From 2e8984fd3160a821fff389fa36dd268628ec270c Mon Sep 17 00:00:00 2001 From: Ajay Negi Date: Sun, 29 Sep 2024 16:11:58 +0530 Subject: [PATCH] Update --- pom.xml | 11 +++++++ .../security/LoginController.java | 16 +++++++++ .../security/PasswordEncoder.java | 14 ++++++++ .../security/WebConfiguration.java | 33 +++++++++++++++++++ 4 files changed, 74 insertions(+) create mode 100644 src/main/java/com/libraryman_api/security/PasswordEncoder.java create mode 100644 src/main/java/com/libraryman_api/security/WebConfiguration.java diff --git a/pom.xml b/pom.xml index 95e4f3f..eb72bdc 100644 --- a/pom.xml +++ b/pom.xml @@ -70,6 +70,17 @@ org.springframework.boot spring-boot-starter-mail + + + org.springframework.boot + spring-boot-starter-security + + + org.springframework.security + spring-security-test + test + + diff --git a/src/main/java/com/libraryman_api/security/LoginController.java b/src/main/java/com/libraryman_api/security/LoginController.java index 8027e9c..27349de 100644 --- a/src/main/java/com/libraryman_api/security/LoginController.java +++ b/src/main/java/com/libraryman_api/security/LoginController.java @@ -1,4 +1,20 @@ package com.libraryman_api.security; +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.RestController; + +import java.security.Principal; + +@RestController public class LoginController { + + @GetMapping("/api/ajay") + public String login(Principal principal) { + System.out.println("\n\n\n\n\n\n\n\n\n\n\n\n\n\n"); + System.out.println("Principal Name: " + principal.getName()); + System.out.println("Principal: " + principal); + + return "Hello World"; + } + } diff --git a/src/main/java/com/libraryman_api/security/PasswordEncoder.java b/src/main/java/com/libraryman_api/security/PasswordEncoder.java new file mode 100644 index 0000000..31a6fa5 --- /dev/null +++ b/src/main/java/com/libraryman_api/security/PasswordEncoder.java @@ -0,0 +1,14 @@ +package com.libraryman_api.security; + +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; + +@Configuration +public class PasswordEncoder { + + @Bean + public BCryptPasswordEncoder bCryptPasswordEncoder() { + return new BCryptPasswordEncoder(); + } +} \ No newline at end of file diff --git a/src/main/java/com/libraryman_api/security/WebConfiguration.java b/src/main/java/com/libraryman_api/security/WebConfiguration.java new file mode 100644 index 0000000..a0b6518 --- /dev/null +++ b/src/main/java/com/libraryman_api/security/WebConfiguration.java @@ -0,0 +1,33 @@ +package com.libraryman_api.security; + +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.http.HttpMethod; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; +import org.springframework.security.web.SecurityFilterChain; + +import static com.libraryman_api.member.Role.ADMIN; +import static org.springframework.security.config.Customizer.withDefaults; +import static org.springframework.security.config.http.SessionCreationPolicy.STATELESS; + +@Configuration +@EnableWebSecurity(debug = true) // Do not use (debug=true) in a production system! as this contain sensitive information. +public class WebConfiguration { + + @Bean + public SecurityFilterChain web(HttpSecurity http) throws Exception { + http + .csrf(AbstractHttpConfigurer::disable) + .authorizeHttpRequests((request) -> request + // make sure it is in order to access the proper Url + + .requestMatchers("/signup").permitAll() + .requestMatchers("/login").permitAll() + ) +// .sessionManagement(session -> session.sessionCreationPolicy(STATELESS)) + .formLogin(withDefaults()); + return http.build(); + } +}