[9ff45d6] | 1 | package parkup.configs.webConfigs;
|
---|
[ce6ad22] | 2 |
|
---|
| 3 | import org.springframework.context.annotation.Bean;
|
---|
| 4 | import org.springframework.context.annotation.Configuration;
|
---|
[9dd526f] | 5 | import org.springframework.security.authentication.AuthenticationManager;
|
---|
[ce6ad22] | 6 | import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
---|
| 7 | import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
---|
| 8 | import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
---|
| 9 | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
---|
| 10 | import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
---|
[9dd526f] | 11 | import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
---|
| 12 | import org.springframework.web.cors.CorsConfiguration;
|
---|
| 13 | import parkup.configs.CustomAuthenticationFilter;
|
---|
| 14 | import parkup.configs.CustomAuthorizationFilter;
|
---|
| 15 | import parkup.services.AdministratorService;
|
---|
[bfc49f4] | 16 | import parkup.services.GuestService;
|
---|
[9dd526f] | 17 | import parkup.services.RegisteredUserService;
|
---|
| 18 | import parkup.services.WorkerService;
|
---|
| 19 |
|
---|
| 20 | import static org.springframework.security.config.http.SessionCreationPolicy.STATELESS;
|
---|
[ce6ad22] | 21 |
|
---|
| 22 | @EnableWebSecurity
|
---|
[97fbc67] | 23 | @Configuration
|
---|
[ce6ad22] | 24 | public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
|
---|
[9dd526f] | 25 | private final WorkerService workerService;
|
---|
[97fbc67] | 26 | private final BCryptPasswordEncoder bCryptPasswordEncoder;
|
---|
[9dd526f] | 27 | private final RegisteredUserService registeredUserService;
|
---|
| 28 | private final AdministratorService administratorService;
|
---|
[bfc49f4] | 29 | private final GuestService guestService;
|
---|
[ce6ad22] | 30 |
|
---|
[bfc49f4] | 31 | public WebSecurityConfig(WorkerService workerService, BCryptPasswordEncoder bCryptPasswordEncoder, RegisteredUserService registeredUserService, AdministratorService administratorService, GuestService guestService) {
|
---|
[9dd526f] | 32 | this.workerService = workerService;
|
---|
[97fbc67] | 33 | this.bCryptPasswordEncoder = bCryptPasswordEncoder;
|
---|
[9dd526f] | 34 | this.registeredUserService = registeredUserService;
|
---|
| 35 | this.administratorService = administratorService;
|
---|
[bfc49f4] | 36 | this.guestService = guestService;
|
---|
[97fbc67] | 37 | }
|
---|
[ce6ad22] | 38 |
|
---|
[97fbc67] | 39 | @Override
|
---|
[9dd526f] | 40 | protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
---|
| 41 | auth.userDetailsService(registeredUserService).passwordEncoder(bCryptPasswordEncoder);
|
---|
| 42 | auth.userDetailsService(workerService).passwordEncoder(bCryptPasswordEncoder);
|
---|
| 43 | auth.userDetailsService(administratorService).passwordEncoder(bCryptPasswordEncoder);
|
---|
[bfc49f4] | 44 | auth.userDetailsService(guestService).passwordEncoder(bCryptPasswordEncoder);
|
---|
[97fbc67] | 45 | }
|
---|
[ce6ad22] | 46 |
|
---|
[97fbc67] | 47 | @Override
|
---|
[9dd526f] | 48 | protected void configure(HttpSecurity http) throws Exception {
|
---|
| 49 | CustomAuthenticationFilter customAuthenticationFilter = new CustomAuthenticationFilter(authenticationManagerBean());
|
---|
| 50 | customAuthenticationFilter.setFilterProcessesUrl("/api/login");
|
---|
| 51 | http.csrf().disable();
|
---|
| 52 | http.cors().configurationSource(request -> new CorsConfiguration().applyPermitDefaultValues());
|
---|
| 53 | http.sessionManagement().sessionCreationPolicy(STATELESS);
|
---|
| 54 | http.authorizeRequests().antMatchers("/**").permitAll();
|
---|
| 55 | // http.authorizeRequests().antMatchers("/user/registration/**", "/home/markers","/home/getLocation/**","/api/login/**","/home").permitAll();
|
---|
| 56 | // http.authorizeRequests().antMatchers( "/user/setFavourite/**","user/favourites").hasAuthority("ROLE_USER");
|
---|
| 57 | // http.authorizeRequests().antMatchers( "/home/**").hasAuthority("ROLE_ADMIN");
|
---|
| 58 | // http.authorizeRequests().anyRequest().authenticated();
|
---|
| 59 | http.addFilter(customAuthenticationFilter);
|
---|
| 60 | http.addFilterBefore(new CustomAuthorizationFilter(), UsernamePasswordAuthenticationFilter.class);
|
---|
[97fbc67] | 61 | }
|
---|
[ce6ad22] | 62 |
|
---|
[97fbc67] | 63 | @Bean
|
---|
[9dd526f] | 64 | @Override
|
---|
| 65 | public AuthenticationManager authenticationManagerBean() throws Exception {
|
---|
| 66 | return super.authenticationManagerBean();
|
---|
[97fbc67] | 67 | }
|
---|
| 68 |
|
---|
[ce6ad22] | 69 |
|
---|
| 70 | }
|
---|