diff --git a/src/main/java/com/youlai/boot/config/SecurityConfig.java b/src/main/java/com/youlai/boot/config/SecurityConfig.java index 39c9abdf..343a8a57 100644 --- a/src/main/java/com/youlai/boot/config/SecurityConfig.java +++ b/src/main/java/com/youlai/boot/config/SecurityConfig.java @@ -22,7 +22,6 @@ import org.springframework.data.redis.core.RedisTemplate; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.ProviderManager; import org.springframework.security.authentication.dao.DaoAuthenticationProvider; -import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration; import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; @@ -35,9 +34,9 @@ import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; /** - * Spring Security 权限配置 + * Spring Security 安全配置 * - * @author Ray + * @author Ray.Hao * @since 2023/2/17 */ @Configuration @@ -46,17 +45,20 @@ import org.springframework.security.web.authentication.UsernamePasswordAuthentic @RequiredArgsConstructor public class SecurityConfig { - private final MyAuthenticationEntryPoint authenticationEntryPoint; - private final MyAccessDeniedHandler accessDeniedHandler; private final RedisTemplate redisTemplate; - private final CodeGenerator codeGenerator; - private final SecurityProperties securityProperties; - private final ConfigService configService; + private final PasswordEncoder passwordEncoder; + private final JwtTokenService jwtTokenService; private final WxMaService wxMaService; private final UserService userService; private final SysUserDetailsService userDetailsService; - private final PasswordEncoder passwordEncoder; + + private final CodeGenerator codeGenerator; + private final SecurityProperties securityProperties; + private final ConfigService configService; + + private final MyAuthenticationEntryPoint authenticationEntryPoint; // 项目内安全类 + private final MyAccessDeniedHandler accessDeniedHandler; @Bean public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { diff --git a/src/main/java/com/youlai/boot/config/property/SecurityProperties.java b/src/main/java/com/youlai/boot/config/property/SecurityProperties.java index ac338947..ed54c98b 100644 --- a/src/main/java/com/youlai/boot/config/property/SecurityProperties.java +++ b/src/main/java/com/youlai/boot/config/property/SecurityProperties.java @@ -16,9 +16,9 @@ import java.util.List; public class SecurityProperties { /** - * 白名单 URL 集合 + * 会话方式 */ - private List ignoreUrls; + private SessionProperty session; /** * JWT 配置 @@ -26,9 +26,17 @@ public class SecurityProperties { private JwtProperty jwt; /** - * 令牌类型 jwt / redis-token + * 白名单 URL 集合 */ - private String tokenType; + private List ignoreUrls; + + /** + * 会话属性 + */ + @Data + public static class SessionProperty { + private String type; + } /** * JWT 配置 diff --git a/src/main/java/com/youlai/boot/shared/auth/service/impl/JwtTokenService.java b/src/main/java/com/youlai/boot/shared/auth/service/impl/JwtTokenService.java index 9331b3d4..801369d7 100644 --- a/src/main/java/com/youlai/boot/shared/auth/service/impl/JwtTokenService.java +++ b/src/main/java/com/youlai/boot/shared/auth/service/impl/JwtTokenService.java @@ -33,10 +33,10 @@ import java.util.stream.Collectors; /** * JWT 令牌服务实现 * - * @author Ray + * @author Ray.Hao * @since 2024/11/15 */ -@ConditionalOnProperty(value = "security.token-type", havingValue = "jwt") +@ConditionalOnProperty(value = "security.session.type", havingValue = "jwt") @Service public class JwtTokenService implements TokenService { diff --git a/src/main/java/com/youlai/boot/shared/auth/service/impl/RedisTokenService.java b/src/main/java/com/youlai/boot/shared/auth/service/impl/RedisTokenService.java index 7da240a5..78603b4d 100644 --- a/src/main/java/com/youlai/boot/shared/auth/service/impl/RedisTokenService.java +++ b/src/main/java/com/youlai/boot/shared/auth/service/impl/RedisTokenService.java @@ -9,10 +9,10 @@ import org.springframework.stereotype.Service; /** * JWT 令牌服务实现 * - * @author Ray + * @author Ray.Hao * @since 2024/11/15 */ -@ConditionalOnProperty(value = "security.token-type", havingValue = "redis-token") +@ConditionalOnProperty(value = "security.session.type", havingValue = "redis-token") @Service public class RedisTokenService implements TokenService { diff --git a/src/main/resources/application-dev.yml b/src/main/resources/application-dev.yml index 967c8102..c7384c14 100644 --- a/src/main/resources/application-dev.yml +++ b/src/main/resources/application-dev.yml @@ -75,8 +75,9 @@ mybatis-plus: # 安全配置 security: - # JWT 认证类型, 支持 jwt、redis-token - token-type: jwt + session: + # 会话方式,支持 jwt、redis-token + type: jwt jwt: # JWT 秘钥 key: SecretKey012345678901234567890123456789012345678901234567890123456789 diff --git a/src/main/resources/application-prod.yml b/src/main/resources/application-prod.yml index 664f0a8d..55ccd508 100644 --- a/src/main/resources/application-prod.yml +++ b/src/main/resources/application-prod.yml @@ -59,8 +59,9 @@ mybatis-plus: # 安全配置 security: - # JWT 认证类型, 支持 jwt、redis-token - token-type: jwt + session: + # 会话方式,支持 jwt、redis-token + type: jwt # JWT 配置 jwt: # JWT 秘钥