refactor: 移除匿名访问的设计,还原常用的白名单配置方案
This commit is contained in:
Ray.Hao
@@ -62,7 +62,7 @@ mybatis-plus:
|
||||
# 主键ID类型
|
||||
id-type: none
|
||||
# 逻辑删除全局属性名(驼峰和下划线都支持)
|
||||
logic-delete-field: isDeleted
|
||||
logic-delete-field: is_deleted
|
||||
# 逻辑删除-删除值
|
||||
logic-delete-value: 1
|
||||
# 逻辑删除-未删除值
|
||||
@@ -85,17 +85,20 @@ security:
|
||||
access-token-time-to-live: 3600
|
||||
# 刷新令牌有效期(单位:秒),默认 7 天
|
||||
refresh-token-time-to-live: 604800
|
||||
# 白名单列表
|
||||
# 无需认证的请求路径
|
||||
ignore-urls:
|
||||
- /v3/api-docs/**
|
||||
- /doc.html
|
||||
- /api/v1/auth/login # 用户登录接口
|
||||
- /api/v1/auth/wechat-login # 微信登录接口
|
||||
- /api/v1/auth/captcha # 验证码获取接口
|
||||
- /api/v1/auth/refresh-token # 刷新令牌接口
|
||||
- /ws/** # WebSocket接口
|
||||
# 不走 Spring Security 过滤器链的请求路径(一般是静态资源)
|
||||
unsecured-urls:
|
||||
- ${springdoc.swagger-ui.path}
|
||||
- /swagger-resources/**
|
||||
- /doc.html
|
||||
- /v3/api-docs/**
|
||||
- /webjars/**
|
||||
- /swagger-ui/**
|
||||
- /api/v1/auth/captcha
|
||||
- /api/v1/auth/refresh-token
|
||||
- /ws/**
|
||||
|
||||
|
||||
# 文件存储配置
|
||||
oss:
|
||||
|
||||
Reference in New Issue
Block a user