3 ani în urmă · 9d827558e5
--- a/mp-framework/src/main/java/com/qs/mp/framework/config/SecurityConfig.java
+++ b/mp-framework/src/main/java/com/qs/mp/framework/config/SecurityConfig.java
@@ -109,16 +109,15 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter
 
				                     "/api/v1/mp/sms/sendSmsCode",
			
 
				                     "/api/v1/mp/user/wxauth/mobile",
			
 
				                     "/api/v1/mp/channel/invite/register",
			
 
				-                    "/api/v1/mp/wx/urlschema/generate",
			
 
				-                    "/api/v1/mp/wx/code/generate",
			
 
				-                    "/api/v1/mp/user/ticket/queryLuckyNum",
			
 
				-                    "/api/v1/mp/user/mall/ticket/detail",
			
 
				-                    "/api/v1/mp/user/mall/ticket/list",
			
 
				-                    "/api/v1/mp/user/exchange/goods/list",
			
 
				-                    "/api/v1/mp/user/exchange/goods/detail",
			
 
				-                    "/api/v1/mp/user/exchange/banner/list",
			
 
				-                    "/api/v1/mp/user/exchange/category/list",
			
 
				-                    "/api/v1/mp/user/exchange/activity/list").anonymous()
			
 
				+                    "/common/download**",
			
 
				+                    "/common/download/resource**",
			
 
				+                    "/swagger-ui.html",
			
 
				+                    "/swagger-resources/**",
			
 
				+                    "/webjars/**",
			
 
				+                    "/*/api-docs",
			
 
				+                    "/druid/**",
			
 
				+                    "/service/notify/**"
			
 
				+                    ).anonymous()
			
 
				                 .antMatchers(
			
 
				                         HttpMethod.GET,
			
 
				                         "/",
			
@@ -131,17 +130,18 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter
 
				                 // 匹配放行 POST 请求，如果携带了 token 也不会进行拦截
			
 
				                 .antMatchers(
			
 
				                         HttpMethod.POST,
			
 
				-                        "/api/v1/mp/user/ticket/hitPrizeBarrage"
			
 
				+                    "/api/v1/mp/wx/urlschema/generate",
			
 
				+                    "/api/v1/mp/wx/code/generate",
			
 
				+                    "/api/v1/mp/user/ticket/queryLuckyNum",
			
 
				+                    "/api/v1/mp/user/ticket/hitPrizeBarrage",
			
 
				+                    "/api/v1/mp/user/mall/ticket/detail",
			
 
				+                    "/api/v1/mp/user/mall/ticket/list",
			
 
				+                    "/api/v1/mp/user/exchange/goods/list",
			
 
				+                    "/api/v1/mp/user/exchange/goods/detail",
			
 
				+                    "/api/v1/mp/user/exchange/banner/list",
			
 
				+                    "/api/v1/mp/user/exchange/category/list",
			
 
				+                    "/api/v1/mp/user/exchange/activity/list"
			
 
				                 ).permitAll()
			
 
				-                .antMatchers("/common/download**").anonymous()
			
 
				-                .antMatchers("/common/download/resource**").anonymous()
			
 
				-                .antMatchers("/swagger-ui.html").anonymous()
			
 
				-                .antMatchers("/swagger-resources/**").anonymous()
			
 
				-                .antMatchers("/webjars/**").anonymous()
			
 
				-                .antMatchers("/*/api-docs").anonymous()
			
 
				-                .antMatchers("/druid/**").anonymous()
			
 
				-                .antMatchers("/service/notify/**").anonymous()
			
 
				-
			
 
				                 // 除上面外的所有请求全部需要鉴权认证
			
 
				                 .anyRequest().authenticated()
			
 
				                 .and()