blog/blog-server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

feat: init commit

Browse Source
This commit is contained in:
merlin
2025-10-16 16:57:27 +08:00
commit 4f84603d82
57 changed files with 2243 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

66
src/main/java/xin/merlin/myblog_server/config/CustomUserDetails.java Normal file
View File

@@ -0,0 +1,66 @@
package xin.merlin.myblog_server.config;
import lombok.Getter;
import lombok.Setter;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import java.util.Collection;
public class CustomUserDetails implements UserDetails {
private String username;
private String password;
// Getter 和 Setter
@Setter
@Getter
private String u_id;
@Getter
@Setter
private String role;
private Collection<? extends GrantedAuthority> authorities;
public CustomUserDetails(String username, String password, String u_id,String role, Collection<? extends GrantedAuthority> authorities) {
this.username = username;
this.password = password;
this.u_id = u_id;
this.role = role;
this.authorities = authorities;
}
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
return authorities;
}
@Override
public String getPassword() {
return password;
}
@Override
public String getUsername() {
return username;
}
@Override
public boolean isAccountNonExpired() {
return true;
}
@Override
public boolean isAccountNonLocked() {
return true;
}
@Override
public boolean isCredentialsNonExpired() {
return true;
}
@Override
public boolean isEnabled() {
return true;
}
}

15
src/main/java/xin/merlin/myblog_server/config/JwtProperties.java Normal file
View File

@@ -0,0 +1,15 @@
package xin.merlin.myblog_server.config;
import lombok.Data;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.context.annotation.Configuration;
@Data
@Configuration
@ConfigurationProperties(prefix = "jwt")
public class JwtProperties {
private String secret;
private String issuer;
private String subject;
private long expire; // 秒
}

25
src/main/java/xin/merlin/myblog_server/config/LoginDetails.java Normal file
View File

@@ -0,0 +1,25 @@
package xin.merlin.myblog_server.config;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
import xin.merlin.myblog_server.entity.Account;
import xin.merlin.myblog_server.service.impl.AccountServiceImpl;
import java.util.ArrayList;
@Service
public class LoginDetails implements UserDetailsService {
@Autowired
private AccountServiceImpl accountServiceImpl;
@Override
public CustomUserDetails loadUserByUsername(String u_account) throws UsernameNotFoundException {
Account account = accountServiceImpl.getAccountInfo(u_account);
return new CustomUserDetails(account.getU_account(), account.getU_password(),account.getU_id(), account.getRole(),new ArrayList<>());
}
}

18
src/main/java/xin/merlin/myblog_server/config/MyBatisPlusConfig.java Normal file
View File

@@ -0,0 +1,18 @@
package xin.merlin.myblog_server.config;
import com.baomidou.mybatisplus.extension.plugins.MybatisPlusInterceptor;
import com.baomidou.mybatisplus.extension.plugins.inner.PaginationInnerInterceptor;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
@Configuration
public class MyBatisPlusConfig {
@Bean
public MybatisPlusInterceptor mybatisPlusInterceptor() {
MybatisPlusInterceptor interceptor = new MybatisPlusInterceptor();
interceptor.addInnerInterceptor(new PaginationInnerInterceptor());
return interceptor;
}
}

64
src/main/java/xin/merlin/myblog_server/config/SecurityConfig.java Normal file
View File

@@ -0,0 +1,64 @@
package xin.merlin.myblog_server.config;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.web.servlet.config.annotation.CorsRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
import xin.merlin.myblog_server.security.JWTAuthenticationFilter;
import static org.springframework.security.config.Customizer.withDefaults;
@Configuration
@EnableWebSecurity
public class SecurityConfig {
@Autowired
private JWTAuthenticationFilter jwtAuthenticationFilter;
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http
.cors(withDefaults()) // <<<<<< 这里明确加上 withDefaults()
.csrf(AbstractHttpConfigurer::disable)
.sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
.authorizeHttpRequests(authz -> authz
.requestMatchers(
"/login",
"/register",
"/test",
"/admin/login",
"/admin/register",
"/code/sendcode",
"/code/verifycode"
).permitAll()
.anyRequest().authenticated()
)
.addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
return http.build();
}
// 新增全局CORS配置
@Bean
public WebMvcConfigurer corsConfigurer() {
return new WebMvcConfigurer() {
@Override
public void addCorsMappings(CorsRegistry registry) {
registry.addMapping("/**")
.allowedOriginPatterns("*") // 开发阶段允许所有来源
.allowedMethods("GET", "POST", "PUT", "DELETE", "OPTIONS")
.allowedHeaders("*")
.exposedHeaders("Authorization")
.allowCredentials(true)
.maxAge(3600L);
}
};
}
}