Authentication - Hippoom/wechat-mp-starter GitHub Wiki

You can extend WeChatMpWebSecurityConfigurerAdapter to customize protected resources:

import com.github.hippoom.wechat.mp.autoconfigure.security.web.WeChatMpWebSecurityConfigurerAdapter;
import lombok.RequiredArgsConstructor;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;

@Configuration
@RequiredArgsConstructor
public class HttpSecurityConfig extends WeChatMpWebSecurityConfigurerAdapter {

    @Override
    protected void configureAuthorizeRequests(HttpSecurity httpSecurity)
        throws Exception {
        // @formatter:off
        httpSecurity
           .antMatcher("/**").authorizeRequests()
               .antMatchers("/rel/**/me").authenticated()
               .anyRequest().permitAll();
        // @formatter:on
    }
}