feat(商城): 升级pom依赖

2 years ago · a2c5e2a86e
parent c678b2c4b3
commit a2c5e2a86e
4 changed files with 68 additions and 32 deletions
--- a/pom.xml
+++ b/pom.xml
@ -25,7 +25,7 @@
        <java.version>17</java.version>
        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
        <maven-compiler-plugin.version>3.10.1</maven-compiler-plugin.version>
-        <spring-boot.version>3.0.6</spring-boot.version>
+        <spring-boot.version>3.1.0</spring-boot.version>
        <mysql.connector.java.version>8.0.30</mysql.connector.java.version>
        <lettuce.version>6.2.3.RELEASE</lettuce.version>
        <elasticsearch.version>7.14.0</elasticsearch.version>
@ -41,9 +41,9 @@
        <jwt.version>4.3.0</jwt.version>
        <qiniu.version>7.12.1</qiniu.version>
        <mail.version>2.0.1</mail.version>
-        <spring-boot-admin.version>3.0.2</spring-boot-admin.version>
+        <spring-boot-admin.version>3.0.4</spring-boot-admin.version>
        <xxl-job.version>2.3.1</xxl-job.version>
-        <hutool.version>5.8.15</hutool.version>
+        <hutool.version>5.8.18</hutool.version>
        <easyexcel.version>3.2.1</easyexcel.version>
    </properties>

