1

src/main/java/cn/van333/wxsend/config/SecurityConfig.java

@@ -0,0 +1,40 @@
+package cn.van333.wxsend.config;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+
+/**
+ * @author Leo
+ * @version 1.0
+ * @create 2023/10/07 0007 下午 03:54
+ * @description：
+ */
+@Configuration
+@EnableWebSecurity
+public class SecurityConfig extends WebSecurityConfigurerAdapter {
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http.authorizeRequests()
+                .antMatchers("/admin/**").hasRole("ADMIN") // 设置admin/**路径需要ADMIN角色
+                .antMatchers("/wx/**").permitAll()
+                .anyRequest().authenticated() // 其他请求需要认证
+                .and()
+                .formLogin() // 启用默认登录页
+                .and()
+                .logout() // 启用默认注销页
+                .and()
+                .csrf().disable(); // 禁用CSRF保护
+    }
+
+    @Override
+    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+        auth.inMemoryAuthentication() // 在内存中定义用户和角色
+                .withUser("van").password("LK.807878712").roles("ADMIN")
+                .and()
+                .withUser("user").password("user.807878712").roles("USER");
+    }
+}