✨ feat(WebConfig.java, SecurityConfig.java): 添加日期时间格式配置与安全过滤链增强功能

boot/oauth2/src/main/java/com/plate/auth/config/SecurityConfig.java

@@ -1,5 +1,6 @@
 package com.plate.auth.config;
 
+import jakarta.servlet.http.HttpSession;
 import org.springframework.boot.autoconfigure.security.servlet.PathRequest;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -20,23 +21,49 @@
 
 
 /**
+ * Provides the security configuration.
  * @author Alex bob(<a href="https://github.com/vnobo">Alex Bob</a>)
  */
-
 @Configuration(proxyBeanMethods = false)
 @EnableJpaAuditing
 public class SecurityConfig {
 
+    /**
+     * Provides a {@link PasswordEncoder} to be used for password storage.
+     * The {@link PasswordEncoder} is {@link org.springframework.security.crypto.factory.PasswordEncoderFactories#createDelegatingPasswordEncoder()}.
+     *
+     * @return a {@link PasswordEncoder} instance
+     */
     @Bean
     public PasswordEncoder passwordEncoder() {
         return PasswordEncoderFactories.createDelegatingPasswordEncoder();
     }
 
+    /**
+     * Publishes {@link HttpSession} events to the Spring
+     * {@link org.springframework.context.ApplicationEventPublisher} so that
+     * {@link org.springframework.security.web.session.HttpSessionEventPublisher}
+     * can be used.
+     *
+     * @return an {@link HttpSessionEventPublisher} instance
+     */
     @Bean
     public HttpSessionEventPublisher httpSessionEventPublisher() {
         return new HttpSessionEventPublisher();
     }
 
+    /**
+     * Configures the {@link SecurityFilterChain} to require authentication for all requests,
+     * except for static resources at common locations. The {@link SecurityFilterChain} uses
+     * HTTP Basic authentication and form login. The CSRF protection is enabled,
+     * and the logout URL is set to {@code /oauth/logout}. The logout handler is set to
+     * {@link HeaderWriterLogoutHandler} with a {@link ClearSiteDataHeaderWriter} to clear
+     * the cookies.
+     *
+     * @param http the {@link HttpSecurity} instance
+     * @return the configured {@link SecurityFilterChain}
+     * @throws Exception if an error occurs while configuring the {@link SecurityFilterChain}
+     */
     @Bean
     public SecurityFilterChain springSecurity(HttpSecurity http) throws Exception {
         HttpSessionRequestCache requestCache = new HttpSessionRequestCache();
@@ -50,7 +77,7 @@ public SecurityFilterChain springSecurity(HttpSecurity http) throws Exception {
                 .httpBasic(Customizer.withDefaults())
                 .formLogin((formLogin) -> formLogin.loginPage("/login").permitAll())
                 .csrf((csrf) -> csrf.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()))
-                .logout((logout) -> logout.logoutUrl("/oauth2/logout")
+                .logout((logout) -> logout.logoutUrl("/oauth/logout")
                         .addLogoutHandler(new HeaderWriterLogoutHandler(new ClearSiteDataHeaderWriter(COOKIES))));
         return http.build();
     }

boot/oauth2/src/main/java/com/plate/auth/config/WebConfig.java

@@ -24,7 +24,19 @@ public class WebConfig implements WebMvcConfigurer {
     private static final String DATE_FORMAT = "yyyy-MM-dd";
     private static final String DATE_TIME_FORMAT = "yyyy-MM-dd HH:mm:ss";
 
-
+    /**
+     * A Jackson2ObjectMapperBuilderCustomizer that configures the Jackson2ObjectMapperBuilder to use custom date and time
+     * formats for serialization and deserialization.
+     *
+     * <p>This customizer sets up the following formats for:
+     * <ul>
+     *     <li>{@link java.time.LocalDate}: {@value #DATE_FORMAT}</li>
+     *     <li>{@link java.time.LocalDateTime}: {@value #DATE_TIME_FORMAT}</li>
+     * </ul>
+     *
+     * @return A non-null Jackson2ObjectMapperBuilderCustomizer instance that configures the mapper with the custom date
+     * and time formats.
+     */
     @Bean
     public Jackson2ObjectMapperBuilderCustomizer jsonCustomizer() {
         return builder -> {