Merge branch 'dev-ltx' into dev/dev_xp

2025-12-03 16:53:17 +08:00
parent bd69793a72 a643338916
commit 22bc8750c8
3 changed files with 21 additions and 3 deletions
--- a/src/main/java/com/ai/da/common/security/config/SecurityConfig.java
+++ b/src/main/java/com/ai/da/common/security/config/SecurityConfig.java
@@ -18,6 +18,7 @@ import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
+import org.springframework.security.web.util.matcher.AntPathRequestMatcher;

 import jakarta.annotation.Resource;

@@ -60,6 +61,15 @@ public class SecurityConfig {
        httpSecurity
                .cors(Customizer.withDefaults())
                .authorizeHttpRequests(auth -> auth
+                        .requestMatchers(
+                                new AntPathRequestMatcher("/doc.html"),
+                                new AntPathRequestMatcher("/swagger-ui.html"),
+                                new AntPathRequestMatcher("/swagger-ui/**"),
+                                new AntPathRequestMatcher("/swagger-resources/**"),
+                                new AntPathRequestMatcher("/v2/api-docs"),
+                                new AntPathRequestMatcher("/v3/api-docs/**"),
+                                new AntPathRequestMatcher("/webjars/**")
+                        ).permitAll()
                        .requestMatchers(securityProperties.getIgnorePaths()).permitAll()
                        .anyRequest().authenticated()
                )
--- a/src/main/java/com/ai/da/common/security/filter/AuthenticationFilter.java
+++ b/src/main/java/com/ai/da/common/security/filter/AuthenticationFilter.java
@@ -42,8 +42,11 @@ public class AuthenticationFilter extends OncePerRequestFilter {
    private SecurityProperties properties;

    private static final List<String> FILTER_URL =
-            Arrays.asList("/favicon.ico", "/doc.html", "/api/account/login", "/api/account/preLogin", "api/account/sendEmail","api/account/noLoginRequired",
-                    "/webjars/", "/swagger-resources", "/v2/api-docs", "/api/account/resetPwd",
+            Arrays.asList("/favicon.ico", "/doc.html", "/swagger-ui.html",
+                    "/swagger-resources", "/swagger-resources/", "/swagger-resources/configuration/ui", "/swagger-resources/configuration/security",
+                    "/webjars/", "/v2/api-docs", "/v3/api-docs", "/v3/api-docs/swagger-config",
+                    "/api/account/login", "/api/account/preLogin", "api/account/sendEmail","api/account/noLoginRequired",
+                    "/api/account/resetPwd",
                    "/api/python/saveGeneratePicture", "/api/python/getLibraryByUserId",
                    "/api/third/party/addUser","/api/third/party/addTrialUser", "/api/third/party/editUser", "/api/element/initDefaultSysFile",
                    "/api/third/party/addNoLoginRequiredNew","/api/third/party/deleteNoLoginRequiredNew","/api/third/party/updateNoLoginRequiredNew",