保誠-保戶業務員媒合平台
HelenHuang
2021-11-15 b7de9faedf2a3e21c77c4ab3fc645ef01ac549cf
pamapi/src/main/java/com/pollex/pam/config/SecurityConfiguration.java
@@ -67,6 +67,8 @@
            .headers()
            .contentSecurityPolicy(jHipsterProperties.getSecurity().getContentSecurityPolicy())
        .and()
            .referrerPolicy(ReferrerPolicyHeaderWriter.ReferrerPolicy.STRICT_ORIGIN_WHEN_CROSS_ORIGIN)
        .and()
            .permissionsPolicy().policy("camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()")
        .and()
            .frameOptions()
@@ -79,10 +81,14 @@
            .antMatchers("/api/authenticate").permitAll()
            .antMatchers("/api/register").permitAll()
            .antMatchers("/api/activate").permitAll()
            .antMatchers("/api/testLogin/**").permitAll()
            .antMatchers("/api/account/reset-password/init").permitAll()
            .antMatchers("/api/account/reset-password/finish").permitAll()
            .antMatchers("/api/consultant/recommend").permitAll()
            .antMatchers("/api/consultant/detail").permitAll()
            .antMatchers("/api/consultant/fastQuery").permitAll()
            .antMatchers("/api/consultant/strictQuery").permitAll()
            .antMatchers("/api/consultant/avatar/**").permitAll()
            .antMatchers("/api/admin/**").hasAuthority(AuthoritiesConstants.ADMIN)
            .antMatchers("/api/**").authenticated()
            .antMatchers("/websocket/**").authenticated()