diff --git a/pom.xml b/pom.xml
index 5b4d83c3..db8b8b4d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -135,9 +135,14 @@
com.github.xiaoymin
- knife4j-openapi3-spring-boot-starter
+ knife4j-openapi3-jakarta-spring-boot-starter
4.4.0
+
+ org.springdoc
+ springdoc-openapi-starter-webmvc-ui
+ 2.3.0
+
io.swagger
diff --git a/src/main/java/com/ai/da/common/security/config/SecurityConfig.java b/src/main/java/com/ai/da/common/security/config/SecurityConfig.java
index 5473978e..67577e14 100644
--- a/src/main/java/com/ai/da/common/security/config/SecurityConfig.java
+++ b/src/main/java/com/ai/da/common/security/config/SecurityConfig.java
@@ -18,6 +18,7 @@ import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
+import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import jakarta.annotation.Resource;
@@ -60,6 +61,15 @@ public class SecurityConfig {
httpSecurity
.cors(Customizer.withDefaults())
.authorizeHttpRequests(auth -> auth
+ .requestMatchers(
+ new AntPathRequestMatcher("/doc.html"),
+ new AntPathRequestMatcher("/swagger-ui.html"),
+ new AntPathRequestMatcher("/swagger-ui/**"),
+ new AntPathRequestMatcher("/swagger-resources/**"),
+ new AntPathRequestMatcher("/v2/api-docs"),
+ new AntPathRequestMatcher("/v3/api-docs/**"),
+ new AntPathRequestMatcher("/webjars/**")
+ ).permitAll()
.requestMatchers(securityProperties.getIgnorePaths()).permitAll()
.anyRequest().authenticated()
)
diff --git a/src/main/java/com/ai/da/common/security/filter/AuthenticationFilter.java b/src/main/java/com/ai/da/common/security/filter/AuthenticationFilter.java
index 0c2236e8..726b015a 100644
--- a/src/main/java/com/ai/da/common/security/filter/AuthenticationFilter.java
+++ b/src/main/java/com/ai/da/common/security/filter/AuthenticationFilter.java
@@ -42,8 +42,11 @@ public class AuthenticationFilter extends OncePerRequestFilter {
private SecurityProperties properties;
private static final List FILTER_URL =
- Arrays.asList("/favicon.ico", "/doc.html", "/api/account/login", "/api/account/preLogin", "api/account/sendEmail","api/account/noLoginRequired",
- "/webjars/", "/swagger-resources", "/v2/api-docs", "/api/account/resetPwd",
+ Arrays.asList("/favicon.ico", "/doc.html", "/swagger-ui.html",
+ "/swagger-resources", "/swagger-resources/", "/swagger-resources/configuration/ui", "/swagger-resources/configuration/security",
+ "/webjars/", "/v2/api-docs", "/v3/api-docs", "/v3/api-docs/swagger-config",
+ "/api/account/login", "/api/account/preLogin", "api/account/sendEmail","api/account/noLoginRequired",
+ "/api/account/resetPwd",
"/api/python/saveGeneratePicture", "/api/python/getLibraryByUserId",
"/api/third/party/addUser","/api/third/party/addTrialUser", "/api/third/party/editUser", "/api/element/initDefaultSysFile",
"/api/third/party/addNoLoginRequiredNew","/api/third/party/deleteNoLoginRequiredNew","/api/third/party/updateNoLoginRequiredNew",