--- a/waynboot-admin-api/src/main/java/com/wayn/admin/framework/config/SecurityConfig.java
+++ b/waynboot-admin-api/src/main/java/com/wayn/admin/framework/config/SecurityConfig.java
@ -12,6 +12,8 @@ import org.springframework.security.config.annotation.authentication.configurati
 import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
+import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.web.SecurityFilterChain;
@ -38,37 +40,46 @@ public class SecurityConfig {
    public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {
        httpSecurity
                // cors启用
-                .cors().and()
-                // CRSF（跨站请求伪造）禁用，因为不使用session
-                .csrf().disable()
-                // 基于token，所以不需要session
-                .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
-                // 认证失败处理类
-                .exceptionHandling().authenticationEntryPoint(unauthorizedHandler).and()
-                .exceptionHandling().and()
+                .cors(httpSecurityCorsConfigurer -> {
+                })
+                .csrf(AbstractHttpConfigurer::disable)
+                .sessionManagement(httpSecuritySessionManagementConfigurer -> {
+                    httpSecuritySessionManagementConfigurer.sessionCreationPolicy(SessionCreationPolicy.STATELESS);
+                })
+                .exceptionHandling(httpSecurityExceptionHandlingConfigurer -> {
+                    httpSecurityExceptionHandlingConfigurer.authenticationEntryPoint(unauthorizedHandler);
+                })
                // 过滤请求
-                .authorizeHttpRequests()
+                .authorizeHttpRequests(authorizationManagerRequestMatcherRegistry -> {
+                    authorizationManagerRequestMatcherRegistry
+                            .requestMatchers("/favicon.ico", "/login", "/favicon.ico", "/actuator/**").anonymous()
+                            .requestMatchers("/slider/**").anonymous()
+                            .requestMatchers("/captcha/**").anonymous()
+                            .requestMatchers("/upload/**").anonymous()
+                            .requestMatchers("/common/download**").anonymous()
+                            .requestMatchers("/doc.html").anonymous()
+                            .requestMatchers("/swagger-ui/**").anonymous()
+                            .requestMatchers("/swagger-resources/**").anonymous()
+                            .requestMatchers("/webjars/**").anonymous()
+                            .requestMatchers("/*/api-docs").anonymous()
+                            .requestMatchers("/druid/**").anonymous()
+                            .requestMatchers("/elastic/**").anonymous()
+                            .requestMatchers("/message/**").anonymous()
+                            .requestMatchers("/ws/**").anonymous()
+                            // 除上面外的所有请求全部需要鉴权认证
+                            .anyRequest().authenticated();
+                })
+                .headers(httpSecurityHeadersConfigurer -> {
+                    httpSecurityHeadersConfigurer.frameOptions(HeadersConfigurer.FrameOptionsConfig::disable);
+                });
                // 处理跨域请求中的Preflight请求(cors)，设置corsConfigurationSource后无需使用
                // .requestMatchers(CorsUtils::isPreFlightRequest).permitAll()
                // 对于登录login 验证码captchaImage 允许匿名访问
-                .requestMatchers("/favicon.ico", "/login", "/favicon.ico", "/actuator/**").anonymous()
-                .requestMatchers("/slider/**").anonymous()
-                .requestMatchers("/captcha/**").anonymous()
-                .requestMatchers("/upload/**").anonymous()
-                .requestMatchers("/common/download**").anonymous()
-                .requestMatchers("/doc.html").anonymous()
-                .requestMatchers("/swagger-ui/**").anonymous()
-                .requestMatchers("/swagger-resources/**").anonymous()
-                .requestMatchers("/webjars/**").anonymous()
-                .requestMatchers("/*/api-docs").anonymous()
-                .requestMatchers("/druid/**").anonymous()
-                .requestMatchers("/elastic/**").anonymous()
-                .requestMatchers("/message/**").anonymous()
-                .requestMatchers("/ws/**").anonymous()
-                // 除上面外的所有请求全部需要鉴权认证
-                .anyRequest().authenticated().and()
-                .headers().frameOptions().disable();
-        httpSecurity.logout().logoutUrl("/logout").logoutSuccessHandler(logoutSuccessHandler);
+
+        httpSecurity.logout(httpSecurityLogoutConfigurer -> {
+            httpSecurityLogoutConfigurer.logoutUrl("/logout");
+            httpSecurityLogoutConfigurer.logoutSuccessHandler(logoutSuccessHandler);
+        });
        // 添加JWT filter
        httpSecurity.addFilterBefore(jwtAuthenticationTokenFilter, UsernamePasswordAuthenticationFilter.class);
        // 认证用户时用户信息加载配置，注入springAuthUserService
--- a/waynboot-admin-api/src/main/resources/application.yml
+++ b/waynboot-admin-api/src/main/resources/application.yml
@ -73,7 +73,7 @@ wayn:
  name: wayn
  version: 1.2.0
  email: 166738430@qq.com
-  uploadDir: ${UPLOAD_DIR:D:/wayn/upload}
+  uploadDir: ${UPLOAD_DIR:D:/waynboot-mall/upload}
  adminUrl: http://localhost:81
  mobileUrl: http://localhost:82
  ssh-proxy: # ssh端口代理设置，eg:通过ssh连接公网服务器，在通过端口转发访问内网服务器的服务
--- a/waynboot-message-consumer/src/main/resources/application.yml
+++ b/waynboot-message-consumer/src/main/resources/application.yml
@ -4,10 +4,35 @@ server:
 spring:
  application:
    name: waynboot-message-consumer
+  data:
+    redis:
+      host: 127.0.0.1
+      port: 6379
+      password:
+      database: 0
+      timeout: 5000
+      expire: 400
+      lettuce:
+        shutdown-timeout: 100ms
+  # 配置rabbitMq 服务器
+  rabbitmq:
+    host: 127.0.0.1
+    port: 5672
+    username: guest
+    password: guest
+    # 消息确认配置项
+    # 确认消息已发送到交换机(Exchange)
+    publisher-confirm-type: correlated
+    # 确认消息已发送到队列(Queue)
+    publisher-returns: true
+    listener:
+      simple:
+        acknowledge-mode: manual
+        prefetch: 100
  boot:
    admin:
      client:
-        url: http://127.0.0.1:89/boot-admin
+        url: http://localhost:89/boot-admin

 # 日志配置
 logging: