From 2a2660d4bd43aeb910655b548adb7018212e7767 Mon Sep 17 00:00:00 2001 From: "3067418132@qq.com" Date: Mon, 30 Mar 2026 09:58:49 +0800 Subject: [PATCH] =?UTF-8?q?1=E3=80=81=E9=87=8D=E6=96=B0=E5=90=AF=E7=94=A8t?= =?UTF-8?q?oken?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../com/mh/user/config/WebSecurityConfig.java | 44 +++++++++---------- .../user/controller/SysLoginController.java | 2 +- 2 files changed, 23 insertions(+), 23 deletions(-) diff --git a/user-service/src/main/java/com/mh/user/config/WebSecurityConfig.java b/user-service/src/main/java/com/mh/user/config/WebSecurityConfig.java index 8fa6a2c..9c7f3a1 100644 --- a/user-service/src/main/java/com/mh/user/config/WebSecurityConfig.java +++ b/user-service/src/main/java/com/mh/user/config/WebSecurityConfig.java @@ -42,34 +42,34 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { // 禁用 csrf, 由于使用的是JWT,我们这里不需要csrf -// http.cors().and().csrf().disable() -// .authorizeRequests() -// // 跨域预检请求 -// .antMatchers(HttpMethod.OPTIONS, "/**").permitAll() -// // web jars -// .antMatchers("/webjars/**").permitAll() -// // 查看SQL监控(druid) + http.cors().and().csrf().disable() + .authorizeRequests() + // 跨域预检请求 + .antMatchers(HttpMethod.OPTIONS, "/**").permitAll() + // web jars + .antMatchers("/webjars/**").permitAll() + // 查看SQL监控(druid) // .antMatchers("/druid/**").permitAll() -// // 首页和登录页面 -// .antMatchers("/").permitAll() -// .antMatchers("/login").permitAll() -// // swagger + // 首页和登录页面 + .antMatchers("/").permitAll() + .antMatchers("/login").permitAll() + // swagger // .antMatchers("/swagger-ui.html").permitAll() // .antMatchers("/swagger-resources/**").permitAll() // .antMatchers("/v2/api-docs").permitAll() // .antMatchers("/webjars/springfox-swagger-ui/**").permitAll() -// // 验证码 -// .antMatchers("/captcha.jpg**").permitAll() -// // 服务监控 -// .antMatchers("/actuator/**").permitAll() -// // 其他所有请求需要身份认证 -// .anyRequest().authenticated(); -// // 退出登录处理器 -// http.logout().logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler()); -// // token验证过滤器 -// http.addFilterBefore(new JwtAuthenticationFilter(authenticationManager()), UsernamePasswordAuthenticationFilter.class); + // 验证码 + .antMatchers("/captcha.jpg**").permitAll() + // 服务监控 + .antMatchers("/actuator/**").permitAll() + // 其他所有请求需要身份认证 + .anyRequest().authenticated(); + // 退出登录处理器 + http.logout().logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler()); + // token验证过滤器 + http.addFilterBefore(new JwtAuthenticationFilter(authenticationManager()), UsernamePasswordAuthenticationFilter.class); // 禁用token验证 - http.csrf().disable().authorizeRequests().anyRequest().permitAll().and().logout().permitAll(); +// http.csrf().disable().authorizeRequests().anyRequest().permitAll().and().logout().permitAll(); } @Bean diff --git a/user-service/src/main/java/com/mh/user/controller/SysLoginController.java b/user-service/src/main/java/com/mh/user/controller/SysLoginController.java index aa2f94c..a74af49 100644 --- a/user-service/src/main/java/com/mh/user/controller/SysLoginController.java +++ b/user-service/src/main/java/com/mh/user/controller/SysLoginController.java @@ -102,7 +102,7 @@ public class SysLoginController { // String SourceName = "sqlServer-"+dbEntity.getDB_Names(); // dataSourceObject.SwitchSQLServerDataSource(dbEntity,SourceName); // DataSourceContextHolder.setDBType(SourceName); - + token.eraseCredentials(); return HttpResult.ok(token); }