diff --git a/src/main/java/github/javaguide/springsecurityjwtguide/security/common/constants/SecurityConstants.java b/src/main/java/github/javaguide/springsecurityjwtguide/security/common/constants/SecurityConstants.java index 96709a3022fee0e0bc8f9c0bdeeb71b80135e5af..65544c8455057cdaf9db0b5efe24484e8970a9b8 100644 --- a/src/main/java/github/javaguide/springsecurityjwtguide/security/common/constants/SecurityConstants.java +++ b/src/main/java/github/javaguide/springsecurityjwtguide/security/common/constants/SecurityConstants.java @@ -41,12 +41,17 @@ public final class SecurityConstants { "/webjars/**" }; - // System WHITELIST - public static final String[] SYSTEM_WHITELIST = { + // Post Request System WHITELIST + public static final String[] POST_SYSTEM_WHITELIST = { "/auth/login", "/users/sign-up" }; + // Get Request System WHITELIST + public static final String[] GET_SYSTEM_WHITELIST = { + "/h2-console/**" + }; + private SecurityConstants() { } diff --git a/src/main/java/github/javaguide/springsecurityjwtguide/security/config/SecurityConfiguration.java b/src/main/java/github/javaguide/springsecurityjwtguide/security/config/SecurityConfiguration.java index 6d8ef0858f834ec8915c063bc5909c1c3638a70a..e9ad6f905fa06c291d0572dbbe712c8abf194d75 100644 --- a/src/main/java/github/javaguide/springsecurityjwtguide/security/config/SecurityConfiguration.java +++ b/src/main/java/github/javaguide/springsecurityjwtguide/security/config/SecurityConfiguration.java @@ -56,7 +56,8 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter { // 指定的接口直接放行 // swagger .antMatchers(SecurityConstants.SWAGGER_WHITELIST).permitAll() - .antMatchers(HttpMethod.POST, SecurityConstants.SYSTEM_WHITELIST).permitAll() + .antMatchers(HttpMethod.POST, SecurityConstants.POST_SYSTEM_WHITELIST).permitAll() + .antMatchers(HttpMethod.GET, SecurityConstants.GET_SYSTEM_WHITELIST).permitAll() // 其他的接口都需要认证后才能请求 .anyRequest().authenticated() .and()