johanleroy/ENI-enchere
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

securityConfig

Browse Source
This commit is contained in:
Parpaillax
2024-04-23 15:22:45 +02:00
parent e622b4ed69
commit 74ac33bf5f
1 changed files with 7 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
src/main/java/fr/eni/enchere/security/WebSecurityConfig.java
View File

@@ -4,9 +4,6 @@ import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.factory.PasswordEncoderFactories;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
@@ -16,27 +13,19 @@ public class WebSecurityConfig{
@Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
http.authorizeHttpRequests((requests) -> requests.requestMatchers("/", "/accueil").permitAll()
.requestMatchers("/login").permitAll()
http.authorizeHttpRequests((requests) -> requests
.requestMatchers("/", "/accueil").permitAll()
.requestMatchers("/accueil", "/login", "/inscription/**", "/searchArticle", "/profile/**").permitAll()
.requestMatchers("/css/**", "/images/**", "/assets/**", "/img/**", "/js/**").permitAll()
.requestMatchers("/newArticle").authenticated()
.requestMatchers("/admin").hasRole("ADMIN")
.anyRequest().authenticated())
.formLogin((form) -> form.loginPage("/login").defaultSuccessUrl("/", true))
.logout((logout) -> logout.clearAuthentication(true).invalidateHttpSession(true).deleteCookies("JSESSIONID").logoutSuccessUrl("/filmLogout")
.logout((logout) -> logout.clearAuthentication(true).invalidateHttpSession(true)
.deleteCookies("JSESSIONID").logoutSuccessUrl("/logout")
.logoutRequestMatcher(new AntPathRequestMatcher("/logout")).permitAll());
return http.build();
}
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
// @Bean
// public PasswordEncoder passwordEncoder() {
// return PasswordEncoderFactories.createDelegatingPasswordEncoder();
// }
}