调整框架及订单模块

2025-11-03 17:36:17 +08:00
parent 4f9b9c29a3
commit 323cae015f
67 changed files with 202 additions and 216 deletions
--- a/tashow-framework/tashow-framework-security/src/main/java/com/tashow/cloud/security/security/config/SecurityProperties.java
+++ b/tashow-framework/tashow-framework-security/src/main/java/com/tashow/cloud/security/security/config/SecurityProperties.java
@@ -9,7 +9,7 @@ import jakarta.validation.constraints.NotNull;
 import java.util.Collections;
 import java.util.List;

-@ConfigurationProperties(prefix = "yudao.security")
+@ConfigurationProperties(prefix = "tashow.security")
@Validated
@Data
 public class SecurityProperties {
--- a/tashow-framework/tashow-framework-security/src/main/java/com/tashow/cloud/security/security/config/WebSecurityConfigurerAdapter.java
+++ b/tashow-framework/tashow-framework-security/src/main/java/com/tashow/cloud/security/security/config/WebSecurityConfigurerAdapter.java
@@ -138,7 +138,10 @@ public class WebSecurityConfigurerAdapter {
                    .requestMatchers(HttpMethod.PATCH, permitAllUrls.get(HttpMethod.PATCH).toArray(new String[0])).permitAll()
                    // 1.3 基于 tashow.security.permit-all-urls 无需认证
                    .requestMatchers(securityProperties.getPermitAllUrls().toArray(new String[0])).permitAll()
+
                )
+                //app-api 不在security控制权限
+                .authorizeHttpRequests(c->c.requestMatchers(webProperties.getAppApi().getPrefix()+"/**").permitAll())
                // ②：每个项目的自定义规则
                .authorizeHttpRequests(c -> authorizeRequestsCustomizers.forEach(customizer -> customizer.customize(c)))
                // ③：兜底规则，必须认证