diff --git a/blog-backend/src/main/java/cn/hamster3/application/blog/config/WebConfig.java b/blog-backend/src/main/java/cn/hamster3/application/blog/config/WebConfig.java index d152bcc..551fc7f 100644 --- a/blog-backend/src/main/java/cn/hamster3/application/blog/config/WebConfig.java +++ b/blog-backend/src/main/java/cn/hamster3/application/blog/config/WebConfig.java @@ -1,6 +1,5 @@ package cn.hamster3.application.blog.config; -import lombok.extern.slf4j.Slf4j; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.data.domain.AuditorAware; @@ -13,7 +12,6 @@ import org.springframework.security.crypto.password.PasswordEncoder; import java.util.Optional; @Configuration -@Slf4j public class WebConfig { @Bean public PasswordEncoder getPasswordEncoder() { @@ -31,4 +29,5 @@ public class WebConfig { return Optional.of(user.getUsername()); }; } + } diff --git a/blog-backend/src/main/java/cn/hamster3/application/blog/config/security/DevSecurityConfiguration.java b/blog-backend/src/main/java/cn/hamster3/application/blog/config/security/DevSecurityConfiguration.java index 631e192..b714211 100644 --- a/blog-backend/src/main/java/cn/hamster3/application/blog/config/security/DevSecurityConfiguration.java +++ b/blog-backend/src/main/java/cn/hamster3/application/blog/config/security/DevSecurityConfiguration.java @@ -6,6 +6,8 @@ import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Profile; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.web.SecurityFilterChain; +import org.springframework.web.servlet.config.annotation.CorsRegistry; +import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; @Slf4j @Configuration @@ -15,12 +17,29 @@ public class DevSecurityConfiguration { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { log.info("development environment security settings enabled."); return http.authorizeHttpRequests(request -> request - .anyRequest().permitAll() - ).csrf().disable() + .anyRequest().permitAll()) + .cors().and() + .csrf().disable() .formLogin() .and() .httpBasic() .and() .build(); } + + @Bean + public WebMvcConfigurer corsConfigurer() { + log.info("add cors configuration..."); + return new WebMvcConfigurer() { + @Override + public void addCorsMappings(CorsRegistry registry) { + registry.addMapping("/**") + .allowedOriginPatterns("*") + .allowedMethods("*") + .allowedHeaders("*") + .allowCredentials(true) + .maxAge(3600); + } + }; + } } diff --git a/blog-backend/src/main/java/cn/hamster3/application/blog/config/security/SecurityConfiguration.java b/blog-backend/src/main/java/cn/hamster3/application/blog/config/security/SecurityConfiguration.java index bca77c7..2418036 100644 --- a/blog-backend/src/main/java/cn/hamster3/application/blog/config/security/SecurityConfiguration.java +++ b/blog-backend/src/main/java/cn/hamster3/application/blog/config/security/SecurityConfiguration.java @@ -16,13 +16,14 @@ public class SecurityConfiguration { SecurityFilterChain filterChain(HttpSecurity http) throws Exception { log.info("production environment security settings enabled."); return http.authorizeHttpRequests(request -> request - .requestMatchers(HttpMethod.GET, "/", "/index", "/index.html").permitAll() - .requestMatchers(HttpMethod.GET, "/favicon.ico", "/assets/**").permitAll() - .requestMatchers(HttpMethod.GET, "/register", "/login").permitAll() - .requestMatchers(HttpMethod.GET, "/swagger-ui/**", "v3/api-docs/**").permitAll() - .requestMatchers(HttpMethod.POST, "/api/v1/user/").anonymous() - .anyRequest().authenticated() - ).csrf().disable() + .requestMatchers(HttpMethod.GET, "/", "/index", "/index.html").permitAll() + .requestMatchers(HttpMethod.GET, "/favicon.ico", "/assets/**").permitAll() + .requestMatchers(HttpMethod.GET, "/register", "/login").permitAll() + .requestMatchers(HttpMethod.GET, "/swagger-ui/**", "v3/api-docs/**").permitAll() + .requestMatchers(HttpMethod.POST, "/api/v1/user/").anonymous() + .anyRequest().authenticated()) + .cors().and() + .csrf().disable() .formLogin() .and() .httpBasic() diff --git a/blog-backend/src/main/java/cn/hamster3/application/blog/config/security/UserDetailServiceImpl.java b/blog-backend/src/main/java/cn/hamster3/application/blog/config/security/UserDetailServiceImpl.java index 20bcbde..51853f2 100644 --- a/blog-backend/src/main/java/cn/hamster3/application/blog/config/security/UserDetailServiceImpl.java +++ b/blog-backend/src/main/java/cn/hamster3/application/blog/config/security/UserDetailServiceImpl.java @@ -3,7 +3,6 @@ package cn.hamster3.application.blog.config.security; import cn.hamster3.application.blog.dao.UserRepository; import cn.hamster3.application.blog.entity.UserEntity; import jakarta.annotation.Resource; -import org.hibernate.Hibernate; import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.userdetails.User; import org.springframework.security.core.userdetails.UserDetails; diff --git a/blog-backend/src/main/java/cn/hamster3/application/blog/controller/BlogController.java b/blog-backend/src/main/java/cn/hamster3/application/blog/controller/BlogController.java index ec1ea96..afaac7d 100644 --- a/blog-backend/src/main/java/cn/hamster3/application/blog/controller/BlogController.java +++ b/blog-backend/src/main/java/cn/hamster3/application/blog/controller/BlogController.java @@ -2,6 +2,7 @@ package cn.hamster3.application.blog.controller; import cn.hamster3.application.blog.entity.BlogEntity; import cn.hamster3.application.blog.vo.ResponseVO; + import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; diff --git a/blog-backend/src/main/java/cn/hamster3/application/blog/dao/UserEntityRepository.java b/blog-backend/src/main/java/cn/hamster3/application/blog/dao/UserEntityRepository.java deleted file mode 100644 index e83db9b..0000000 --- a/blog-backend/src/main/java/cn/hamster3/application/blog/dao/UserEntityRepository.java +++ /dev/null @@ -1,13 +0,0 @@ -package cn.hamster3.application.blog.dao; - -import cn.hamster3.application.blog.entity.BlogEntity; -import cn.hamster3.application.blog.entity.UserEntity; -import org.springframework.data.jpa.repository.JpaRepository; -import org.springframework.data.jpa.repository.JpaSpecificationExecutor; - -import java.util.Optional; -import java.util.UUID; - -public interface UserEntityRepository extends JpaRepository, JpaSpecificationExecutor { - Optional findByEmailOrUsername(String email, String username); -} \ No newline at end of file diff --git a/blog-backend/src/main/java/cn/hamster3/application/blog/dao/UserRepository.java b/blog-backend/src/main/java/cn/hamster3/application/blog/dao/UserRepository.java new file mode 100644 index 0000000..819a507 --- /dev/null +++ b/blog-backend/src/main/java/cn/hamster3/application/blog/dao/UserRepository.java @@ -0,0 +1,19 @@ +package cn.hamster3.application.blog.dao; + +import cn.hamster3.application.blog.entity.BlogEntity; +import cn.hamster3.application.blog.entity.UserEntity; +import org.springframework.data.jpa.repository.EntityGraph; +import org.springframework.data.jpa.repository.JpaRepository; +import org.springframework.data.jpa.repository.JpaSpecificationExecutor; + +import java.util.Optional; +import java.util.UUID; + +public interface UserRepository extends JpaRepository, JpaSpecificationExecutor { + boolean existsByNicknameIgnoreCase(String nickname); + + boolean existsByEmailIgnoreCase(String email); + + @EntityGraph(attributePaths = {"permissions"}) + Optional findByEmailOrNicknameAllIgnoreCase(String email, String nickname, Class type); +} \ No newline at end of file