From 1e18e0ad7a47536be92384bbf815e0923a06698d Mon Sep 17 00:00:00 2001
From: realtradam <github@tradam.dev>
Date: Tue, 23 Jul 2024 20:47:31 -0400
Subject: split front and back end, add react to project

---
 .../java/com/blog/web/security/SecurityConfig.java | 38 ----------------------
 1 file changed, 38 deletions(-)
 delete mode 100644 src/main/java/com/blog/web/security/SecurityConfig.java

(limited to 'src/main/java/com/blog/web/security/SecurityConfig.java')

diff --git a/src/main/java/com/blog/web/security/SecurityConfig.java b/src/main/java/com/blog/web/security/SecurityConfig.java
deleted file mode 100644
index 17e09c7..0000000
--- a/src/main/java/com/blog/web/security/SecurityConfig.java
+++ /dev/null
@@ -1,38 +0,0 @@
-package com.blog.web.security;
-
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
-import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
-import org.springframework.security.crypto.password.PasswordEncoder;
-import org.springframework.security.web.SecurityFilterChain;
-
-@Configuration
-@EnableWebSecurity
-@EnableMethodSecurity(securedEnabled = true)
-public class SecurityConfig {
-    private CustomUserDetailsService userDetailsService;
-
-    public SecurityConfig(CustomUserDetailsService userDetailsService) {
-        this.userDetailsService = userDetailsService;
-    }
-
-    @Bean
-    public static PasswordEncoder passwordEncoder() {
-        return new BCryptPasswordEncoder();
-    }
-
-    @Bean
-    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
-        // disabling csrf leaves us vulnerable, in a real production app do not do this
-        http.csrf(c -> c.disable()).cors(c -> c.disable()).authorizeHttpRequests(auths -> auths.anyRequest().permitAll()).formLogin(form -> form.loginPage("/userlogin").usernameParameter("username").passwordParameter("password").defaultSuccessUrl("/articles").loginProcessingUrl("/userlogin").failureUrl("/userlogin?error=true").permitAll()).logout(logout -> logout.logoutUrl("/logout").logoutSuccessUrl("/articles"));
-        return http.build();
-    }
-
-    public void configure(AuthenticationManagerBuilder builder) throws Exception {
-        builder.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());
-    }
-}
-- 
cgit v1.2.3