diff --git a/pom.xml b/pom.xml
index 5b3e945d..5f077f10 100644
--- a/pom.xml
+++ b/pom.xml
@@ -162,22 +162,17 @@
1.4.6
+
org.springdoc
springdoc-openapi-ui
- 1.7.0
-
-
- org.yaml
- snakeyaml
-
-
+ 1.6.10
- org.yaml
- snakeyaml
- 2.2
+ org.springdoc
+ springdoc-openapi-security
+ 1.6.10
diff --git a/src/main/java/com/genersoft/iot/vmp/conf/SpringDocConfig.java b/src/main/java/com/genersoft/iot/vmp/conf/SpringDocConfig.java
index 587518f1..0a472f82 100644
--- a/src/main/java/com/genersoft/iot/vmp/conf/SpringDocConfig.java
+++ b/src/main/java/com/genersoft/iot/vmp/conf/SpringDocConfig.java
@@ -1,9 +1,12 @@
package com.genersoft.iot.vmp.conf;
+import com.genersoft.iot.vmp.conf.security.JwtUtils;
+import io.swagger.v3.oas.models.Components;
import io.swagger.v3.oas.models.OpenAPI;
import io.swagger.v3.oas.models.info.Contact;
import io.swagger.v3.oas.models.info.Info;
import io.swagger.v3.oas.models.info.License;
+import io.swagger.v3.oas.models.security.SecurityScheme;
import org.springframework.core.annotation.Order;
import org.springdoc.core.GroupedOpenApi;
import org.springframework.beans.factory.annotation.Value;
@@ -26,10 +29,14 @@ public class SpringDocConfig {
contact.setName("pan");
contact.setEmail("648540858@qq.com");
return new OpenAPI()
+ .components(new Components()
+ .addSecuritySchemes(JwtUtils.HEADER, new SecurityScheme()
+ .type(SecurityScheme.Type.HTTP)
+ .bearerFormat("JWT")))
.info(new Info().title("WVP-PRO 接口文档")
.contact(contact)
.description("开箱即用的28181协议视频平台")
- .version("v2.0")
+ .version("v3.1.0")
.license(new License().name("Apache 2.0").url("http://springdoc.org")));
}
diff --git a/src/main/java/com/genersoft/iot/vmp/conf/security/JwtUtils.java b/src/main/java/com/genersoft/iot/vmp/conf/security/JwtUtils.java
index 3df75936..fcd19461 100644
--- a/src/main/java/com/genersoft/iot/vmp/conf/security/JwtUtils.java
+++ b/src/main/java/com/genersoft/iot/vmp/conf/security/JwtUtils.java
@@ -28,7 +28,7 @@ public class JwtUtils implements InitializingBean {
private static final Logger logger = LoggerFactory.getLogger(JwtUtils.class);
- private static final String HEADER = "access-token";
+ public static final String HEADER = "access-token";
private static final String AUDIENCE = "Audience";
diff --git a/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java b/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java
index 0431dcdf..afc81050 100644
--- a/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java
+++ b/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java
@@ -68,6 +68,8 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
matchers.add("/");
matchers.add("/#/**");
matchers.add("/static/**");
+ matchers.add("/swagger-ui.html");
+ matchers.add("/swagger-ui/");
matchers.add("/index.html");
matchers.add("/doc.html");
matchers.add("/webjars/**");
@@ -77,6 +79,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
matchers.add("/api/device/query/snap/**");
matchers.add("/record_proxy/*/**");
matchers.add("/api/emit");
+ matchers.add("/favicon.ico");
// 可以直接访问的静态数据
web.ignoring().antMatchers(matchers.toArray(new String[0]));
}
@@ -113,7 +116,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
.authorizeRequests()
.requestMatchers(CorsUtils::isPreFlightRequest).permitAll()
.antMatchers(userSetting.getInterfaceAuthenticationExcludes().toArray(new String[0])).permitAll()
- .antMatchers("/api/user/login", "/index/hook/**").permitAll()
+ .antMatchers("/api/user/login", "/index/hook/**", "/swagger-ui/**", "/doc.html").permitAll()
.anyRequest().authenticated()
// 异常处理器
.and()
diff --git a/src/main/java/com/genersoft/iot/vmp/vmanager/user/UserController.java b/src/main/java/com/genersoft/iot/vmp/vmanager/user/UserController.java
index b6f91832..a2aefb15 100755
--- a/src/main/java/com/genersoft/iot/vmp/vmanager/user/UserController.java
+++ b/src/main/java/com/genersoft/iot/vmp/vmanager/user/UserController.java
@@ -14,6 +14,7 @@ import com.genersoft.iot.vmp.vmanager.bean.WVPResult;
import com.github.pagehelper.PageInfo;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.Parameter;
+import io.swagger.v3.oas.annotations.security.SecurityRequirement;
import io.swagger.v3.oas.annotations.tags.Tag;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationManager;
@@ -95,7 +96,7 @@ public class UserController {
@PostMapping("/add")
- @Operation(summary = "添加用户")
+ @Operation(summary = "添加用户", security = @SecurityRequirement(name = JwtUtils.HEADER))
@Parameter(name = "username", description = "用户名", required = true)
@Parameter(name = "password", description = "密码(未md5加密的密码)", required = true)
@Parameter(name = "roleId", description = "角色ID", required = true)