feat(security): 增加匿名访问控制

- 新增 AnonymousAccess 注解用于标记支持匿名访问的方法 - 添加 AnonymousGetMapping、AnonymousPostMapping 等注解用于具体 HTTP 方法 - 实现 AnonymousUtils 工具类以获取所有匿名访问 URL - 修改 SecurityConfig 配置类，支持细粒度的匿名访问控制- 更新 LogAspect 切面，增加对匿名访问的处理
2024-12-06 23:19:47 +08:00
parent 9c77b7c1ac
commit bb32fc1fe7
11 changed files with 528 additions and 13 deletions
--- a/src/main/java/com/youlai/boot/shared/auth/controller/AuthController.java
+++ b/src/main/java/com/youlai/boot/shared/auth/controller/AuthController.java
@@ -1,5 +1,6 @@
 package com.youlai.boot.shared.auth.controller;

+import com.youlai.boot.common.annotation.methods.AnonymousPostMapping;
 import com.youlai.boot.common.enums.LogModuleEnum;
 import com.youlai.boot.common.result.Result;
 import com.youlai.boot.shared.auth.model.RefreshTokenRequest;
@@ -30,7 +31,7 @@ public class AuthController {
    private final AuthService authService;

    @Operation(summary = "登录")
-    @PostMapping("/login")
+    @AnonymousPostMapping("/login")
    @Log(value = "登录", module = LogModuleEnum.LOGIN)
    public Result<AuthTokenResponse> login(
            @Parameter(description = "用户名", example = "admin") @RequestParam String username,
@@ -63,7 +64,7 @@ public class AuthController {
    }

    @Operation(summary = "微信登录")
-    @PostMapping("/wechat-login")
+    @AnonymousPostMapping("/wechat-login")
    @Log(value = "微信登录", module = LogModuleEnum.LOGIN)
    public Result<AuthTokenResponse> wechatLogin(
            @Parameter(description = "微信授权码", example = "code") @RequestParam String code