| 1 | package mk.profesori.springapp.Security;
|
|---|
| 2 |
|
|---|
| 3 | import org.springframework.context.annotation.Bean;
|
|---|
| 4 | import org.springframework.context.annotation.Configuration;
|
|---|
| 5 | import org.springframework.security.authentication.AuthenticationManager;
|
|---|
| 6 | import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
|
|---|
| 7 | import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
|---|
| 8 | import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
|---|
| 9 | import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
|---|
| 10 | import org.springframework.security.crypto.password.PasswordEncoder;
|
|---|
| 11 | import org.springframework.security.web.SecurityFilterChain;
|
|---|
| 12 | import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
|
|---|
| 13 | import org.springframework.web.servlet.config.annotation.CorsRegistry;
|
|---|
| 14 | import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
|
|---|
| 15 |
|
|---|
| 16 | import lombok.RequiredArgsConstructor;
|
|---|
| 17 |
|
|---|
| 18 | @Configuration
|
|---|
| 19 | @RequiredArgsConstructor
|
|---|
| 20 | @EnableWebSecurity
|
|---|
| 21 | public class SecurityConfiguration {
|
|---|
| 22 |
|
|---|
| 23 | @Bean
|
|---|
| 24 | public PasswordEncoder passwordEncoder() {
|
|---|
| 25 | return new BCryptPasswordEncoder();
|
|---|
| 26 | }
|
|---|
| 27 |
|
|---|
| 28 | @Bean
|
|---|
| 29 | public AuthenticationManager authenticationManager(AuthenticationConfiguration authenticationConfiguration)
|
|---|
| 30 | throws Exception {
|
|---|
| 31 | return authenticationConfiguration.getAuthenticationManager();
|
|---|
| 32 | }
|
|---|
| 33 |
|
|---|
| 34 | @Bean
|
|---|
| 35 | public WebMvcConfigurer corsConfigurer() {
|
|---|
| 36 | return new WebMvcConfigurer() {
|
|---|
| 37 | @Override
|
|---|
| 38 | public void addCorsMappings(CorsRegistry registry) {
|
|---|
| 39 | registry.addMapping("/**").allowedOrigins("http://192.168.0.29:3000", "http://192.168.0.28:3000")
|
|---|
| 40 | .allowCredentials(true);
|
|---|
| 41 | }
|
|---|
| 42 | };
|
|---|
| 43 | }
|
|---|
| 44 |
|
|---|
| 45 | @Bean
|
|---|
| 46 | public AuthenticationSuccessHandler customAuthenticationSuccessHandler() {
|
|---|
| 47 | return new CustomAuthenticationSuccessHandler();
|
|---|
| 48 | }
|
|---|
| 49 |
|
|---|
| 50 | @Bean
|
|---|
| 51 | protected SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
|---|
| 52 | http
|
|---|
| 53 | .httpBasic() // neenkriptirani credentials osven ako ne e preky https/tls
|
|---|
| 54 | .and()
|
|---|
| 55 | .cors()
|
|---|
| 56 | .and()
|
|---|
| 57 | .csrf().disable() // PRIVREMENO
|
|---|
| 58 | .authorizeRequests()
|
|---|
| 59 | .antMatchers("/secure/**").hasAnyAuthority("REGULAR", "MODERATOR")
|
|---|
| 60 | .antMatchers("/public/**").permitAll()
|
|---|
| 61 | .antMatchers("/registration/**").permitAll()
|
|---|
| 62 | .and()
|
|---|
| 63 | .formLogin().successHandler(customAuthenticationSuccessHandler());
|
|---|
| 64 |
|
|---|
| 65 | return http.build();
|
|---|
| 66 | }
|
|---|
| 67 | }
|
|---|
