From 8be2d2f0163caa28dc46a521d2241788a143fb84 Mon Sep 17 00:00:00 2001 From: jleroy2023 Date: Wed, 16 Jul 2025 11:50:32 +0200 Subject: [PATCH 1/2] permission login --- .../fr/eni/demo/security/SecurityConfig.java | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/src/main/java/fr/eni/demo/security/SecurityConfig.java b/src/main/java/fr/eni/demo/security/SecurityConfig.java index c0b3ec8..f9eefe1 100644 --- a/src/main/java/fr/eni/demo/security/SecurityConfig.java +++ b/src/main/java/fr/eni/demo/security/SecurityConfig.java @@ -4,10 +4,10 @@ import fr.eni.demo.bll.JwtService; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.authentication.AuthenticationManager; -import org.springframework.security.config.Customizer; import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.core.userdetails.User; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetailsService; @@ -15,6 +15,7 @@ import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.provisioning.InMemoryUserDetailsManager; import org.springframework.security.web.SecurityFilterChain; +import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; @Configuration @EnableWebSecurity @@ -27,14 +28,17 @@ public class SecurityConfig { } @Bean - public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { + public SecurityFilterChain filterChain(HttpSecurity http, UserDetailsService userDetailsService) throws Exception { + + JwtAuthFilter jwtFilter = new JwtAuthFilter(jwtService, userDetailsService); + http .authorizeHttpRequests(auth -> auth - .requestMatchers("/api/auth").permitAll() - .requestMatchers("/api/**").hasAnyRole("USER") - .anyRequest().denyAll() + .requestMatchers("/auth/**").permitAll() + .anyRequest().authenticated() ) - .formLogin(Customizer.withDefaults()); + .sessionManagement(sess -> sess.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) + .addFilterBefore(jwtFilter, UsernamePasswordAuthenticationFilter.class); return http.build(); } From 1cdd1e9d0528f5d23ba587faa4c521dcce079f3d Mon Sep 17 00:00:00 2001 From: jleroy2023 Date: Wed, 16 Jul 2025 11:50:41 +0200 Subject: [PATCH 2/2] permission login --- src/main/java/fr/eni/demo/controller/ClientController.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/fr/eni/demo/controller/ClientController.java b/src/main/java/fr/eni/demo/controller/ClientController.java index a114a5a..03074ab 100644 --- a/src/main/java/fr/eni/demo/controller/ClientController.java +++ b/src/main/java/fr/eni/demo/controller/ClientController.java @@ -78,7 +78,7 @@ public class ClientController { return ResponseEntity.ok(response); } - @DeleteMapping("/{id]") + @DeleteMapping("/{id}") public ResponseEntity> delete(@PathVariable Long id) { clientService.delete(id); Map response = new HashMap<>();