diff --git a/src/main/java/icu/sunway/ai_spring_example/Config/SecurityConfig.java b/src/main/java/icu/sunway/ai_spring_example/Config/SecurityConfig.java index db00d1d..f79ff59 100644 --- a/src/main/java/icu/sunway/ai_spring_example/Config/SecurityConfig.java +++ b/src/main/java/icu/sunway/ai_spring_example/Config/SecurityConfig.java @@ -11,23 +11,21 @@ import org.springframework.security.web.SecurityFilterChain; @EnableWebSecurity public class SecurityConfig { - @Bean - public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { - http - // 启用跨域配置 - .cors(cors -> cors.configurationSource( - request -> new org.springframework.web.cors.CorsConfiguration().applyPermitDefaultValues())) - // 禁用默认的登录表单和HTTP基本认证 - .formLogin(form -> form.disable()) - .httpBasic(basic -> basic.disable()) - // 允许所有请求通过,取消默认登录验证 - .authorizeHttpRequests((authz) -> authz - .anyRequest().permitAll()) - // 禁用CSRF保护 - .csrf(csrf -> csrf.disable()) - // 设置会话创建策略为无状态 - .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)); + @Bean + public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { + http + // 禁用默认的登录表单和HTTP基本认证 + .formLogin(form -> form.disable()) + .httpBasic(basic -> basic.disable()) + // 允许所有请求通过,取消默认登录验证 + .authorizeHttpRequests((authz) -> authz + .anyRequest().permitAll()) + // 禁用CSRF保护 + .csrf(csrf -> csrf.disable()) + // 设置会话创建策略为无状态 + .sessionManagement(session -> session + .sessionCreationPolicy(SessionCreationPolicy.STATELESS)); - return http.build(); - } + return http.build(); + } }