[1ad8e64] | 1 | package finki.diplomska.tripplanner.security;
|
---|
| 2 |
|
---|
| 3 |
|
---|
[84d0fbb] | 4 | import finki.diplomska.tripplanner.service.impl.CustomUserDetailsServiceImpl;
|
---|
[1ad8e64] | 5 | import org.springframework.beans.factory.annotation.Autowired;
|
---|
[84d0fbb] | 6 | import org.springframework.context.annotation.Bean;
|
---|
[1ad8e64] | 7 | import org.springframework.context.annotation.Configuration;
|
---|
[84d0fbb] | 8 | import org.springframework.security.authentication.AuthenticationManager;
|
---|
| 9 | import org.springframework.security.config.BeanIds;
|
---|
| 10 | import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
---|
[1ad8e64] | 11 | import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
---|
| 12 | import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
---|
| 13 | import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
---|
| 14 | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
---|
| 15 | import org.springframework.security.config.http.SessionCreationPolicy;
|
---|
[84d0fbb] | 16 | import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
---|
| 17 | import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
---|
| 18 |
|
---|
| 19 | import static finki.diplomska.tripplanner.security.SecurityConstants.MARIADB_URL;
|
---|
| 20 | import static finki.diplomska.tripplanner.security.SecurityConstants.SIGN_UP_URLS;
|
---|
[1ad8e64] | 21 |
|
---|
| 22 | @Configuration
|
---|
| 23 | @EnableWebSecurity
|
---|
| 24 | @EnableGlobalMethodSecurity(
|
---|
| 25 | securedEnabled = true,
|
---|
| 26 | jsr250Enabled = true,
|
---|
| 27 | prePostEnabled = true
|
---|
| 28 | )
|
---|
| 29 | public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
---|
| 30 |
|
---|
| 31 | @Autowired
|
---|
| 32 | private JwtAuthenticationEntryPoint unauthorizedHandler;
|
---|
| 33 |
|
---|
[84d0fbb] | 34 | @Autowired
|
---|
| 35 | private CustomUserDetailsServiceImpl customUserDetailsService;
|
---|
| 36 |
|
---|
| 37 | @Bean
|
---|
| 38 | public JwtAuthenticationFilter jwtAuthenticationFilter() {return new JwtAuthenticationFilter();}
|
---|
| 39 |
|
---|
| 40 |
|
---|
| 41 | @Autowired
|
---|
| 42 | private BCryptPasswordEncoder bCryptPasswordEncoder;
|
---|
| 43 |
|
---|
| 44 | @Override
|
---|
| 45 | protected void configure(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
|
---|
| 46 | authenticationManagerBuilder.userDetailsService(customUserDetailsService).passwordEncoder(bCryptPasswordEncoder);
|
---|
| 47 | }
|
---|
| 48 |
|
---|
| 49 | @Override
|
---|
| 50 | @Bean(BeanIds.AUTHENTICATION_MANAGER)
|
---|
| 51 | protected AuthenticationManager authenticationManager() throws Exception {
|
---|
| 52 | return super.authenticationManager();
|
---|
| 53 | }
|
---|
| 54 |
|
---|
[1ad8e64] | 55 | @Override
|
---|
| 56 | protected void configure(HttpSecurity http) throws Exception {
|
---|
| 57 | http.cors().and().csrf().disable()
|
---|
| 58 | .exceptionHandling().authenticationEntryPoint(unauthorizedHandler).and()
|
---|
| 59 | .sessionManagement()
|
---|
| 60 | .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
|
---|
| 61 | .and()
|
---|
| 62 | .headers().frameOptions().sameOrigin() //To enable H2 Database
|
---|
| 63 | .and()
|
---|
| 64 | .authorizeRequests()
|
---|
| 65 | .antMatchers(
|
---|
| 66 | "/",
|
---|
| 67 | "/favicon.ico",
|
---|
| 68 | "/**/*.png",
|
---|
| 69 | "/**/*.gif",
|
---|
| 70 | "/**/*.svg",
|
---|
| 71 | "/**/*.jpg",
|
---|
| 72 | "/**/*.html",
|
---|
| 73 | "/**/*.css",
|
---|
| 74 | "/**/*.js"
|
---|
| 75 | ).permitAll()
|
---|
[84d0fbb] | 76 | .antMatchers(SIGN_UP_URLS).permitAll()
|
---|
| 77 | .antMatchers(MARIADB_URL).permitAll()
|
---|
[bdd6491] | 78 | .antMatchers("/api/weekend").permitAll()
|
---|
| 79 | .antMatchers("/api/villages").permitAll()
|
---|
[b738035] | 80 | .antMatchers("/api/cities").permitAll()
|
---|
[76712b2] | 81 | .antMatchers("/api/all").permitAll()
|
---|
| 82 | .antMatchers("/api/places").permitAll()
|
---|
[1ad8e64] | 83 | .anyRequest().authenticated();
|
---|
[84d0fbb] | 84 | http.addFilterBefore(jwtAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class);
|
---|
| 85 |
|
---|
[1ad8e64] | 86 | }
|
---|
| 87 | } |
---|