forked from ruoyi/RuoYi-Vue
Compare commits
2 Commits
8026b7416c
...
cc2a0621c6
| Author | SHA1 | Date | |
|---|---|---|---|
| cc2a0621c6 | |||
| 616e257617 |
@@ -1,8 +1,9 @@
|
|||||||
package com.devttl.common.constant;
|
package com.devttl.common.constant;
|
||||||
|
|
||||||
import java.util.Locale;
|
|
||||||
import io.jsonwebtoken.Claims;
|
import io.jsonwebtoken.Claims;
|
||||||
|
|
||||||
|
import java.util.Locale;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 通用常量信息
|
* 通用常量信息
|
||||||
*
|
*
|
||||||
@@ -158,7 +159,7 @@ public class Constants
|
|||||||
/**
|
/**
|
||||||
* 自动识别json对象白名单配置(仅允许解析的包名,范围越小越安全)
|
* 自动识别json对象白名单配置(仅允许解析的包名,范围越小越安全)
|
||||||
*/
|
*/
|
||||||
public static final String[] JSON_WHITELIST_STR = { "org.springframework", "com.devttl" };
|
public static final String[] JSON_WHITELIST_STR = { "com.devttl" };
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 定时任务白名单配置(仅允许访问的包名,如其他需要可以自行添加)
|
* 定时任务白名单配置(仅允许访问的包名,如其他需要可以自行添加)
|
||||||
|
|||||||
@@ -16,6 +16,7 @@ import org.apache.commons.lang3.time.DateFormatUtils;
|
|||||||
*
|
*
|
||||||
* @author devttl
|
* @author devttl
|
||||||
*/
|
*/
|
||||||
|
@SuppressWarnings("deprecation")
|
||||||
public class DateUtils extends org.apache.commons.lang3.time.DateUtils
|
public class DateUtils extends org.apache.commons.lang3.time.DateUtils
|
||||||
{
|
{
|
||||||
public static String YYYY = "yyyy";
|
public static String YYYY = "yyyy";
|
||||||
|
|||||||
@@ -15,6 +15,7 @@ import com.devttl.common.core.text.StrFormatter;
|
|||||||
*
|
*
|
||||||
* @author devttl
|
* @author devttl
|
||||||
*/
|
*/
|
||||||
|
@SuppressWarnings("deprecation")
|
||||||
public class StringUtils extends org.apache.commons.lang3.StringUtils
|
public class StringUtils extends org.apache.commons.lang3.StringUtils
|
||||||
{
|
{
|
||||||
/** 空字符串 */
|
/** 空字符串 */
|
||||||
|
|||||||
@@ -1,25 +1,23 @@
|
|||||||
package com.devttl.framework.config;
|
package com.devttl.framework.config;
|
||||||
|
|
||||||
|
import com.devttl.framework.config.properties.PermitAllUrlProperties;
|
||||||
|
import com.devttl.framework.security.filter.JwtAuthenticationTokenFilter;
|
||||||
|
import com.devttl.framework.security.handle.AuthenticationEntryPointImpl;
|
||||||
|
import com.devttl.framework.security.handle.LogoutSuccessHandlerImpl;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.context.annotation.Bean;
|
import org.springframework.context.annotation.Bean;
|
||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
import org.springframework.http.HttpMethod;
|
import org.springframework.http.HttpMethod;
|
||||||
import org.springframework.security.authentication.AuthenticationManager;
|
import org.springframework.security.authentication.AuthenticationManager;
|
||||||
import org.springframework.security.authentication.ProviderManager;
|
import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
|
||||||
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
|
|
||||||
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
|
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
import org.springframework.security.config.http.SessionCreationPolicy;
|
import org.springframework.security.config.http.SessionCreationPolicy;
|
||||||
import org.springframework.security.core.userdetails.UserDetailsService;
|
|
||||||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
||||||
import org.springframework.security.web.SecurityFilterChain;
|
import org.springframework.security.web.SecurityFilterChain;
|
||||||
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
||||||
import org.springframework.security.web.authentication.logout.LogoutFilter;
|
import org.springframework.security.web.authentication.logout.LogoutFilter;
|
||||||
import org.springframework.web.filter.CorsFilter;
|
import org.springframework.web.filter.CorsFilter;
|
||||||
import com.devttl.framework.config.properties.PermitAllUrlProperties;
|
|
||||||
import com.devttl.framework.security.filter.JwtAuthenticationTokenFilter;
|
|
||||||
import com.devttl.framework.security.handle.AuthenticationEntryPointImpl;
|
|
||||||
import com.devttl.framework.security.handle.LogoutSuccessHandlerImpl;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* spring security配置
|
* spring security配置
|
||||||
@@ -28,13 +26,7 @@ import com.devttl.framework.security.handle.LogoutSuccessHandlerImpl;
|
|||||||
*/
|
*/
|
||||||
@EnableMethodSecurity(prePostEnabled = true, securedEnabled = true)
|
@EnableMethodSecurity(prePostEnabled = true, securedEnabled = true)
