1、增加访问数量

2、主页的样式修改 3、头像自定义实现 4、注册修改为自动跳转到登录页面，登录失败友好提示，不进行跳转页面处理 5、博客增加私密的功能
2022-05-15 18:40:41 +08:00
parent 12ff775d36
commit e51efb81f4
64 changed files with 358 additions and 317 deletions
--- a/src/main/java/com/quinn/config/SecurityConfig.java
+++ b/src/main/java/com/quinn/config/SecurityConfig.java
@@ -8,18 +8,8 @@ import org.springframework.security.config.annotation.method.configuration.Enabl
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
-import org.springframework.security.web.AuthenticationEntryPoint;
-import org.springframework.security.web.authentication.AuthenticationEntryPointFailureHandler;
-import org.springframework.security.web.authentication.AuthenticationFailureHandler;
-
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-import java.io.PrintWriter;

@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
@@ -37,10 +27,12 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
        // .permitAll();    //无条件允许访问
        // 访问权限
        http.authorizeRequests()
-                .antMatchers("/","/index").permitAll()
-                .antMatchers("/register","/login","/toLogin").permitAll()
+                .antMatchers("/","/index","/favicon.ico").permitAll()
+                .antMatchers("/register","/login","/toLogin","/checkLogin").permitAll()
                .antMatchers("/source","/source/view/*").permitAll()
                .antMatchers("/blog","/blog/read/*").permitAll()
+                .antMatchers("/search/**").permitAll()
+                .antMatchers("//about").permitAll()
                .antMatchers("/hotspot").permitAll()
                .antMatchers("/blog/**").authenticated()
                .antMatchers("/source/**").authenticated()
@@ -54,7 +46,6 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
                .passwordParameter("password")
                .loginPage("/toLogin")
                .loginProcessingUrl("/login") // 登陆表单提交请求
-                .failureForwardUrl("/loginError")
                .defaultSuccessUrl("/index"); // 设置默认登录成功后跳转的页面

        // 注销配置
@@ -63,8 +54,8 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
        http.csrf().disable();//关闭csrf功能:跨站请求伪造,默认只能通过post方式提交logout请求
        http.logout().logoutSuccessUrl("/");

-        // 记住我配置
-        http.rememberMe().rememberMeParameter("remember");
+        // 记住我配置 默认为remember-me
+//        http.rememberMe().rememberMeParameter("remember");
    }

    // 用户授权验证