From 94f91c915752586616f3bbf6dcdee1fc8c493cbd Mon Sep 17 00:00:00 2001
From: bunny <1319900154@qq.com>
Date: Sun, 1 Jun 2025 20:32:41 +0800
Subject: [PATCH] =?UTF-8?q?:wrench:=20=E6=9D=83=E9=99=90=E5=B1=9E=E6=80=A7?=
 =?UTF-8?q?=E9=85=8D=E7=BD=AE=E5=8D=95=E7=8B=AC=E6=94=BE=E5=9C=A8=E9=85=8D?=
 =?UTF-8?q?=E7=BD=AE=E6=96=87=E4=BB=B6=E4=B8=AD?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../security/config/WebSecurityConfig.java    | 26 ++++++++++++-------
 .../config/property/AuthorityProperty.java    | 20 ++++++++++++++
 .../src/main/resources/application-auth.yml   | 16 ++++++++++++
 .../src/main/resources/application.yml        |  2 ++
 4 files changed, 54 insertions(+), 10 deletions(-)
 create mode 100644 auth-system/src/main/java/cn/bunny/services/security/config/property/AuthorityProperty.java
 create mode 100644 auth-system/src/main/resources/application-auth.yml

diff --git a/auth-system/src/main/java/cn/bunny/services/security/config/WebSecurityConfig.java b/auth-system/src/main/java/cn/bunny/services/security/config/WebSecurityConfig.java
index 606ab72..bfcd643 100644
--- a/auth-system/src/main/java/cn/bunny/services/security/config/WebSecurityConfig.java
+++ b/auth-system/src/main/java/cn/bunny/services/security/config/WebSecurityConfig.java
@@ -1,9 +1,10 @@
 package cn.bunny.services.security.config;
 
+import cn.bunny.services.security.config.property.AuthorityProperty;
 import cn.bunny.services.security.handelr.SecurityAccessDeniedHandler;
 import cn.bunny.services.security.handelr.SecurityAuthenticationEntryPoint;
 import cn.bunny.services.security.service.CustomAuthorizationManagerServiceImpl;
-import jakarta.annotation.Resource;
+import lombok.RequiredArgsConstructor;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
@@ -17,23 +18,28 @@ import org.springframework.security.web.util.matcher.RegexRequestMatcher;
 @Configuration
 @EnableWebSecurity
 @EnableMethodSecurity
+@RequiredArgsConstructor
 public class WebSecurityConfig {
 
     // 需要排出的无需验证的请求路径
-    public static String[] annotations = {
-            "/", "/ws/**", "/**.html", "/error",
-            "/media.ico", "/favicon.ico", "/webjars/**", "/v3/api-docs/**", "/swagger-ui/**",
-            "/*/*/login", "/*/local-file/**", "/*/*/public/**",
-    };
+    // public static String[] annotations = {
+    //         "/" , "/ws/**" , "/**.html" , "/error" ,
+    //         "/media.ico" , "/favicon.ico" , "/webjars/**" , "/v3/api-docs/**" , "/swagger-ui/**" ,
+    //         "/*/*/login" , "/*/local-file/**" , "/*/*/public/**" ,
+    // };
+    public static String[] annotations;
 
     // 用户登录之后才能访问，不能与接口名称重复！！！不能与接口名称包含！！！
-    public static String[] userAuths = {"private"};
+    // public static String[] userAuths = {"private"};
+    public static String[] userAuths;
 
-    @Resource
-    private CustomAuthorizationManagerServiceImpl customAuthorizationManagerService;
+    private final AuthorityProperty authorityProperty;
+    private final CustomAuthorizationManagerServiceImpl customAuthorizationManagerService;
 
     @Bean
     public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {
+        annotations = authorityProperty.getAnnotations();
+        userAuths = authorityProperty.getUserAuths();
 
         httpSecurity
                 // 前端段分离不需要---禁用明文验证
@@ -55,7 +61,7 @@ public class WebSecurityConfig {
                 .rememberMe(AbstractHttpConfigurer::disable)
                 .authorizeHttpRequests(authorize -> authorize
                         .requestMatchers(annotations).permitAll()
-                        .requestMatchers(RegexRequestMatcher.regexMatcher(".*\\.(css|js)$")).permitAll()
+                        .requestMatchers(RegexRequestMatcher.regexMatcher(".*\\.(css|js)$" )).permitAll()
                         .anyRequest().access(customAuthorizationManagerService)
                 )
                 .exceptionHandling(exception -> {
diff --git a/auth-system/src/main/java/cn/bunny/services/security/config/property/AuthorityProperty.java b/auth-system/src/main/java/cn/bunny/services/security/config/property/AuthorityProperty.java
new file mode 100644
index 0000000..a44231f
--- /dev/null
+++ b/auth-system/src/main/java/cn/bunny/services/security/config/property/AuthorityProperty.java
@@ -0,0 +1,20 @@
+package cn.bunny.services.security.config.property;
+
+import lombok.Getter;
+import lombok.Setter;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.context.annotation.Configuration;
+
+@Getter
+@Setter
+@Configuration
+@ConfigurationProperties(prefix = "auth" )
+public class AuthorityProperty {
+
+    /* 需要排出的无需验证的请求路径 */
+    private String[] annotations;
+
+    /* 用户登录之后才能访问，不能与接口名称重复和包含！！！ */
+    private String[] userAuths;
+
+}
diff --git a/auth-system/src/main/resources/application-auth.yml b/auth-system/src/main/resources/application-auth.yml
new file mode 100644
index 0000000..c5ccce6
--- /dev/null
+++ b/auth-system/src/main/resources/application-auth.yml
@@ -0,0 +1,16 @@
+auth:
+  annotations:
+    - /
+    - /ws/**
+    - /**.html
+    - /error
+    - /media.ico
+    - /favicon.ico
+    - /webjars/**
+    - /v3/api-docs/**
+    - /swagger-ui/**
+    - /*/*/login
+    - /*/local-file/**
+    - /*/*/public/**
+  user-auths:
+    - private
\ No newline at end of file
diff --git a/auth-system/src/main/resources/application.yml b/auth-system/src/main/resources/application.yml
index 8927ca5..1dab9c6 100644
--- a/auth-system/src/main/resources/application.yml
+++ b/auth-system/src/main/resources/application.yml
@@ -6,6 +6,8 @@ server:
 spring:
   profiles:
     active: @profiles.active@
+    include:
+      - auth
   # main:
   #   lazy-initialization: true
   application: