source: src/main/java/com/example/eatys_app/config/SecurityConfig.java

Last change on this file was b3f2adb, checked in by Aleksandar Siljanoski <acewow3@…>, 14 months ago

Adding project to repo
  • Property mode set to 100644
File size: 2.7 KB
RevLine 
[b3f2adb]1package com.example.eatys_app.config;
2
3import org.springframework.context.annotation.Bean;
4import org.springframework.context.annotation.Configuration;
5import org.springframework.security.authentication.AuthenticationManager;
6import org.springframework.security.authentication.AuthenticationProvider;
7import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
8import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
9import org.springframework.security.config.annotation.web.builders.HttpSecurity;
10import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
11import org.springframework.security.core.userdetails.UserDetailsService;
12import org.springframework.security.crypto.password.PasswordEncoder;
13import org.springframework.security.web.SecurityFilterChain;
14
15@Configuration
16@EnableWebSecurity
17public class SecurityConfig {
18
19 private final PasswordEncoder passwordEncoder;
20
21
22
23
24 private final UserDetailsService userDetailsService;
25
26 public SecurityConfig(PasswordEncoder passwordEncoder, UserDetailsService userDetailsService) {
27 this.passwordEncoder = passwordEncoder;
28 this.userDetailsService = userDetailsService;
29 }
30
31
32
33
34 @Bean
35 public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
36
37 http.csrf().disable()
38 .authorizeHttpRequests ()
39 .requestMatchers ("/", "/restorani", "/menija", "/obroci", "/register", "/obroci/{id}/show").permitAll()
40 .anyRequest()
41 .authenticated()
42 .and()
43 .formLogin()
44 .loginPage("/login").permitAll()
45 .failureUrl("/login?error=BadCredentials")
46 .defaultSuccessUrl("/restorani", true)
47 .and()
48 .logout()
49 .logoutUrl("/logout")
50 .clearAuthentication(true)
51 .invalidateHttpSession(true)
52 .deleteCookies("JSESSIONID")
53 .logoutSuccessUrl("/");
54
55 return http.build();
56 }
57
58 @Bean
59 public AuthenticationManager authenticationManager(AuthenticationConfiguration authenticationConfiguration)
60 throws Exception {
61 return authenticationConfiguration.getAuthenticationManager();
62 }
63
64 @Bean
65 public AuthenticationProvider authenticationProvider(){
66
67 final DaoAuthenticationProvider authenticationProvider = new DaoAuthenticationProvider();
68 authenticationProvider.setUserDetailsService(userDetailsService);
69 authenticationProvider.setPasswordEncoder(passwordEncoder);
70
71 return authenticationProvider;
72
73 }
74
75}
Note: See TracBrowser for help on using the repository browser.