From 55f2cdcc58e36210f0c6be9c93488bf37d1c8f5e Mon Sep 17 00:00:00 2001
From: tj <1378534974@qq.com>
Date: 星期四, 20 三月 2025 09:34:16 +0800
Subject: [PATCH] 高级安全防护

---
 src/main/java/com/jsh/erp/config/Swagger2Config.java |   40 +++++++++++++++++++++++++++++++++++-----
 1 files changed, 35 insertions(+), 5 deletions(-)

diff --git a/src/main/java/com/jsh/erp/config/Swagger2Config.java b/src/main/java/com/jsh/erp/config/Swagger2Config.java
index 95c1f1a..042a93e 100644
--- a/src/main/java/com/jsh/erp/config/Swagger2Config.java
+++ b/src/main/java/com/jsh/erp/config/Swagger2Config.java
@@ -5,11 +5,14 @@
 import springfox.documentation.builders.ApiInfoBuilder;
 import springfox.documentation.builders.PathSelectors;
 import springfox.documentation.builders.RequestHandlerSelectors;
-import springfox.documentation.service.ApiInfo;
-import springfox.documentation.service.Contact;
+import springfox.documentation.service.*;
 import springfox.documentation.spi.DocumentationType;
+import springfox.documentation.spi.service.contexts.SecurityContext;
 import springfox.documentation.spring.web.plugins.Docket;
 import springfox.documentation.swagger2.annotations.EnableSwagger2;
+
+import java.util.ArrayList;
+import java.util.List;
 
 /**
  * 插件集成配置
@@ -26,19 +29,46 @@
         return new Docket(DocumentationType.SWAGGER_2)
                 .apiInfo(this.apiInfo())
                 .select()
-                .apis(RequestHandlerSelectors.any())
+                .apis(RequestHandlerSelectors.basePackage("com.jsh.erp.controller"))
                 .paths(PathSelectors.any())
-                .build();
+                .build()
+                // 添加登录认证
+                .securityContexts(securityContexts())
+                .securitySchemes(securitySchemes());
     }
 
     private ApiInfo apiInfo() {
         return new ApiInfoBuilder()
                 .title("云游管理系统 Restful Api")
                 .description("云游管理系统接口描述")
-                .termsOfServiceUrl("http://127.0.0.1")
+                .termsOfServiceUrl("http://localhost:8888/jshERP-boot")
                 .contact(new Contact("jishenghua", "", ""))
                 .version("3.0")
                 .build();
     }
 
+    private List<ApiKey> securitySchemes() {
+        List<ApiKey> apiKeys = new ArrayList<>();
+        apiKeys.add(new ApiKey("Authorization", "Authorization", "header"));
+        return apiKeys;
+    }
+
+    private List<SecurityContext> securityContexts() {
+        List<SecurityContext> securityContexts = new ArrayList<>();
+        securityContexts.add(SecurityContext.builder()
+                .securityReferences(defaultAuth())
+                .forPaths(PathSelectors.regex("^(?!auth).*$"))
+                .build());
+        return securityContexts;
+    }
+
+    private List<SecurityReference> defaultAuth() {
+        AuthorizationScope authorizationScope = new AuthorizationScope("global", "accessEverything");
+        AuthorizationScope[] authorizationScopes = new AuthorizationScope[1];
+        authorizationScopes[0] = authorizationScope;
+        List<SecurityReference> securityReferences = new ArrayList<>();
+        securityReferences.add(new SecurityReference("Authorization", authorizationScopes));
+        return securityReferences;
+    }
+
 }

--
Gitblit v1.9.3