johanleroy/ENI-enchere
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

securityConfig

Browse Source
This commit is contained in:
Parpaillax
2024-04-23 15:22:45 +02:00
parent e622b4ed69
commit 74ac33bf5f
1 changed files with 7 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
src/main/java/fr/eni/enchere/security/WebSecurityConfig.java
View File

@@ -4,39 +4,28 @@ import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.factory.PasswordEncoderFactories;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher; import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
@Configuration @Configuration
@EnableWebSecurity @EnableWebSecurity
public class WebSecurityConfig{ public class WebSecurityConfig {
@Bean @Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
http.authorizeHttpRequests((requests) -> requests.requestMatchers("/", "/accueil").permitAll() http.authorizeHttpRequests((requests) -> requests
.requestMatchers("/login").permitAll() .requestMatchers("/", "/accueil").permitAll()
.requestMatchers("/accueil", "/login", "/inscription/**", "/searchArticle", "/profile/**").permitAll()
.requestMatchers("/css/**", "/images/**", "/assets/**", "/img/**", "/js/**").permitAll() .requestMatchers("/css/**", "/images/**", "/assets/**", "/img/**", "/js/**").permitAll()
.requestMatchers("/newArticle").authenticated()
.requestMatchers("/admin").hasRole("ADMIN") .requestMatchers("/admin").hasRole("ADMIN")
.anyRequest().authenticated()) .anyRequest().authenticated())
.formLogin((form) -> form.loginPage("/login").defaultSuccessUrl("/", true)) .formLogin((form) -> form.loginPage("/login").defaultSuccessUrl("/", true))
.logout((logout) -> logout.clearAuthentication(true).invalidateHttpSession(true).deleteCookies("JSESSIONID").logoutSuccessUrl("/filmLogout") .logout((logout) -> logout.clearAuthentication(true).invalidateHttpSession(true)
.deleteCookies("JSESSIONID").logoutSuccessUrl("/logout")
.logoutRequestMatcher(new AntPathRequestMatcher("/logout")).permitAll()); .logoutRequestMatcher(new AntPathRequestMatcher("/logout")).permitAll());
return http.build(); return http.build();
} }
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
// @Bean
// public PasswordEncoder passwordEncoder() {
// return PasswordEncoderFactories.createDelegatingPasswordEncoder();
// }
} }