优化 user 认证 starter，支持忽略部分 url

common/mall-spring-boot-starter-security-admin/src/main/java/cn/iocoder/mall/security/admin/config/AdminSecurityProperties.java

@@ -7,7 +7,7 @@ public class AdminSecurityProperties {
 
     private static final String[] DEFAULT_IGNORE_PATHS = new String[]{
             // Swagger 相关
-            "/doc.html", "/swagger-resources",  "/swagger-resources/**",
+            "/doc.html", "/swagger-resources",  "/swagger-resources/**", "/webjars/**",
             // Actuator 相关
     };
 

common/mall-spring-boot-starter-security-user/src/main/java/cn/iocoder/mall/security/user/config/UserSecurityAutoConfiguration.java

@@ -5,7 +5,9 @@ import cn.iocoder.mall.web.config.CommonWebAutoConfiguration;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.boot.autoconfigure.AutoConfigureAfter;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication;
+import org.springframework.boot.context.properties.EnableConfigurationProperties;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
@@ -14,10 +16,17 @@ import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 @Configuration
 @AutoConfigureAfter(CommonWebAutoConfiguration.class) // 在 CommonWebAutoConfiguration 之后自动配置，保证过滤器的顺序
 @ConditionalOnWebApplication(type = ConditionalOnWebApplication.Type.SERVLET)
+@EnableConfigurationProperties(UserSecurityProperties.class)
 public class UserSecurityAutoConfiguration implements WebMvcConfigurer {
 
     private Logger logger = LoggerFactory.getLogger(getClass());
 
+    @Bean
+    @ConditionalOnMissingBean
+    public UserSecurityProperties userSecurityProperties() {
+        return new UserSecurityProperties();
+    }
+
     // ========== 拦截器相关 ==========
 
     @Bean
@@ -27,8 +36,11 @@ public class UserSecurityAutoConfiguration implements WebMvcConfigurer {
 
     @Override
     public void addInterceptors(InterceptorRegistry registry) {
+        UserSecurityProperties properties = this.userSecurityProperties();
         // UserSecurityInterceptor 拦截器
-        registry.addInterceptor(this.userSecurityInterceptor());
+        registry.addInterceptor(this.userSecurityInterceptor())
+                .excludePathPatterns(properties.getIgnorePaths())
+                .excludePathPatterns(properties.getDefaultIgnorePaths());;
         logger.info("[addInterceptors][加载 UserSecurityInterceptor 拦截器完成]");
     }
 

common/mall-spring-boot-starter-security-user/src/main/java/cn/iocoder/mall/security/user/config/UserSecurityProperties.java

@@ -0,0 +1,41 @@
+package cn.iocoder.mall.security.user.config;
+
+import org.springframework.boot.context.properties.ConfigurationProperties;
+
+@ConfigurationProperties("mall.security.user")
+public class UserSecurityProperties {
+
+    private static final String[] DEFAULT_IGNORE_PATHS = new String[]{
+            // Swagger 相关
+            "/doc.html", "/swagger-resources",  "/swagger-resources/**", "/webjars/**",
+            // Actuator 相关
+    };
+
+    /**
+     * 自定义忽略 Path
+     */
+    private String[] ignorePaths = new String[0];
+    /**
+     * 默认忽略 Path
+     */
+    private String[] defaultIgnorePaths = DEFAULT_IGNORE_PATHS;
+
+    public String[] getIgnorePaths() {
+        return ignorePaths;
+    }
+
+    public UserSecurityProperties setIgnorePaths(String[] ignorePaths) {
+        this.ignorePaths = ignorePaths;
+        return this;
+    }
+
+    public String[] getDefaultIgnorePaths() {
+        return defaultIgnorePaths;
+    }
+
+    public UserSecurityProperties setDefaultIgnorePaths(String[] defaultIgnorePaths) {
+        this.defaultIgnorePaths = defaultIgnorePaths;
+        return this;
+    }
+
+}