61 lines
2.8 KiB
Java
61 lines
2.8 KiB
Java
package com.example.fercoganbackend.configuration;
|
|
|
|
import com.example.fercoganbackend.security.JwtAuthenticationFilter;
|
|
import org.springframework.context.annotation.Bean;
|
|
import org.springframework.context.annotation.Configuration;
|
|
import org.springframework.http.HttpMethod;
|
|
import org.springframework.security.authentication.AuthenticationManager;
|
|
import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
|
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
|
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
|
|
import org.springframework.security.config.http.SessionCreationPolicy;
|
|
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
|
import org.springframework.security.crypto.password.PasswordEncoder;
|
|
import org.springframework.security.web.SecurityFilterChain;
|
|
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
|
|
|
@Configuration
|
|
public class SecurityConfig {
|
|
|
|
private final JwtAuthenticationFilter jwtAuthenticationFilter;
|
|
|
|
public SecurityConfig(JwtAuthenticationFilter jwtAuthenticationFilter) {
|
|
this.jwtAuthenticationFilter = jwtAuthenticationFilter;
|
|
}
|
|
|
|
@Bean
|
|
public PasswordEncoder passwordEncoder() {
|
|
return new BCryptPasswordEncoder();
|
|
}
|
|
|
|
@Bean
|
|
public AuthenticationManager authenticationManager(AuthenticationConfiguration authConfig) throws Exception {
|
|
return authConfig.getAuthenticationManager();
|
|
}
|
|
|
|
@Bean
|
|
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
|
|
|
http
|
|
.securityMatcher("/**")
|
|
.csrf(AbstractHttpConfigurer::disable)
|
|
.sessionManagement(s -> s.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
|
|
.httpBasic(AbstractHttpConfigurer::disable)
|
|
.authorizeHttpRequests(auth -> auth
|
|
.requestMatchers(HttpMethod.OPTIONS, "/**").permitAll()
|
|
.requestMatchers("/ws/**").permitAll()
|
|
.requestMatchers("/auth/**").permitAll()
|
|
.requestMatchers(HttpMethod.POST, "/api/usuarios/login").permitAll()
|
|
.requestMatchers(HttpMethod.POST, "/api/usuarios/registrar").permitAll()
|
|
.requestMatchers("/api/usuarios/**").permitAll()
|
|
.requestMatchers("/favicon.ico", "/error", "/static/**", "/contador/**").permitAll()
|
|
.requestMatchers("/panel", "/panel/**").permitAll()
|
|
.requestMatchers("/admin/**").hasAuthority("ADMIN")
|
|
.anyRequest().authenticated()
|
|
)
|
|
.addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
|
|
|
|
return http.build();
|
|
}
|
|
}
|