f6c06db04b
- 新增 .env.production.example 配置文件,包含所有微服务的数据库和Redis配置 - 添加 compose.production.yaml Docker Compose部署文件,定义web和各服务容器 - 实现Android SDK环境切换功能,支持外部服务和本地联调模式切换 - 添加推送注册状态管理和接收开关设置界面 - 集成演示服务的应用密钥客户端和认证服务实现 - 完善文档说明各SDK模块的集成和使用方法
75 行
3.1 KiB
Java
75 行
3.1 KiB
Java
package com.xuqm.update.config;
|
|
|
|
import com.xuqm.common.security.JwtAuthFilter;
|
|
import com.xuqm.common.security.JwtUtil;
|
|
import org.springframework.context.annotation.Bean;
|
|
import org.springframework.context.annotation.Configuration;
|
|
import org.springframework.http.HttpMethod;
|
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
|
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
|
|
import org.springframework.security.config.http.SessionCreationPolicy;
|
|
import org.springframework.security.web.SecurityFilterChain;
|
|
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
|
import org.springframework.web.cors.CorsConfiguration;
|
|
import org.springframework.web.cors.CorsConfigurationSource;
|
|
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
|
|
|
|
import java.util.List;
|
|
|
|
@Configuration
|
|
@EnableWebSecurity
|
|
public class SecurityConfig {
|
|
|
|
private final JwtUtil jwtUtil;
|
|
|
|
public SecurityConfig(JwtUtil jwtUtil) {
|
|
this.jwtUtil = jwtUtil;
|
|
}
|
|
|
|
@Bean
|
|
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
|
http
|
|
.csrf(AbstractHttpConfigurer::disable)
|
|
.cors(cors -> {})
|
|
.sessionManagement(sm -> sm.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
|
|
.authorizeHttpRequests(auth -> auth
|
|
.requestMatchers(HttpMethod.OPTIONS, "/**").permitAll()
|
|
.requestMatchers(
|
|
"/actuator/**",
|
|
"/api/v1/updates/app/check",
|
|
"/api/v1/updates/app/inspect",
|
|
"/api/v1/rn/update/check",
|
|
"/api/v1/rn/inspect",
|
|
"/api/v1/rn/files/**",
|
|
"/files/apk/**"
|
|
).permitAll()
|
|
.anyRequest().authenticated()
|
|
)
|
|
.addFilterBefore(new JwtAuthFilter(jwtUtil), UsernamePasswordAuthenticationFilter.class)
|
|
.httpBasic(AbstractHttpConfigurer::disable)
|
|
.formLogin(AbstractHttpConfigurer::disable);
|
|
return http.build();
|
|
}
|
|
|
|
@Bean
|
|
public CorsConfigurationSource corsConfigurationSource() {
|
|
CorsConfiguration config = new CorsConfiguration();
|
|
config.setAllowCredentials(true);
|
|
config.setAllowedOriginPatterns(List.of(
|
|
"http://localhost:*",
|
|
"http://127.0.0.1:*",
|
|
"http://*.xuqinmin.com",
|
|
"https://*.xuqinmin.com"
|
|
));
|
|
config.setAllowedMethods(List.of("GET", "POST", "PUT", "DELETE", "PATCH", "OPTIONS"));
|
|
config.setAllowedHeaders(List.of("*"));
|
|
config.setExposedHeaders(List.of("Location"));
|
|
config.setMaxAge(3600L);
|
|
|
|
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
|
|
source.registerCorsConfiguration("/**", config);
|
|
return source;
|
|
}
|
|
}
|
