From 2508f07b7b150bd273c0af8a81889dbbcf8a3a19 Mon Sep 17 00:00:00 2001
From: ikmkj <1@qq,com>
Date: Sat, 2 Aug 2025 19:40:44 +0800
Subject: [PATCH] =?UTF-8?q?build(biji-houdaun):=20=E4=BC=98=E5=8C=96?=
 =?UTF-8?q?=E7=94=9F=E4=BA=A7=E7=8E=AF=E5=A2=83=E9=85=8D=E7=BD=AE=E5=B9=B6?=
 =?UTF-8?q?=E8=B0=83=E6=95=B4=E5=AE=89=E5=85=A8=E8=AE=BE=E7=BD=AE?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- 修改 pom.xml，使用 spring-boot-maven-plugin 排除生产环境依赖
- 重构 SecurityConfig，简化公共端点配置并移除环境判断逻辑
---
 biji-houdaun/pom.xml                          | 35 +++++++++++--------
 .../bijihoudaun/config/SecurityConfig.java    | 30 +++++-----------
 2 files changed, 28 insertions(+), 37 deletions(-)

diff --git a/biji-houdaun/pom.xml b/biji-houdaun/pom.xml
index ed6d158..159e8f4 100644
--- a/biji-houdaun/pom.xml
+++ b/biji-houdaun/pom.xml
@@ -189,21 +189,26 @@
         <!-- 生产环境排除Knife4j和springdoc -->
         <profile>
             <id>prod</id>
-            <dependencies>
-                <!-- 排除Knife4j API 文档 -->
-                <dependency>
-                    <groupId>com.github.xiaoymin</groupId>
-                    <artifactId>knife4j-openapi3-jakarta-spring-boot-starter</artifactId>
-                    <version>${knife4j.version}</version>
-                    <scope>provided</scope>
-                </dependency>
-                <dependency>
-                    <groupId>org.springdoc</groupId>
-                    <artifactId>springdoc-openapi-starter-webmvc-ui</artifactId>
-                    <version>2.7.0</version>
-                    <scope>provided</scope>
-                </dependency>
-            </dependencies>
+            <build>
+                <plugins>
+                    <plugin>
+                        <groupId>org.springframework.boot</groupId>
+                        <artifactId>spring-boot-maven-plugin</artifactId>
+                        <configuration>
+                            <excludes>
+                                <exclude>
+                                    <groupId>com.github.xiaoymin</groupId>
+                                    <artifactId>knife4j-openapi3-jakarta-spring-boot-starter</artifactId>
+                                </exclude>
+                                <exclude>
+                                    <groupId>org.springdoc</groupId>
+                                    <artifactId>springdoc-openapi-starter-webmvc-ui</artifactId>
+                                </exclude>
+                            </excludes>
+                        </configuration>
+                    </plugin>
+                </plugins>
+            </build>
         </profile>
     </profiles>
 
diff --git a/biji-houdaun/src/main/java/com/test/bijihoudaun/config/SecurityConfig.java b/biji-houdaun/src/main/java/com/test/bijihoudaun/config/SecurityConfig.java
index df7957a..4291759 100644
--- a/biji-houdaun/src/main/java/com/test/bijihoudaun/config/SecurityConfig.java
+++ b/biji-houdaun/src/main/java/com/test/bijihoudaun/config/SecurityConfig.java
@@ -8,7 +8,6 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.core.env.Environment;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.http.SessionCreationPolicy;
@@ -18,8 +17,6 @@ import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 
-import java.util.Arrays;
-
 @Configuration
 @EnableWebSecurity
 public class SecurityConfig {
@@ -36,9 +33,6 @@ public class SecurityConfig {
     @Autowired
     private JwtAccessDeniedHandler jwtAccessDeniedHandler;
 
-    @Autowired
-    private Environment environment;
-
     @Value("${jwt.header}")
     private String tokenHeader;
 
@@ -54,26 +48,18 @@ public class SecurityConfig {
     public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
         JwtAuthenticationTokenFilter jwtAuthenticationTokenFilter = new JwtAuthenticationTokenFilter(userDetailsService, jwtTokenUtil, tokenHeader, tokenHead);
 
-        // 检查当前激活的profile中是否包含 "prod"
-        boolean isProd = Arrays.asList(environment.getActiveProfiles()).contains("prod");
-
-        // 根据环境动态设置白名单
-        String[] publicEndpoints = isProd ?
-                new String[]{"/api/user/login", "/api/user/register"} :
-                new String[]{
-                        "/doc.html",
-                        "/webjars/**",
-                        "/v3/api-docs/**",
-                        "/api/user/login",
-                        "/api/user/register"
-                };
-
         http
                 .csrf(csrf -> csrf.disable())
                 .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
                 .authorizeHttpRequests(authz -> authz
-                        // 1. 动态允许公共端点
-                        .requestMatchers(publicEndpoints).permitAll()
+                        // 1. 始终允许的核心公共端点 (登录、注册、API文档)
+                        .requestMatchers(
+                                "/doc.html",
+                                "/webjars/**",
+                                "/v3/api-docs/**",
+                                "/api/user/login",
+                                "/api/user/register"
+                        ).permitAll()
 
                         // 2. 精确允许用于“公开阅读”的 GET 请求
                         .requestMatchers(org.springframework.http.HttpMethod.GET,