From 7afcbeeb0e1c3003d1e3ef697b614209ea0adc4c Mon Sep 17 00:00:00 2001
From: Helius <wangdoubleone@gmail.com>
Date: Mon, 27 Jun 2022 10:00:59 +0800
Subject: [PATCH] fix

---
 src/main/java/com/xcong/farmer/cms/configurations/security/WebSecurityConfig.java |   12 +++++++++++-
 1 files changed, 11 insertions(+), 1 deletions(-)

diff --git a/src/main/java/com/xcong/farmer/cms/configurations/security/WebSecurityConfig.java b/src/main/java/com/xcong/farmer/cms/configurations/security/WebSecurityConfig.java
index 0fe9e94..e3de21a 100644
--- a/src/main/java/com/xcong/farmer/cms/configurations/security/WebSecurityConfig.java
+++ b/src/main/java/com/xcong/farmer/cms/configurations/security/WebSecurityConfig.java
@@ -1,6 +1,8 @@
 package com.xcong.farmer.cms.configurations.security;
 
+import com.xcong.farmer.cms.configurations.WebMvcConfig;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.boot.autoconfigure.AutoConfigureAfter;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.http.HttpMethod;
@@ -22,6 +24,7 @@
  * @date 2020-05-11
  **/
 @Slf4j
+@AutoConfigureAfter(WebMvcConfig.class)
 @Configuration
 @EnableWebSecurity
 @EnableGlobalMethodSecurity(prePostEnabled = true)
@@ -29,6 +32,7 @@
 
     @Resource
     private UserDetailsService userDetailsService;
+
 
     @Override
     protected void configure(HttpSecurity http) throws Exception {
@@ -39,10 +43,16 @@
                 .authorizeRequests()
                 .antMatchers(HttpMethod.OPTIONS, "/**").permitAll()
                 .antMatchers("/login").permitAll()
+                .antMatchers("/html").permitAll()
                 .antMatchers("/swagger**/**").permitAll()
                 .antMatchers("/webjars/**").permitAll()
                 .antMatchers("/v2/**").permitAll()
-                .antMatchers("/api/common/**").permitAll()
+                .antMatchers("/api/common/login").permitAll()
+                .antMatchers("/api/common/captcha").permitAll()
+                .antMatchers("/api/common/doUpload").permitAll()
+                .antMatchers("/api/common/uploadFile").permitAll()
+                .antMatchers("/api/messageBoard/addMessage").permitAll()
+                .antMatchers("/image/**").permitAll()
                 .anyRequest().authenticated()
                 .and().apply(securityConfiguereAdapter());
     }

--
Gitblit v1.9.1