Ignore:
Timestamp:
09/07/22 00:51:50 (2 years ago)
Author:
Marko <Marko@…>
Branches:
master
Children:
527b93f
Parents:
dbd4834
Message:

Edited registration and login services

Location:
phonelux-backend/src/main/java/finki/it/phoneluxbackend/security
Files:
2 added
1 edited

Legend:

Unmodified
Added
Removed
  • phonelux-backend/src/main/java/finki/it/phoneluxbackend/security/configs/WebSecurityConfig.java

    rdbd4834 rf25d07e  
    11package finki.it.phoneluxbackend.security.configs;
    22
     3import finki.it.phoneluxbackend.security.CustomAuthenticationFilter;
     4import finki.it.phoneluxbackend.security.CustomAuthorizationFilter;
    35import finki.it.phoneluxbackend.services.UserService;
    46import lombok.AllArgsConstructor;
     7import org.springframework.context.annotation.Bean;
    58import org.springframework.context.annotation.Configuration;
     9import org.springframework.security.authentication.AuthenticationManager;
    610import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
    7 import org.springframework.security.config.annotation.SecurityBuilder;
    811import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
    9 import org.springframework.security.config.annotation.web.WebSecurityConfigurer;
    1012import org.springframework.security.config.annotation.web.builders.HttpSecurity;
    1113import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
    12 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration;
    1314import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
    14 import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
     15import org.springframework.security.config.http.SessionCreationPolicy;
    1516import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
    16 import org.springframework.security.web.SecurityFilterChain;
     17import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
     18
     19import static org.springframework.http.HttpMethod.GET;
    1720
    1821@Configuration
     
    2629    @Override
    2730    protected void configure(HttpSecurity http) throws Exception {
    28         http
    29                 .csrf().disable()
    30                 .authorizeRequests()
    31                 .antMatchers("/registration/**")
    32                 .permitAll()
    33                 .anyRequest()
    34                 .authenticated().and()
    35                 .formLogin();
     31//        http
     32//                .csrf().disable()
     33//                .authorizeRequests()
     34//                .antMatchers("/registration/**")
     35//                .permitAll()
     36//                .anyRequest()
     37//                .authenticated().and()
     38//                .formLogin();
     39
     40        http.csrf().disable();
     41        http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
     42//        http.authorizeRequests().antMatchers(GET,"/phones").hasAnyAuthority("USER");
     43        http.authorizeRequests().anyRequest().permitAll();
     44        http.addFilter(new CustomAuthenticationFilter(authenticationManagerBean()));
     45        http.addFilterBefore(new CustomAuthorizationFilter(), UsernamePasswordAuthenticationFilter.class);
    3646
    3747    }
     
    4252    }
    4353
     54    @Bean
     55    @Override
     56    public AuthenticationManager authenticationManagerBean() throws Exception {
     57        return super.authenticationManagerBean();
     58    }
    4459
    4560    public DaoAuthenticationProvider daoAuthenticationProvider(){
Note: See TracChangeset for help on using the changeset viewer.