41 lines
1.6 KiB
Java
41 lines
1.6 KiB
Java
package cn.van333.wxsend.config;
|
||
|
||
import org.springframework.context.annotation.Configuration;
|
||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||
|
||
/**
|
||
* @author Leo
|
||
* @version 1.0
|
||
* @create 2023/10/07 0007 下午 03:54
|
||
* @description:
|
||
*/
|
||
@Configuration
|
||
@EnableWebSecurity
|
||
public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
||
|
||
@Override
|
||
protected void configure(HttpSecurity http) throws Exception {
|
||
http.authorizeRequests()
|
||
.antMatchers("/admin/**").hasRole("ADMIN") // 设置admin/**路径需要ADMIN角色
|
||
.antMatchers("/wx/**").permitAll()
|
||
.anyRequest().authenticated() // 其他请求需要认证
|
||
.and()
|
||
.formLogin() // 启用默认登录页
|
||
.and()
|
||
.logout() // 启用默认注销页
|
||
.and()
|
||
.csrf().disable(); // 禁用CSRF保护
|
||
}
|
||
|
||
@Override
|
||
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
||
auth.inMemoryAuthentication() // 在内存中定义用户和角色
|
||
.withUser("van").password("LK.807878712").roles("ADMIN")
|
||
.and()
|
||
.withUser("user").password("user.807878712").roles("USER");
|
||
}
|
||
}
|