配置API绕过权限验证

dayun-admin/src/main/java/com/jjt/biz/controller/ApiController.java

@@ -0,0 +1,75 @@
+package com.jjt.biz.controller;
+
+import com.jjt.biz.domain.DeviceInfo;
+import com.jjt.biz.domain.KeyInfo;
+import com.jjt.biz.domain.VenueInfo;
+import com.jjt.biz.domain.WifiInfo;
+import com.jjt.biz.service.*;
+import com.jjt.common.annotation.Log;
+import com.jjt.common.core.controller.BaseController;
+import com.jjt.common.core.domain.AjaxResult;
+import com.jjt.common.core.page.TableDataInfo;
+import com.jjt.common.enums.BusinessType;
+import com.jjt.common.utils.poi.ExcelUtil;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.web.bind.annotation.*;
+
+import javax.annotation.Resource;
+import javax.servlet.http.HttpServletResponse;
+import java.util.List;
+
+/**
+ * 关键字Controller
+ *
+ * @author ruoyi
+ * @date 2023-07-06
+ */
+@RestController
+@RequestMapping("/api")
+public class ApiController extends BaseController {
+    @Resource
+    private IDeviceInfoService deviceInfoService;
+    @Resource
+    private IWifiInfoService wifiInfoService;
+    @Resource
+    private IBluetoothInfoService bluetoothInfoService;
+    @Resource
+    private IVenueInfoService venueInfoService;
+
+    /**
+     * 设备注册接口
+     */
+    @Log(title = "设备", businessType = BusinessType.INSERT)
+    @PostMapping("/device")
+    public AjaxResult device(DeviceInfo deviceInfo) {
+        return toAjax(deviceInfoService.insertDeviceInfo(deviceInfo));
+    }
+
+    /**
+     * WIFI上传
+     */
+    @Log(title = "WIFI", businessType = BusinessType.INSERT)
+    @PostMapping("/wifi")
+    public AjaxResult wifi(List<WifiInfo> infoList) {
+        return null;
+    }
+
+    /**
+     * 蓝牙上传
+     */
+    @Log(title = "蓝牙", businessType = BusinessType.INSERT)
+    @PostMapping("/bluetooth")
+    public AjaxResult bluetooth(List<WifiInfo> infoList) {
+        return null;
+    }
+
+    /**
+     * 获取场馆信息
+     */
+    @GetMapping("/venue")
+    public TableDataInfo venue() {
+        List<VenueInfo> list = venueInfoService.selectVenueInfoList(null);
+        return getDataTable(list);
+    }
+}

dayun-framework/src/main/java/com/jjt/framework/config/SecurityConfig.java

@@ -22,18 +22,17 @@ import com.jjt.framework.security.handle.LogoutSuccessHandlerImpl;
 
 /**
  * spring security配置
- * 
+ *
  * @author ruoyi
  */
 @EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
-public class SecurityConfig extends WebSecurityConfigurerAdapter
-{
+public class SecurityConfig extends WebSecurityConfigurerAdapter {
     /**
      * 自定义用户认证逻辑
      */
     @Autowired
     private UserDetailsService userDetailsService;
-    
+
     /**
      * 认证失败处理类
      */
@@ -51,7 +50,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter
      */
     @Autowired
     private JwtAuthenticationTokenFilter authenticationTokenFilter;
-    
+
     /**
      * 跨域过滤器
      */
@@ -72,8 +71,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter
      */
     @Bean
     @Override
-    public AuthenticationManager authenticationManagerBean() throws Exception
-    {
+    public AuthenticationManager authenticationManagerBean() throws Exception {
         return super.authenticationManagerBean();
     }
 
@@ -93,8 +91,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter
      * authenticated       |   用户登录后可访问
      */
     @Override
-    protected void configure(HttpSecurity httpSecurity) throws Exception
-    {
+    protected void configure(HttpSecurity httpSecurity) throws Exception {
         // 注解标记允许匿名访问的url
         ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry registry = httpSecurity.authorizeRequests();
         permitAllUrl.getUrls().forEach(url -> registry.antMatchers(url).permitAll());
@@ -112,6 +109,8 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter
                 .authorizeRequests()
                 // 对于登录login 注册register 验证码captchaImage 允许匿名访问
                 .antMatchers("/login", "/register", "/captchaImage").permitAll()
+                // 增加API接口允许匿名访问
+                .antMatchers("/api/**").permitAll()
                 // 静态资源，可匿名访问
                 .antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll()
                 .antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**").permitAll()
@@ -132,8 +131,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter
      * 强散列哈希加密实现
      */
     @Bean
-    public BCryptPasswordEncoder bCryptPasswordEncoder()
-    {
+    public BCryptPasswordEncoder bCryptPasswordEncoder() {
         return new BCryptPasswordEncoder();
     }
 
@@ -141,8 +139,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter
      * 身份认证接口
      */
     @Override
-    protected void configure(AuthenticationManagerBuilder auth) throws Exception
-    {
+    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
         auth.userDetailsService(userDetailsService).passwordEncoder(bCryptPasswordEncoder());
     }
 }