source: jobvista-backend/src/main/java/mk/ukim/finki/predmeti/internettehnologii/jobvistabackend/config/SecurityConfiguration.java@ befb988

main
Last change on this file since befb988 was befb988, checked in by 223021 <daniel.ilievski.2@…>, 12 days ago

Added an edit profile page for both job seekers and recruiters, where they can upload profile pictures/company logos and edit their profile data. Added profile page specifically for recruiters. Refactored existing code.
  • Property mode set to 100644
File size: 3.6 KB
Line 
1package mk.ukim.finki.predmeti.internettehnologii.jobvistabackend.config;
2
3import lombok.RequiredArgsConstructor;
4import mk.ukim.finki.predmeti.internettehnologii.jobvistabackend.models.enumerations.Role;
5import org.springframework.context.annotation.Bean;
6import org.springframework.context.annotation.Configuration;
7import org.springframework.security.authentication.AuthenticationManager;
8import org.springframework.security.authentication.AuthenticationProvider;
9import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
10import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
11import org.springframework.security.config.annotation.web.builders.HttpSecurity;
12import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
13import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
14import org.springframework.security.config.http.SessionCreationPolicy;
15import org.springframework.security.core.userdetails.UserDetailsService;
16import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
17import org.springframework.security.crypto.password.PasswordEncoder;
18import org.springframework.security.web.SecurityFilterChain;
19import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
20
21@Configuration
22@EnableWebSecurity
23@RequiredArgsConstructor
24public class SecurityConfiguration {
25
26 private final JwtAuthFilter jwtAuthFilter;
27 private final UserDetailsService userDetailsService;
28
29 @Bean
30 public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
31 http.csrf(AbstractHttpConfigurer::disable)
32 .authorizeHttpRequests(request -> request
33 // TO DO: FIX PERMISSIONS
34 .requestMatchers("/api/job-advertisements/**",
35 "/api/job-advertisements/view/**",
36 "/api/recruiter/**",
37 "/api/job-seeker/**",
38 "/api/recruiter/{id}/info",
39 "/api/recruiter/{id}/edit-info",
40 "/api/job-advertisements/apply/**",
41 "/api/auth/**",
42 "/api/resume/**",
43 "/api/my-applications/**",
44 "/api/applications/{id}/update",
45 "/api/admin/**").permitAll()
46// .requestMatchers("/api/recruiter").hasAnyAuthority(Role.ROLE_RECRUITER.name())
47 .anyRequest().authenticated())
48 .sessionManagement(manager -> manager.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
49 .authenticationProvider(authenticationProvider()).addFilterBefore(
50 jwtAuthFilter, UsernamePasswordAuthenticationFilter.class
51 );
52 return http.build();
53 }
54
55 @Bean
56 public AuthenticationProvider authenticationProvider() {
57 DaoAuthenticationProvider authenticationProvider = new DaoAuthenticationProvider();
58 authenticationProvider.setUserDetailsService(userDetailsService);
59 authenticationProvider.setPasswordEncoder(passwordEncoder());
60 return authenticationProvider;
61 }
62
63 @Bean
64 public PasswordEncoder passwordEncoder() {
65 return new BCryptPasswordEncoder();
66 }
67
68 @Bean
69 public AuthenticationManager authenticationManager(AuthenticationConfiguration config) throws Exception {
70 return config.getAuthenticationManager();
71 }
72}
Note: See TracBrowser for help on using the repository browser.