• 欢迎光临~

0210_【理解】Swagger安全配置

开发技术 开发技术 2022-12-26 次浏览

1、
// https://mvnrepository.com/artifact/org.springframework.boot/spring-boot-starter-security
implementation group: 'org.springframework.boot', name: 'spring-boot-starter-security', version: '2.5.3'

2、
project(":provider-dept-8001") { // 部门微服务

    dependencies {

  

  implementation(project(":common-api")) // 导入公共的子模块
  implementation(libraries.'mybatis-plus-boot-starter')
  implementation(libraries.'mysql-connector-java')
  implementation(libraries.'druid')
  implementation(libraries.'springfox-boot-starter')
  implementation('org.springframework.boot:spring-boot-starter-security')

  }
}

3、
package com.yootk.test;

import org.springframework.security.crypto.factory.PasswordEncoderFactories;

public class TestCreatePassword {

  public static void main(String[] args) {
    String pwd = PasswordEncoderFactories.createDelegatingPasswordEncoder().encode("yootk");
    System.out.println(pwd);
  }

}
}

 

4、
package com.yootk.provider.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.factory.PasswordEncoderFactories;
import org.springframework.security.crypto.password.PasswordEncoder;

@Configuration
public class SwaggerWebSecurityConfig extends WebSecurityConfigurerAdapter { // Swagger安全配置

    // 如果有其他的需要,你可以继续进行数据库的连接配置,具体的讲解已经提供过了

private static final String DEFAULT_PASSWORD ="{bcrypt}$2a$10$bvOY6ixvY5DmgiNW.Z79qeV9abQM9a6NbM1n9sejeUnB98C0kKAMu";

@Bean

 public PasswordEncoder getPasswordEncoder() {

  return PasswordEncoderFactories.createDelegatingPasswordEncoder();

}

@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {

  auth.inMemoryAuthentication() 

    .withUser("swagger") // 默认用户名
    .password(DEFAULT_PASSWORD) // 默认密码
    .roles("USER", "ADMIN");

}

 

@Override
protected void configure(HttpSecurity http) throws Exception {

   http.authorizeRequests()

    .antMatchers("/swagger-ui/**", "/v2/api-docs").hasRole("ADMIN")
    .and().httpBasic().and().formLogin()
    .permitAll().and().csrf().disable();

}

 

}

 

5、
http://provider-dept-8001:8001/swagger-ui

程序员灯塔
转载请注明原文链接:0210_【理解】Swagger安全配置
喜欢 (0)