Commit 144c524e67ede36ccdcbc9faaa8568cc30fa28a8
1 parent
797e9fb5
refactor(usr): widen permitAll to /api/usr/** + bcrypt bean REQ-USR-001
Showing
1 changed file
with
7 additions
and
0 deletions
backend/src/main/java/com/xly/erp/common/security/SecurityConfig.java
| ... | ... | @@ -5,6 +5,7 @@ import org.springframework.context.annotation.Bean; |
| 5 | 5 | import org.springframework.context.annotation.Configuration; |
| 6 | 6 | import org.springframework.security.config.annotation.web.builders.HttpSecurity; |
| 7 | 7 | import org.springframework.security.config.http.SessionCreationPolicy; |
| 8 | +import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; | |
| 8 | 9 | import org.springframework.security.web.SecurityFilterChain; |
| 9 | 10 | import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; |
| 10 | 11 | |
| ... | ... | @@ -25,9 +26,15 @@ public class SecurityConfig { |
| 25 | 26 | .authorizeHttpRequests(auth -> auth |
| 26 | 27 | // REQ-MOD-001 stub: see USR-004 follow-up — 角色硬校验在 USR-004 完成后回填为 hasAuthority('SUPER_ADMIN') |
| 27 | 28 | .requestMatchers("/api/mod/**").permitAll() |
| 29 | + .requestMatchers("/api/usr/**").permitAll() | |
| 28 | 30 | .anyRequest().authenticated() |
| 29 | 31 | ) |
| 30 | 32 | .addFilterBefore(jwtFilter, UsernamePasswordAuthenticationFilter.class); |
| 31 | 33 | return http.build(); |
| 32 | 34 | } |
| 35 | + | |
| 36 | + @Bean | |
| 37 | + public BCryptPasswordEncoder bCryptPasswordEncoder() { | |
| 38 | + return new BCryptPasswordEncoder(); | |
| 39 | + } | |
| 33 | 40 | } | ... | ... |