| [fdfbdde] | 1 | package com.example.task.security;
|
|---|
| 2 |
|
|---|
| 3 | import lombok.AllArgsConstructor;
|
|---|
| 4 | import org.springframework.context.annotation.Bean;
|
|---|
| 5 | import org.springframework.context.annotation.Configuration;
|
|---|
| 6 | import org.springframework.security.authentication.AuthenticationProvider;
|
|---|
| 7 | import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
|
|---|
| 8 | import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
|---|
| 9 | import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
|---|
| 10 | import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
|
|---|
| 11 | import org.springframework.security.core.userdetails.UserDetailsService;
|
|---|
| 12 | import org.springframework.security.crypto.password.PasswordEncoder;
|
|---|
| 13 | import org.springframework.security.web.SecurityFilterChain;
|
|---|
| 14 |
|
|---|
| 15 | @Configuration
|
|---|
| 16 | @EnableWebSecurity
|
|---|
| 17 | @AllArgsConstructor
|
|---|
| 18 | public class SecurityConfig {
|
|---|
| 19 |
|
|---|
| 20 | private final PasswordEncoder passwordEncoder;
|
|---|
| 21 |
|
|---|
| 22 | private final UserDetailsService userDetailsService;
|
|---|
| 23 |
|
|---|
| 24 | private final CustomAuthenticationSuccessHandler customAuthenticationSuccessHandler;
|
|---|
| 25 |
|
|---|
| 26 |
|
|---|
| 27 | @Bean
|
|---|
| 28 | public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {
|
|---|
| 29 | httpSecurity.authorizeHttpRequests((requests) -> requests.requestMatchers("/", "/login", "/register")
|
|---|
| 30 | .permitAll()
|
|---|
| 31 | .anyRequest().authenticated())
|
|---|
| 32 | .formLogin((form) -> form.loginPage("/login").permitAll().successHandler(customAuthenticationSuccessHandler))
|
|---|
| 33 | .logout((logout) -> logout.permitAll().logoutSuccessUrl("/"))
|
|---|
| 34 | .csrf(AbstractHttpConfigurer::disable);
|
|---|
| 35 | return httpSecurity.build();
|
|---|
| 36 | }
|
|---|
| 37 |
|
|---|
| 38 | @Bean
|
|---|
| 39 | public AuthenticationProvider authenticationProvider() {
|
|---|
| 40 | DaoAuthenticationProvider dao = new DaoAuthenticationProvider();
|
|---|
| 41 | dao.setPasswordEncoder(passwordEncoder);
|
|---|
| 42 | dao.setUserDetailsService(userDetailsService);
|
|---|
| 43 | return dao;
|
|---|
| 44 | }
|
|---|
| 45 |
|
|---|
| 46 |
|
|---|
| 47 | }
|
|---|
