From 6b8709562f9004f94ae6db07ae8187cc9599e341 Mon Sep 17 00:00:00 2001
From: wangzb0 <15738677233@163.com>
Date: Sun, 14 Mar 2021 18:13:47 +0800
Subject: [PATCH] [fix]Access h2 console 401

---
 .../security/common/constants/SecurityConstants.java     | 9 +++++++--
 .../security/config/SecurityConfiguration.java           | 3 ++-
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/src/main/java/github/javaguide/springsecurityjwtguide/security/common/constants/SecurityConstants.java b/src/main/java/github/javaguide/springsecurityjwtguide/security/common/constants/SecurityConstants.java
index 96709a3..65544c8 100644
--- a/src/main/java/github/javaguide/springsecurityjwtguide/security/common/constants/SecurityConstants.java
+++ b/src/main/java/github/javaguide/springsecurityjwtguide/security/common/constants/SecurityConstants.java
@@ -41,12 +41,17 @@ public final class SecurityConstants {
             "/webjars/**"
     };
 
-    // System WHITELIST
-    public static final String[] SYSTEM_WHITELIST = {
+    // Post Request System WHITELIST
+    public static final String[] POST_SYSTEM_WHITELIST = {
             "/auth/login",
             "/users/sign-up"
     };
 
+    // Get Request System WHITELIST
+    public static final String[] GET_SYSTEM_WHITELIST = {
+            "/h2-console/**"
+    };
+
     private SecurityConstants() {
     }
 
diff --git a/src/main/java/github/javaguide/springsecurityjwtguide/security/config/SecurityConfiguration.java b/src/main/java/github/javaguide/springsecurityjwtguide/security/config/SecurityConfiguration.java
index 6d8ef08..e9ad6f9 100644
--- a/src/main/java/github/javaguide/springsecurityjwtguide/security/config/SecurityConfiguration.java
+++ b/src/main/java/github/javaguide/springsecurityjwtguide/security/config/SecurityConfiguration.java
@@ -56,7 +56,8 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
                 // 指定的接口直接放行
                 // swagger
                 .antMatchers(SecurityConstants.SWAGGER_WHITELIST).permitAll()
-                .antMatchers(HttpMethod.POST, SecurityConstants.SYSTEM_WHITELIST).permitAll()
+                .antMatchers(HttpMethod.POST, SecurityConstants.POST_SYSTEM_WHITELIST).permitAll()
+                .antMatchers(HttpMethod.GET, SecurityConstants.GET_SYSTEM_WHITELIST).permitAll()
                 // 其他的接口都需要认证后才能请求
                 .anyRequest().authenticated()
                 .and()
-- 
Gitee