fdzcxy212206231
/
bloggingplatform
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

登录已连接

Browse Source
feature-branch
今日不开张 4 months ago
parent 32c9f424b1
commit d9548a4fce
7 changed files with 2326 additions and 48 deletions
Show Stats Download Patch File Download Diff File

BIN
demo/data/mydb.mv.db
View File

Binary file not shown.

2273
demo/data/mydb.trace.db
View File

File diff suppressed because it is too large Load Diff

15
demo/src/main/java/com/example/demo/config/AppConfig.java
Unescape View File

@ -1,15 +0,0 @@
package com.example.demo.config;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
@Configuration
public class AppConfig {
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
}

23
demo/src/main/java/com/example/demo/config/CorsConfig.java
Unescape View File

@ -1,23 +0,0 @@
package com.example.demo.config;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import org.springframework.web.filter.CorsFilter;
@Configuration
public class CorsConfig {
@Bean
public CorsFilter corsFilter() {
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
CorsConfiguration config = new CorsConfiguration();
config.setAllowCredentials(true); // 允许携带凭证如cookies
config.addAllowedOrigin("http://localhost:5173"); // 允许来自Vue.js开发服务器的请求
config.addAllowedHeader("*"); // 允许所有头部
config.addAllowedMethod("*"); // 允许所有HTTP方法
source.registerCorsConfiguration("/**", config); // 应用到所有路径
return new CorsFilter(source);
}
}

58
demo/src/main/java/com/example/demo/config/SecurityConfig.java
Unescape View File

@ -2,37 +2,79 @@ package com.example.demo.config;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.ProviderManager;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.SecurityFilterChain;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import java.util.List;
@Configuration @Configuration
@EnableWebSecurity @EnableWebSecurity
public class SecurityConfig { public class SecurityConfig {
private final UserDetailsService userDetailsService;
public SecurityConfig(UserDetailsService userDetailsService) {
this.userDetailsService = userDetailsService;
}
@Bean @Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
http http
.cors().and() .cors(cors -> cors.configurationSource(corsConfigurationSource()))
.csrf().disable()
.authorizeHttpRequests(authorize -> authorize .authorizeHttpRequests(authorize -> authorize
.requestMatchers("/api/users/register", "/api/users/login").permitAll() // 允许注册和登录请求 .requestMatchers("/api/users/register", "/api/users/login").permitAll()
.anyRequest().authenticated() // 其他所有请求都需要认证 .anyRequest().authenticated()
) )
.sessionManagement(session -> session .sessionManagement(session -> session
.sessionCreationPolicy(SessionCreationPolicy.STATELESS) // 如果不使用会话状态例如使用JWT可以设置为STATELESS .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
); )
.csrf().disable();
return http.build(); return http.build();
} }
private UrlBasedCorsConfigurationSource corsConfigurationSource() {
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
CorsConfiguration config = new CorsConfiguration();
config.setAllowCredentials(true);
config.addAllowedOrigin("http://localhost:5173");
config.addAllowedHeader("*");
config.addAllowedMethod(HttpMethod.GET);
config.addAllowedMethod(HttpMethod.POST);
config.addAllowedMethod(HttpMethod.PUT);
config.addAllowedMethod(HttpMethod.DELETE);
config.addAllowedMethod(HttpMethod.OPTIONS);
source.registerCorsConfiguration("/**", config);
return source;
}
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
@Bean
public AuthenticationProvider authenticationProvider() {
DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider();
authProvider.setUserDetailsService(userDetailsService);
authProvider.setPasswordEncoder(passwordEncoder());
return authProvider;
}
@Bean @Bean
public AuthenticationManager authenticationManager(org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration authConfig) throws Exception { public AuthenticationManager authenticationManager(AuthenticationProvider authenticationProvider) {
return authConfig.getAuthenticationManager(); return new ProviderManager(List.of(authenticationProvider));
} }
} }

2
demo/src/main/java/com/example/demo/controller/UserController.java
Unescape View File

@ -16,7 +16,7 @@ import org.springframework.web.bind.annotation.*;
@RestController @RestController
@CrossOrigin(origins = "http://localhost:5137") // 允许来自前端开发服务器的请求 @CrossOrigin(origins = "http://localhost:5137/") // 允许来自前端开发服务器的请求
@RequestMapping("/api/users") @RequestMapping("/api/users")
public class UserController { public class UserController {

1
demo/src/main/resources/application.properties
Unescape View File

@ -20,3 +20,4 @@ spring.h2.console.path=/h2-console # 注意这里修复了路径拼写错误
server.error.include-stacktrace=always server.error.include-stacktrace=always
server.error.include-message=always server.error.include-message=always
logging.level.org.springframework.security=DEBUG
Write Preview
Loading…
Cancel
Save