package com.vincent.rsf.openApi.config;

import com.vincent.rsf.openApi.security.filter.AppIdAuthenticationFilter;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import javax.annotation.Resource;

/**
 * API安全配置类
 * 用于注册API认证过滤器
 */
@Configuration
public class ApiSecurityConfig {

    @Resource
    private AppIdAuthenticationFilter appIdAuthenticationFilter;

    /**
     * 注册API认证过滤器（支持AppId/AppSecret和Token认证）
     * 
     * @return 过滤器注册Bean
     */
    @Bean
    public FilterRegistrationBean<AppIdAuthenticationFilter> apiAuthenticationFilter() {
        FilterRegistrationBean<AppIdAuthenticationFilter> registrationBean = new FilterRegistrationBean<>();
        
        registrationBean.setFilter(appIdAuthenticationFilter);
        registrationBean.addUrlPatterns("/api/*", "/erp/*", "/mes/*", "/agv/*"); // 拦截API请求、ERP请求、MES请求、管理AGV任务请求
        registrationBean.setName("apiAuthenticationFilter");
        registrationBean.setOrder(1); // 设置过滤器优先级
        
        return registrationBean;
    }
}