|
||||||
@Configuration
|
@Configuration
|
||||||
public class SecurityConfig
|
public class SecurityConfig {
|
||||||
{
|
|
||||||
/**
|
|
||||||
* 自定义用户认证逻辑
|
|
||||||
*/
|
|
||||||
@Autowired
|
|
||||||
private UserDetailsService userDetailsService;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 认证失败处理类
|
* 认证失败处理类
|
||||||
@@ -70,12 +62,8 @@ public class SecurityConfig
|
|||||||
* 身份验证实现
|
* 身份验证实现
|
||||||
*/
|
*/
|
||||||
@Bean
|
@Bean
|
||||||
public AuthenticationManager authenticationManager()
|
public AuthenticationManager authenticationManager(AuthenticationConfiguration authenticationConfiguration) throws Exception {
|
||||||
{
|
return authenticationConfiguration.getAuthenticationManager();
|
||||||
DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider();
|
|
||||||
daoAuthenticationProvider.setUserDetailsService(userDetailsService);
|
|
||||||
daoAuthenticationProvider.setPasswordEncoder(bCryptPasswordEncoder());
|
|
||||||
return new ProviderManager(daoAuthenticationProvider);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@@ -94,8 +82,7 @@ public class SecurityConfig
|
|||||||
* authenticated | 用户登录后可访问
|
* authenticated | 用户登录后可访问
|
||||||
*/
|
*/
|
||||||
@Bean
|
@Bean
|
||||||
protected SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception
|
protected SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {
|
||||||
{
|
|
||||||
return httpSecurity
|
return httpSecurity
|
||||||
// CSRF禁用,因为不使用session
|
// CSRF禁用,因为不使用session
|
||||||
.csrf(csrf -> csrf.disable())
|
.csrf(csrf -> csrf.disable())
|
||||||
@@ -132,8 +119,7 @@ public class SecurityConfig
|
|||||||
* 强散列哈希加密实现
|
* 强散列哈希加密实现
|
||||||
*/
|
*/
|
||||||
@Bean
|
@Bean
|
||||||
public BCryptPasswordEncoder bCryptPasswordEncoder()
|
public BCryptPasswordEncoder bCryptPasswordEncoder() {
|
||||||
{
|
|
||||||
return new BCryptPasswordEncoder();
|
return new BCryptPasswordEncoder();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
10
pom.xml
10
pom.xml
@@ -20,14 +20,14 @@
|
|||||||
<mybatis.version>3.5.16</mybatis.version>
|
<mybatis.version>3.5.16</mybatis.version>
|
||||||
<mybatis-plus.version>3.5.12</mybatis-plus.version>
|
<mybatis-plus.version>3.5.12</mybatis-plus.version>
|
||||||
<mybatis-plus-jsqlparser.version>3.5.12</mybatis-plus-jsqlparser.version>
|
<mybatis-plus-jsqlparser.version>3.5.12</mybatis-plus-jsqlparser.version>
|
||||||
<mybatis-spring-boot.version>3.0.3</mybatis-spring-boot.version>
|
<mybatis-spring-boot.version>3.0.4</mybatis-spring-boot.version>
|
||||||
<druid.version>1.2.23</druid.version>
|
<druid.version>1.2.23</druid.version>
|
||||||
<bitwalker.version>1.21</bitwalker.version>
|
<bitwalker.version>1.21</bitwalker.version>
|
||||||
<swagger.version>3.0.0</swagger.version>
|
<swagger.version>3.0.0</swagger.version>
|
||||||
<kaptcha.version>2.3.3</kaptcha.version>
|
<kaptcha.version>2.3.3</kaptcha.version>
|
||||||
<pagehelper.boot.version>2.1.0</pagehelper.boot.version>
|
<pagehelper.boot.version>2.1.1</pagehelper.boot.version>
|
||||||
<fastjson.version>2.0.57</fastjson.version>
|
<fastjson.version>2.0.57</fastjson.version>
|
||||||
<oshi.version>6.8.1</oshi.version>
|
<oshi.version>6.8.2</oshi.version>
|
||||||
<commons.io.version>2.19.0</commons.io.version>
|
<commons.io.version>2.19.0</commons.io.version>
|
||||||
<poi.version>4.1.2</poi.version>
|
<poi.version>4.1.2</poi.version>
|
||||||
<velocity.version>2.3</velocity.version>
|
<velocity.version>2.3</velocity.version>
|
||||||
@@ -35,7 +35,7 @@
|
|||||||
<mysql.version>8.2.0</mysql.version>
|
<mysql.version>8.2.0</mysql.version>
|
||||||
<jaxb-api.version>2.3.1</jaxb-api.version>
|
<jaxb-api.version>2.3.1</jaxb-api.version>
|
||||||
<jakarta.version>6.0.0</jakarta.version>
|
<jakarta.version>6.0.0</jakarta.version>
|
||||||
<springdoc.version>2.6.0</springdoc.version>
|
<springdoc.version>2.8.9</springdoc.version>
|
||||||
</properties>
|
</properties>
|
||||||
|
|
||||||
<!-- 依赖声明 -->
|
<!-- 依赖声明 -->
|
||||||
@@ -46,7 +46,7 @@
|
|||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.springframework.boot</groupId>
|
<groupId>org.springframework.boot</groupId>
|
||||||
<artifactId>spring-boot-dependencies</artifactId>
|
<artifactId>spring-boot-dependencies</artifactId>
|
||||||
<version>3.3.5</version>
|
<version>3.5.4</version>
|
||||||
<type>pom</type>
|
<type>pom</type>
|
||||||
<scope>import</scope>
|
<scope>import</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|||||||
Reference in New Issue
Block a user