refactor: 移除Android API和WebSocket安全配置，更新应用配置

- 删除 `AndroidApiSecurityConfig` 和 `WebSocketSecurityConfig` 类 - 更新 `application.yml`，添加 `/api/android/**` 和 `/ws/**` 到 `permit-all-urls`
2026-04-02 17:05:41 +08:00 · 2026-04-02 17:05:41 +08:00 · d780278da4
parent 4f42fb50ad
commit d780278da4
3 changed files with 2 additions and 42 deletions
--- a/backend/src/main/java/com/imeeting/config/AndroidApiSecurityConfig.java
+++ b/backend/src/main/java/com/imeeting/config/AndroidApiSecurityConfig.java
@ -1,21 +0,0 @@
-package com.imeeting.config;
-
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.core.annotation.Order;
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
-import org.springframework.security.web.SecurityFilterChain;
-
-@Configuration
-public class AndroidApiSecurityConfig {
-
-    @Bean
-    @Order(1)
-    public SecurityFilterChain androidApiSecurityFilterChain(HttpSecurity http) throws Exception {
-        http.securityMatcher("/api/android/**")
-                .csrf(AbstractHttpConfigurer::disable)
-                .authorizeHttpRequests(authorize -> authorize.anyRequest().permitAll());
-        return http.build();
-    }
-}
--- a/backend/src/main/java/com/imeeting/config/WebSocketSecurityConfig.java
+++ b/backend/src/main/java/com/imeeting/config/WebSocketSecurityConfig.java
@ -1,21 +0,0 @@
-package com.imeeting.config;
-
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.core.annotation.Order;
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
-import org.springframework.security.web.SecurityFilterChain;
-
-@Configuration
-public class WebSocketSecurityConfig {
-
-    @Bean
-    @Order(0)
-    public SecurityFilterChain webSocketSecurityFilterChain(HttpSecurity http) throws Exception {
-        http.securityMatcher("/ws/**")
-                .csrf(AbstractHttpConfigurer::disable)
-                .authorizeHttpRequests(authorize -> authorize.anyRequest().permitAll());
-        return http.build();
-    }
-}
--- a/backend/src/main/resources/application.yml
+++ b/backend/src/main/resources/application.yml
@ -42,6 +42,8 @@ unisbase:
    permit-all-urls:
      - /actuator/health
      - /api/static/**
+      - /api/android/**
+      - /ws/**
  internal-auth:
    enabled: true
    header-name: X-Internal-Secret