refactor: 移除Android API和WebSocket安全配置，更新应用配置

- 删除 `AndroidApiSecurityConfig` 和 `WebSocketSecurityConfig` 类 - 更新 `application.yml`，添加 `/api/android/**` 和 `/ws/**` 到 `permit-all-urls`
2026-04-02 17:05:41 +08:00 · 2026-04-02 17:05:41 +08:00 · d780278da4
parent 4f42fb50ad
commit d780278da4
3 changed files with 2 additions and 42 deletions
--- a/backend/src/main/java/com/imeeting/config/AndroidApiSecurityConfig.java
+++ b/backend/src/main/java/com/imeeting/config/AndroidApiSecurityConfig.java
@ -1,21 +0,0 @@
 package com.imeeting.config;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.core.annotation.Order;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 import org.springframework.security.web.SecurityFilterChain;
@Configuration
 public class AndroidApiSecurityConfig {
    @Bean
    @Order(1)
    public SecurityFilterChain androidApiSecurityFilterChain(HttpSecurity http) throws Exception {
        http.securityMatcher("/api/android/**")
                .csrf(AbstractHttpConfigurer::disable)
                .authorizeHttpRequests(authorize -> authorize.anyRequest().permitAll());
        return http.build();
    }
 }
--- a/backend/src/main/java/com/imeeting/config/WebSocketSecurityConfig.java
+++ b/backend/src/main/java/com/imeeting/config/WebSocketSecurityConfig.java
@ -1,21 +0,0 @@
 package com.imeeting.config;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.core.annotation.Order;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 import org.springframework.security.web.SecurityFilterChain;
@Configuration
 public class WebSocketSecurityConfig {
    @Bean
    @Order(0)
    public SecurityFilterChain webSocketSecurityFilterChain(HttpSecurity http) throws Exception {
        http.securityMatcher("/ws/**")
                .csrf(AbstractHttpConfigurer::disable)
                .authorizeHttpRequests(authorize -> authorize.anyRequest().permitAll());
        return http.build();
    }
 }
--- a/backend/src/main/resources/application.yml
+++ b/backend/src/main/resources/application.yml
@ -42,6 +42,8 @@ unisbase:
    permit-all-urls:
      - /actuator/health
      - /api/static/**
      - /api/android/**
      - /ws/**
  internal-auth:
    enabled: true
    header-name: X-Internal-Secret