我有一个后端,该后端具有一个由我的前端调用的REST API。我的WebSecurityConfig具有以下方法:
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.csrf().disable()
.authorizeRequests()
.antMatchers("/resources/**", "/registration").permitAll()
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/login")
.permitAll()
.and()
.logout()
.permitAll();
}
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService).passwordEncoder(bCryptPasswordEncoder());
}
@Bean
public ViewResolver viewResolver() {
InternalResourceViewResolver viewResolver = new InternalResourceViewResolver();
viewResolver.setPrefix("/WEB-INF/");
viewResolver.setSuffix(".html");
return viewResolver;
}
还有我的控制器的/login方法:
@RequestMapping("/login")
public String handleRequest(HttpServletRequest request, Model model) {
Authentication auth = SecurityContextHolder.getContext()
.getAuthentication();
model.addAttribute("uri", request.getRequestURI())
.addAttribute("user", auth.getName())
.addAttribute("roles", auth.getAuthorities());
return "login";
}
我阅读的所有教程始终使用同一项目内的登录页面。
由于登录页面是前端组件,因此我想将登录表单放在前端项目中。这种方法甚至有意义吗?如果是的话,我该如何配置ViewResolver使其指向前端登录页面?