se añadio jwt en el backend
Some checks failed
Deploy Spring Boot App / build-and-deploy (push) Has been cancelled
Some checks failed
Deploy Spring Boot App / build-and-deploy (push) Has been cancelled
This commit is contained in:
@@ -1,26 +1,26 @@
|
||||
package com.example.fercoganbackend.configuration;
|
||||
|
||||
import com.example.fercoganbackend.service.UsuarioDetailsService;
|
||||
import jakarta.servlet.http.HttpServletResponse;
|
||||
import com.example.fercoganbackend.security.JwtAuthenticationFilter;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.http.HttpMethod;
|
||||
import org.springframework.security.authentication.AuthenticationManager;
|
||||
import org.springframework.security.config.Customizer;
|
||||
import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
|
||||
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
|
||||
import org.springframework.security.config.http.SessionCreationPolicy;
|
||||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||
import org.springframework.security.web.SecurityFilterChain;
|
||||
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
||||
|
||||
@Configuration
|
||||
public class SecurityConfig {
|
||||
|
||||
private final UsuarioDetailsService usuarioDetailsService;
|
||||
private final JwtAuthenticationFilter jwtAuthenticationFilter;
|
||||
|
||||
public SecurityConfig(UsuarioDetailsService usuarioDetailsService) {
|
||||
this.usuarioDetailsService = usuarioDetailsService;
|
||||
public SecurityConfig(JwtAuthenticationFilter jwtAuthenticationFilter) {
|
||||
this.jwtAuthenticationFilter = jwtAuthenticationFilter;
|
||||
}
|
||||
|
||||
@Bean
|
||||
@@ -39,20 +39,21 @@ public class SecurityConfig {
|
||||
http
|
||||
.securityMatcher("/**")
|
||||
.csrf(AbstractHttpConfigurer::disable)
|
||||
.sessionManagement(s -> s.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
|
||||
.httpBasic(AbstractHttpConfigurer::disable)
|
||||
.authorizeHttpRequests(auth -> auth
|
||||
.requestMatchers("/ws/**").permitAll() // WebSocket
|
||||
.requestMatchers(HttpMethod.OPTIONS, "/**").permitAll()
|
||||
.requestMatchers("/ws/**").permitAll()
|
||||
.requestMatchers("/auth/**").permitAll()
|
||||
.requestMatchers(HttpMethod.POST, "/api/usuarios/login").permitAll()
|
||||
.requestMatchers(HttpMethod.POST, "/api/usuarios/registrar").permitAll()
|
||||
.requestMatchers("/api/usuarios/confirmado/**").permitAll()
|
||||
.requestMatchers("/favicon.ico", "/error", "/static/**", "/contador/**", "/api/**").permitAll()
|
||||
.requestMatchers("/admin/**").hasRole("ADMIN")
|
||||
.requestMatchers("/favicon.ico", "/error", "/static/**", "/contador/**").permitAll()
|
||||
.requestMatchers("/admin/**").hasAuthority("ADMIN")
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.httpBasic(Customizer.withDefaults());
|
||||
.addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
|
||||
|
||||
return http.build();
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
|
||||
|
||||
Reference in New Issue
Block a user