summaryrefslogtreecommitdiffhomepage
path: root/src/main/java/com/blog/web/security/SecurityConfig.java
diff options
context:
space:
mode:
authorrealtradam <[email protected]>2024-07-23 20:47:31 -0400
committerrealtradam <[email protected]>2024-07-23 20:47:31 -0400
commit1e18e0ad7a47536be92384bbf815e0923a06698d (patch)
treeb07405ecdef4f05a96b6c4348930cbee976554cb /src/main/java/com/blog/web/security/SecurityConfig.java
parent56c59e3b98fe554c4e1484e208e4be5c30f09a04 (diff)
downloadspring-blog-1e18e0ad7a47536be92384bbf815e0923a06698d.tar.gz
spring-blog-1e18e0ad7a47536be92384bbf815e0923a06698d.zip
split front and back end, add react to project
Diffstat (limited to 'src/main/java/com/blog/web/security/SecurityConfig.java')
-rw-r--r--src/main/java/com/blog/web/security/SecurityConfig.java38
1 files changed, 0 insertions, 38 deletions
diff --git a/src/main/java/com/blog/web/security/SecurityConfig.java b/src/main/java/com/blog/web/security/SecurityConfig.java
deleted file mode 100644
index 17e09c7..0000000
--- a/src/main/java/com/blog/web/security/SecurityConfig.java
+++ /dev/null
@@ -1,38 +0,0 @@
-package com.blog.web.security;
-
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
-import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
-import org.springframework.security.crypto.password.PasswordEncoder;
-import org.springframework.security.web.SecurityFilterChain;
-
-@Configuration
-@EnableWebSecurity
-@EnableMethodSecurity(securedEnabled = true)
-public class SecurityConfig {
- private CustomUserDetailsService userDetailsService;
-
- public SecurityConfig(CustomUserDetailsService userDetailsService) {
- this.userDetailsService = userDetailsService;
- }
-
- @Bean
- public static PasswordEncoder passwordEncoder() {
- return new BCryptPasswordEncoder();
- }
-
- @Bean
- public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
- // disabling csrf leaves us vulnerable, in a real production app do not do this
- http.csrf(c -> c.disable()).cors(c -> c.disable()).authorizeHttpRequests(auths -> auths.anyRequest().permitAll()).formLogin(form -> form.loginPage("/userlogin").usernameParameter("username").passwordParameter("password").defaultSuccessUrl("/articles").loginProcessingUrl("/userlogin").failureUrl("/userlogin?error=true").permitAll()).logout(logout -> logout.logoutUrl("/logout").logoutSuccessUrl("/articles"));
- return http.build();
- }
-
- public void configure(AuthenticationManagerBuilder builder) throws Exception {
- builder.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());
- }
-}
generated by cgit v1.2.3 (git 2.39.1) at 2026-04-15 17:07:18 +0000