
|
||||
// String authHeader = request.getHeader("Authorization");
|
||||
// if (authHeader != null && authHeader.startsWith("Bearer ")) {
|
||||
// String token = authHeader.substring(7);
|
||||
// String username = tokenProvider.getUsername(token);
|
||||
// if (username != null && SecurityContextHolder.getContext().getAuthentication() == null) {
|
||||
// if (tokenProvider.validateToken(token)) {
|
||||
// List<GrantedAuthority> authorities = new ArrayList<>();
|
||||
// // 根据你的应用程序需求设置权限
|
||||
// authorities.add(new SimpleGrantedAuthority("ROLE_USER"));
|
||||
// UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(username, null, authorities);
|
||||
// authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
|
||||
// SecurityContextHolder.getContext().setAuthentication(authenticationToken);
|
||||
// }
|
||||
// }
|
||||
// }
|
||||
// filterChain.doFilter(request, response);
|
||||
// }
|
||||
//}
|
||||
@@ -0,0 +1,29 @@
|
||||
//package com.tiesheng.demo.config;
|
||||
//
|
||||
//import cn.hutool.extra.spring.SpringUtil;
|
||||
//import org.springframework.context.annotation.Configuration;
|
||||
//import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
//import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
//import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
//import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
||||
//
|
||||
//import javax.servlet.http.HttpServletResponse;
|
||||
//
|
||||
//@Configuration
|
||||
//@EnableWebSecurity
|
||||
//public class TieshengSecurityAdapter extends WebSecurityConfigurerAdapter {
|
||||
//
|
||||
// @Override
|
||||
// protected void configure(HttpSecurity http) throws Exception {
|
||||
// SpringUtil.getBeanFactory().getA
|
||||
// http.csrf().disable() // JWT 通常与状态无关,因此 CSRF 保护不适用
|
||||
// .authorizeRequests()
|
||||
// .antMatchers("/login").permitAll() // 登录接口允许所有人访问
|
||||
// .anyRequest().authenticated() // 其他所有请求需要认证
|
||||
// .and()
|
||||
// .exceptionHandling()
|
||||
// .authenticationEntryPoint((request, response, authException) -> response.sendError(HttpServletResponse.SC_UNAUTHORIZED))
|
||||
// .and()
|
||||
// .addFilterBefore(new JWTAuthenticationFilter(tokenProvider), UsernamePasswordAuthenticationFilter.class);
|
||||
// }
|
||||
//}
|
||||
Reference in New Issue
Block a user