sunsail云平台后端管理项目工程
blame | 历史 | 原始文档
luoyb
2021-03-11 55cd1ac1b843cc6c19100d7e23b4276e4a8bc5a3 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65

package cc.mrbird.febs.auth.configure;


 


import cc.mrbird.febs.auth.handler.FebsWebLoginFailureHandler;


import cc.mrbird.febs.auth.handler.FebsWebLoginSuccessHandler;


import cc.mrbird.febs.auth.filter.ValidateCodeFilter;


import cc.mrbird.febs.common.core.entity.constant.EndpointConstant;


import lombok.RequiredArgsConstructor;


import org.springframework.context.annotation.Bean;


import org.springframework.core.annotation.Order;


import org.springframework.security.authentication.AuthenticationManager;


import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;


import org.springframework.security.config.annotation.web.builders.HttpSecurity;


import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;


import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;


import org.springframework.security.core.userdetails.UserDetailsService;


import org.springframework.security.crypto.password.PasswordEncoder;


import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;


 


/**


 * WebSecurity配置


 *


 * @author MrBird


 */


@Order(2)


@EnableWebSecurity


@RequiredArgsConstructor


public class FebsSecurityConfigure extends WebSecurityConfigurerAdapter {


 


    private final UserDetailsService userDetailService;


    private final ValidateCodeFilter validateCodeFilter;


    private final PasswordEncoder passwordEncoder;


    private final FebsWebLoginSuccessHandler successHandler;


    private final FebsWebLoginFailureHandler failureHandler;


 


 


    @Bean


    @Override


    public AuthenticationManager authenticationManagerBean() throws Exception {


        return super.authenticationManagerBean();


    }


 


    @Override


    protected void configure(HttpSecurity http) throws Exception {


        http.addFilterBefore(validateCodeFilter, UsernamePasswordAuthenticationFilter.class)


                .requestMatchers()


                .antMatchers(EndpointConstant.OAUTH_ALL, EndpointConstant.LOGIN)


                .and()


                .authorizeRequests()


                .antMatchers(EndpointConstant.OAUTH_ALL).authenticated()


                .and()


                .formLogin()


                .loginPage(EndpointConstant.LOGIN)


                .loginProcessingUrl(EndpointConstant.LOGIN)


                .successHandler(successHandler)


                .failureHandler(failureHandler)


                .permitAll()


                .and().csrf().disable()


                .httpBasic().disable();


    }


 


    @Override


    protected void configure(AuthenticationManagerBuilder auth) throws Exception {


        auth.userDetailsService(userDetailService).passwordEncoder(passwordEncoder);


    }


}