2 年之前 · e21396870f
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/entity/SysMenu.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/entity/SysMenu.java
@@ -54,7 +54,7 @@ public class SysMenu extends BaseEntity
 
				     /** 显示状态（0显示 1隐藏） */

			
 
				     private String visible;

			
 
				     

			
 
				-    /** 菜单状态（0显示 1隐藏） */

			
 
				+    /** 菜单状态（0正常 1停用） */

			
 
				     private String status;

			
 
				 

			
 
				     /** 权限字符串 */

			
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/ResourcesConfig.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/ResourcesConfig.java
@@ -1,8 +1,10 @@
 
				 package com.ruoyi.framework.config;

			
 
				 

			
 
				+import java.util.concurrent.TimeUnit;

			
 
				 import org.springframework.beans.factory.annotation.Autowired;

			
 
				 import org.springframework.context.annotation.Bean;

			
 
				 import org.springframework.context.annotation.Configuration;

			
 
				+import org.springframework.http.CacheControl;

			
 
				 import org.springframework.web.cors.CorsConfiguration;

			
 
				 import org.springframework.web.cors.UrlBasedCorsConfigurationSource;

			
 
				 import org.springframework.web.filter.CorsFilter;

			
@@ -34,7 +36,7 @@ public class ResourcesConfig implements WebMvcConfigurer
 
				         /** swagger配置 */

			
 
				         registry.addResourceHandler("/swagger-ui/**")

			
 
				                 .addResourceLocations("classpath:/META-INF/resources/webjars/springfox-swagger-ui/")

			
 
				-                .setCacheControl(CacheControl.maxAge(1, TimeUnit.DAYS).mustRevalidate().cachePrivate()).resourceChain(true);

			
 
				+                .setCacheControl(CacheControl.maxAge(5, TimeUnit.HOURS).cachePublic());;

			
 
				     }

			
 
				 

			
 
				     /**

			
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
@@ -102,6 +102,8 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter
 
				         httpSecurity

			
 
				                 // CSRF禁用，因为不使用session

			
 
				                 .csrf().disable()

			
 
				+                // 禁用HTTP响应标头

			
 
				+                .headers().cacheControl().disable().and()

			
 
				                 // 认证失败处理类

			
 
				                 .exceptionHandling().authenticationEntryPoint(unauthorizedHandler).and()

			
 
				                 // 基于token，所以不需要session

			
@@ -109,7 +111,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter
 
				                 // 过滤请求

			
 
				                 .authorizeRequests()

			
 
				                 // 对于登录login 注册register 验证码captchaImage 允许匿名访问

			
 
				-                .antMatchers("/login", "/register", "/captchaImage").anonymous()

			
 
				+                .antMatchers("/login", "/register", "/captchaImage").permitAll()

			
 
				                 // 静态资源，可匿名访问

			
 
				                 .antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll()

			
 
				                 .antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**").permitAll()

			
@@ -124,8 +126,6 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter
 
				         // 添加CORS filter

			
 
				         httpSecurity.addFilterBefore(corsFilter, JwtAuthenticationTokenFilter.class);

			
 
				         httpSecurity.addFilterBefore(corsFilter, LogoutFilter.class);

			
 
				-        // 禁用缓存

			
 
				-        httpSecurity.headers().cacheControl().disable();

			
 
				     }

			
 
				 

			
 
				     /**