| | |
|---|
| | | // 过滤请求 |
|---|
| | | .authorizeRequests() |
|---|
| | | // 对于登录login 注册register 验证码captchaImage 允许匿名访问 |
|---|
| | | .antMatchers("/login", "/register", "/captchaImage").permitAll() |
|---|
| | | .antMatchers("/login", "/register", "/captchaImage","/qrCode/getInf","/common/downLoadFile").permitAll() |
|---|
| | | // 静态资源,可匿名访问 |
|---|
| | | .antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll() |
|---|
| | | .antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**").permitAll() |
|---|
| | | .antMatchers("/login/**").permitAll() |
|---|
| | | .antMatchers("/login/**","/log/list","/**/version").permitAll() |
|---|
| | | // 除上面外的所有请求全部需要鉴权认证 |
|---|
| | | .anyRequest().authenticated() |
|---|
| | | .and() |
|---|
