zy-asrs-master.git

			@@ -1,118 +1,119 @@
			//package com.zy.asrs.wcs.common.security;
			//
			//import com.zy.acs.manager.common.constant.Constants;
			//import com.zy.acs.manager.common.utils.CommonUtil;
			//import org.springframework.context.annotation.Bean;
			//import org.springframework.context.annotation.Configuration;
			//import org.springframework.http.HttpMethod;
			//import org.springframework.security.access.AccessDeniedException;
			//import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
			//import org.springframework.security.config.annotation.web.builders.HttpSecurity;
			//import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
			//import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
			//import org.springframework.security.config.http.SessionCreationPolicy;
			//import org.springframework.security.core.AuthenticationException;
			//import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
			//import org.springframework.security.web.AuthenticationEntryPoint;
			//import org.springframework.security.web.access.AccessDeniedHandler;
			//import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
			//import org.springframework.stereotype.Component;
			//
			//import javax.annotation.Resource;
			//import javax.servlet.ServletException;
			//import javax.servlet.http.HttpServletRequest;
			//import javax.servlet.http.HttpServletResponse;
			//import java.io.IOException;
			//
			///**
			// * Spring Security配置
			// *
			// */
			//@Configuration
			//@EnableWebSecurity
			//@EnableGlobalMethodSecurity(prePostEnabled = true)
			//public class SecurityConfig extends WebSecurityConfigurerAdapter {
			//
			// public static final String[] FILTER_PATH = new String[]{
			// "/test/**",
			// "/rpc/**",
			// "/api/login",
			// "/druid/**",
			// "/swagger-ui.html",
			// "/swagger-resources/**",
			// "/webjars/**",
			// "/v2/api-docs",
			// "/v3/api-docs",
			// "/swagger-ui/**"
			// };
			//
			// @Resource
			// private JwtAccessDeniedHandler jwtAccessDeniedHandler;
			// @Resource
			// private JwtAuthenticationEntryPoint jwtAuthenticationEntryPoint;
			// @Resource
			// private JwtAuthenticationFilter jwtAuthenticationFilter;
			//
			// @Override
			// protected void configure(HttpSecurity http) throws Exception {
			// http.authorizeRequests()
			// .antMatchers(HttpMethod.OPTIONS, "/**")
			// .permitAll()
			// .antMatchers(HttpMethod.GET, "/api/file/**", "/api/captcha", "/")
			// .permitAll()
			// .antMatchers(FILTER_PATH)
			// .permitAll()
			// .anyRequest()
			// .authenticated()
			// .and()
			// .sessionManagement()
			// .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
			// .and()
			// .csrf()
			// .disable()
			// .cors()
			// .and()
			// .logout()
			// .disable()
			// .headers()
			// .frameOptions()
			// .disable()
			// .and()
			// .exceptionHandling()
			// .accessDeniedHandler(jwtAccessDeniedHandler)
			// .authenticationEntryPoint(jwtAuthenticationEntryPoint)
			// .and()
			// .addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
			// }
			//
			// @Bean
			// public BCryptPasswordEncoder bCryptPasswordEncoder() {
			// return new BCryptPasswordEncoder();
			// }
			//
			// // 没有访问权限异常处理
			// @Component
			// static class JwtAccessDeniedHandler implements AccessDeniedHandler {
			//
			// @Override
			// public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException e)
			// throws IOException, ServletException {
			// CommonUtil.responseError(response, Constants.UNAUTHORIZED_CODE, Constants.UNAUTHORIZED_MSG, e.getMessage());
			// }
			//
			// }
			//
			// // 没有登录异常处理
			// @Component
			// static class JwtAuthenticationEntryPoint implements AuthenticationEntryPoint {
			//
			// @Override
			// public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException e)
			// throws IOException, ServletException {
			// CommonUtil.responseError(response, Constants.UNAUTHENTICATED_CODE, Constants.UNAUTHENTICATED_MSG,
			// e.getMessage());
			// }
			//
			// }
			//
			//}
			package com.zy.asrs.wcs.common.security;

			import com.zy.asrs.wcs.common.constant.Constants;
			import com.zy.asrs.wcs.utils.HttpUtils;
			import org.springframework.context.annotation.Bean;
			import org.springframework.context.annotation.Configuration;
			import org.springframework.http.HttpMethod;
			import org.springframework.security.access.AccessDeniedException;
			import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
			import org.springframework.security.config.annotation.web.builders.HttpSecurity;
			import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
			import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
			import org.springframework.security.config.http.SessionCreationPolicy;
			import org.springframework.security.core.AuthenticationException;
			import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
			import org.springframework.security.web.AuthenticationEntryPoint;
			import org.springframework.security.web.access.AccessDeniedHandler;
			import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
			import org.springframework.stereotype.Component;

			import javax.annotation.Resource;
			import javax.servlet.http.HttpServletRequest;
			import javax.servlet.http.HttpServletResponse;

			/**
			* Spring Security配置
			*
			*/
			@Configuration
			@EnableWebSecurity
			@EnableGlobalMethodSecurity(prePostEnabled = true)
			public class SecurityConfig extends WebSecurityConfigurerAdapter {

			public static final String[] FILTER_PATH = new String[]{
			"/api/auth/host",
			"/test/**",
			"/api/login",
			"/api/auth/host",
			"/druid/**",
			"/swagger-ui.html",
			"/swagger-resources/**",
			"/webjars/**",
			"/v2/api-docs",
			"/v3/api-docs",
			"/swagger-ui/**",
			"/ws/**",
			"/openapi/**",
			"/views/**",
			"/static/**"
			};

			@Resource
			private JwtAccessDeniedHandler jwtAccessDeniedHandler;
			@Resource
			private JwtAuthenticationEntryPoint jwtAuthenticationEntryPoint;
			@Resource
			private JwtAuthenticationFilter jwtAuthenticationFilter;

			@Override
			protected void configure(HttpSecurity http) throws Exception {
			http.authorizeRequests()
			.antMatchers(HttpMethod.OPTIONS, "/**")
			.permitAll()
			.antMatchers(HttpMethod.GET, "/api/file/**", "/api/captcha", "/")
			.permitAll()
			.antMatchers(FILTER_PATH)
			.permitAll()
			.anyRequest()
			.authenticated()
			.and()
			.sessionManagement()
			.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
			.and()
			.csrf()
			.disable()
			.cors()
			.and()
			.logout()
			.disable()
			.headers()
			.frameOptions()
			.disable()
			.and()
			.exceptionHandling()
			.accessDeniedHandler(jwtAccessDeniedHandler)
			.authenticationEntryPoint(jwtAuthenticationEntryPoint)
			.and()
			.addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
			}

			@Bean
			public BCryptPasswordEncoder bCryptPasswordEncoder() {
			return new BCryptPasswordEncoder();
			}

			// 没有访问权限异常处理
			@Component
			static class JwtAccessDeniedHandler implements AccessDeniedHandler {

			@Override
			public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException e) {
			HttpUtils.responseError(response, Constants.UNAUTHORIZED_CODE, Constants.UNAUTHORIZED_MSG, e.getMessage());
			}

			}

			// 没有登录异常处理
			@Component
			static class JwtAuthenticationEntryPoint implements AuthenticationEntryPoint {

			@Override
			public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException e) {
			HttpUtils.responseError(response, Constants.UNAUTHENTICATED_CODE, Constants.UNAUTHENTICATED_MSG,
			e.getMessage());
			}

			}

			}