From e6886f78bf33622d183dd5b99eaa8459ed9dc3c5 Mon Sep 17 00:00:00 2001
From: Joshi <3040996759@qq.com>
Date: Fri, 10 Oct 2025 14:09:25 +0800
Subject: [PATCH] =?UTF-8?q?feat(security):=20=E6=B7=BB=E5=8A=A0=E5=AF=B9?=
 =?UTF-8?q?=E4=B8=9A=E5=8A=A1=E6=8E=A5=E5=8F=A3=E7=9A=84=E5=8C=BF=E5=90=8D?=
 =?UTF-8?q?=E8=AE=BF=E9=97=AE=E6=94=AF=E6=8C=81?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- 在安全配置中新增 /business/** 路径的匿名访问权限- 扩展了默认允许匿名访问的URL列表
- 确保业务相关接口可以无需认证直接访问
---
 .../main/java/com/ruoyi/framework/config/SecurityConfig.java    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
index 834c54b..69c40a9 100644
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
@@ -111,7 +111,7 @@ public class SecurityConfig
             .authorizeHttpRequests((requests) -> {
                 permitAllUrl.getUrls().forEach(url -> requests.antMatchers(url).permitAll());
                 // 对于登录login 注册register 验证码captchaImage 允许匿名访问
-                requests.antMatchers("/login", "/register", "/captchaImage", "/roller/**","/pdi/**","/pdo/**","/track/**").permitAll()
+                requests.antMatchers("/login", "/register", "/captchaImage", "/roller/**","/pdi/**","/pdo/**","/track/**","/business/**").permitAll()
                     // 静态资源，可匿名访问
                     .antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll()
                     .antMatchers("/doc.html","/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/v3/api-docs/**", "/druid/**").permitAll()