github
/
eladmin
mirror of https://github.com/elunez/eladmin
1
0
Fork 0
Code Issues Releases Wiki Activity

feat: ️更新Spring Boot版本至2.7.18并重构安全配置

pull/875/head
Jie Zheng 2025-01-21 16:00:41 +08:00
parent b6295a7bdf
commit 0edf43c78e
4 changed files with 11 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -9,7 +9,7 @@
</div> </div>
#### 项目简介 #### 项目简介
一个基于 Spring Boot 2.6.4 、 Spring Boot Jpa、 JWT、Spring Security、Redis、Vue的前后端分离的后台管理系统 一个基于 Spring Boot 2.7.18 、 Spring Boot Jpa、 JWT、Spring Security、Redis、Vue的前后端分离的后台管理系统
现已发布基于 mybatis-plus 版本,项目地址:[https://github.com/elunez/eladmin-mp](https://github.com/elunez/eladmin-mp)、[https://gitee.com/elunez/eladmin-mp](https://gitee.com/elunez/eladmin-mp)。 现已发布基于 mybatis-plus 版本,项目地址:[https://github.com/elunez/eladmin-mp](https://github.com/elunez/eladmin-mp)、[https://gitee.com/elunez/eladmin-mp](https://gitee.com/elunez/eladmin-mp)。

2
eladmin-common/src/main/java/me/zhengjie/base/BaseEntity.java
View File

@ -35,7 +35,7 @@ import java.sql.Timestamp;
/** /**
* is_del * is_del
* @author Zheng Jie * @author Zheng Jie
* @Date 2019102420:46:32 * @date 2019102420:46:32
*/ */
@Getter @Getter
@Setter @Setter

16
eladmin-system/src/main/java/me/zhengjie/modules/security/config/SpringSecurityConfig.java
View File

@ -18,7 +18,6 @@ package me.zhengjie.modules.security.config;
import lombok.RequiredArgsConstructor; import lombok.RequiredArgsConstructor;
import me.zhengjie.modules.security.security.*; import me.zhengjie.modules.security.security.*;
import me.zhengjie.modules.security.service.OnlineUserService; import me.zhengjie.modules.security.service.OnlineUserService;
import me.zhengjie.modules.security.service.UserCacheManager;
import me.zhengjie.utils.AnonTagUtils; import me.zhengjie.utils.AnonTagUtils;
import me.zhengjie.utils.enums.RequestMethodEnum; import me.zhengjie.utils.enums.RequestMethodEnum;
import org.springframework.context.ApplicationContext; import org.springframework.context.ApplicationContext;
@ -27,12 +26,11 @@ import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod; import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.core.GrantedAuthorityDefaults; import org.springframework.security.config.core.GrantedAuthorityDefaults;
import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.web.filter.CorsFilter; import org.springframework.web.filter.CorsFilter;
import java.util.*; import java.util.*;
@ -40,10 +38,9 @@ import java.util.*;
* @author Zheng Jie * @author Zheng Jie
*/ */
@Configuration @Configuration
@EnableWebSecurity
@RequiredArgsConstructor @RequiredArgsConstructor
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true) @EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
public class SpringSecurityConfig extends WebSecurityConfigurerAdapter { public class SpringSecurityConfig {
private final TokenProvider tokenProvider; private final TokenProvider tokenProvider;
private final CorsFilter corsFilter; private final CorsFilter corsFilter;
@ -65,11 +62,11 @@ public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
return new BCryptPasswordEncoder(); return new BCryptPasswordEncoder();
} }
@Override @Bean
protected void configure(HttpSecurity httpSecurity) throws Exception { protected SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {
// 获取匿名标记 // 获取匿名标记
Map<String, Set<String>> anonymousUrls = AnonTagUtils.getAnonymousUrl(applicationContext); Map<String, Set<String>> anonymousUrls = AnonTagUtils.getAnonymousUrl(applicationContext);
httpSecurity return httpSecurity
// 禁用 CSRF // 禁用 CSRF
.csrf().disable() .csrf().disable()
.addFilter(corsFilter) .addFilter(corsFilter)
@ -124,7 +121,8 @@ public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
.antMatchers(anonymousUrls.get(RequestMethodEnum.ALL.getType()).toArray(new String[0])).permitAll() .antMatchers(anonymousUrls.get(RequestMethodEnum.ALL.getType()).toArray(new String[0])).permitAll()
// 所有请求都需要认证 // 所有请求都需要认证
.anyRequest().authenticated() .anyRequest().authenticated()
.and().apply(securityConfigurerAdapter()); .and().apply(securityConfigurerAdapter())
.and().build();
} }
private TokenConfigurer securityConfigurerAdapter() { private TokenConfigurer securityConfigurerAdapter() {

3
pom.xml
View File

@ -21,7 +21,7 @@
<parent> <parent>
<groupId>org.springframework.boot</groupId> <groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId> <artifactId>spring-boot-starter-parent</artifactId>
<version>2.6.6</version> <version>2.7.18</version>
</parent> </parent>
<properties> <properties>
@ -120,6 +120,7 @@
<dependency> <dependency>
<groupId>mysql</groupId> <groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId> <artifactId>mysql-connector-java</artifactId>
<version>8.0.31</version>
<scope>runtime</scope> <scope>runtime</scope>
</dependency> </dependency>