source: src/main/java/it/finki/charitable/security/SecurityConfig.java@ 5577566

Last change on this file since 5577566 was 3fc9e50, checked in by KostaFortumanov <kfortumanov@…>, 3 years ago

prototip part1
  • Property mode set to 100644
File size: 2.2 KB
Line 
1package it.finki.charitable.security;
2
3import it.finki.charitable.entities.UserRole;
4import it.finki.charitable.services.UserService;
5import org.springframework.context.annotation.Configuration;
6import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
7import org.springframework.security.config.annotation.web.builders.HttpSecurity;
8import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
9import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
10import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
11
12@Configuration
13public class SecurityConfig extends WebSecurityConfigurerAdapter {
14
15 private final UserService userService;
16 private BCryptPasswordEncoder passwordEncoder() {
17 return PasswordEncoder.bCryptPasswordEncoder();
18 }
19
20 public SecurityConfig(UserService userService) {
21 this.userService = userService;
22 }
23
24 private final static String[] publicMatchers = {
25 "/css/**",
26 "/js/**",
27 "/image/**",
28 "/",
29 "/login",
30 "/register",
31 "/validate",
32 "/album/**",
33 "/post",
34 "/post-photos/**"
35 };
36
37 @Override
38 protected void configure(HttpSecurity http) throws Exception {
39 http
40 .authorizeRequests()
41 .antMatchers(publicMatchers).permitAll()
42 .antMatchers("/moderator-photos/**").hasAuthority(UserRole.MODERATOR.name())
43 .anyRequest().authenticated();
44
45 http
46 .csrf().disable()
47 .cors().disable()
48 .formLogin().loginPage("/login")
49 .defaultSuccessUrl("/", true)
50 .and()
51 .logout().logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
52 .logoutSuccessUrl("/").deleteCookies("remember-me")
53 .and()
54 .rememberMe();
55 }
56
57 @Override
58 protected void configure(AuthenticationManagerBuilder auth) throws Exception {
59 auth.userDetailsService(userService).passwordEncoder(passwordEncoder());
60 }
61}
Note: See TracBrowser for help on using the repository browser.