springboot升级到2.7.2、售后bug处理、字典排序修复、SecurityConfig兼容新的写法、修复首页没配置group函数报错问题

2022-08-14 22:31:27 +08:00
parent 6c4d00abdd
commit 6520e6fc92
4 changed files with 18 additions and 16 deletions
--- a/yshop-admin/src/main/java/co/yixiang/modules/security/config/SecurityConfig.java
+++ b/yshop-admin/src/main/java/co/yixiang/modules/security/config/SecurityConfig.java
@ -17,11 +17,11 @@ import org.springframework.http.HttpMethod;
 import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.config.core.GrantedAuthorityDefaults;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 import org.springframework.web.filter.CorsFilter;
 import org.springframework.web.method.HandlerMethod;
@ -38,7 +38,7 @@ import java.util.Set;
@Configuration(proxyBeanMethods = false)
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
-public class SecurityConfig extends WebSecurityConfigurerAdapter {
+public class SecurityConfig {

    private final TokenUtil tokenUtil;
    private final CorsFilter corsFilter;
@ -66,8 +66,8 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
        return new BCryptPasswordEncoder();
    }

-    @Override
-    protected void configure(HttpSecurity httpSecurity) throws Exception {
+    @Bean
+    SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {
        // 搜寻匿名标记 url： @AnonymousAccess
        Map<RequestMappingInfo, HandlerMethod> handlerMethodMap = applicationContext.getBean(RequestMappingHandlerMapping.class).getHandlerMethods();
        Set<String> anonymousUrls = new HashSet<>();
@ -78,7 +78,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
                anonymousUrls.addAll(infoEntry.getKey().getPatternsCondition().getPatterns());
            }
        }
-        httpSecurity
+        return httpSecurity
                // 禁用 CSRF
                .csrf().disable()
                .addFilterBefore(corsFilter, UsernamePasswordAuthenticationFilter.class)
@ -130,7 +130,9 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
                .antMatchers(anonymousUrls.toArray(new String[0])).permitAll()
                // 所有请求都需要认证
                .anyRequest().authenticated()
-                .and().apply(securityConfigurerAdapter());
+                .and().apply(securityConfigurerAdapter())
+                .and()
+                .build();
    }

    private TokenConfigurer securityConfigurerAdapter() {