原代码
.antMatchers("/*/k2").permitAll()
.antMatchers("/auth/login").permitAll()
.antMatchers("/auth/sign-up").permitAll()
.antMatchers("/auth/refresh-token").permitAll()
.antMatchers("/users/{id}/photo").permitAll()
.antMatchers("/auth/logout").permitAll().and()
.authorizeRequests().antMatchers(HttpMethod.OPTIONS).permitAll()
.anyRequest().authenticated()
.and().apply((new JwtConfigurer(jjwtUtils)));
.apply((new JwtConfigurer(jjwtUtils)));
这样配置会导致配置的全部校验anyRequest().authenticated()
失效;