johanleroy/ENI-enchere
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Connexion BDD v1

Browse Source
This commit is contained in:
jleroy
2024-04-23 08:12:45 +02:00
parent 2fcafc0ea1
commit b253aa55b0
4 changed files with 46 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
src/main/java/fr/eni/enchere/security/WebSecurityConfig.java Normal file
View File

@@ -0,0 +1,41 @@
package fr.eni.enchere.security;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.crypto.factory.PasswordEncoderFactories;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
@Configuration
@EnableWebSecurity
public class WebSecurityConfig {
@Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
http.authorizeHttpRequests((requests) -> requests.requestMatchers("/", "/films", "/filmotheque", "/film").permitAll()
.requestMatchers("/filmLogout", "/login").permitAll()
.requestMatchers("/css/**", "/images/**").permitAll()
.requestMatchers("/genres").hasRole("ADMIN")
.requestMatchers("/ajoutFilm")
.hasAnyRole("MEMBRE", "ADMIN")
.anyRequest().authenticated())
.formLogin((form) -> form.loginPage("/login").defaultSuccessUrl("/", true))
.logout((logout) -> logout.clearAuthentication(true).invalidateHttpSession(true)
.deleteCookies("JSESSIONID").logoutSuccessUrl("/filmLogout")
.logoutRequestMatcher(new AntPathRequestMatcher("/logout")).permitAll());
return http.build();
}
@Bean
public PasswordEncoder encoder() {
// Production :
return PasswordEncoderFactories.createDelegatingPasswordEncoder();
// Dev/test
//return NoOpPasswordEncoder.getInstance();
}
}