Skip to content
Permalink
Branch: master
Find file Copy path
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
87 lines (76 sloc) 3.25 KB
package com.example.demo.config
import com.example.demo.security.CustomUserDetailsService
import com.example.demo.security.JwtAuthenticationEntryPoint
import com.example.demo.security.JwtAuthenticationFilter
import org.springframework.beans.factory.annotation.Autowired
import org.springframework.context.annotation.Bean
import org.springframework.context.annotation.Configuration
import org.springframework.security.authentication.AuthenticationManager
import org.springframework.security.config.BeanIds
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity
import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
import org.springframework.http.HttpMethod
import org.springframework.security.config.http.SessionCreationPolicy
import org.springframework.security.crypto.password.PasswordEncoder
inline class NoPasswordEncoder(val password: String) : PasswordEncoder {
override fun encode(charSequence: CharSequence): String {
return charSequence.toString()
}
override fun matches(charSequence: CharSequence, s: String): Boolean {
return charSequence.toString() == s
}
}
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(
securedEnabled = true,
jsr250Enabled = true,
prePostEnabled = true
)
class SecurityConfig : WebSecurityConfigurerAdapter() {
@Autowired
lateinit var customUserDetailsService: CustomUserDetailsService
@Autowired
lateinit var unauthorizedHandler: JwtAuthenticationEntryPoint
@Bean
fun jwtAuthenticationFilter(): JwtAuthenticationFilter {
return JwtAuthenticationFilter()
}
override fun configure(auth: AuthenticationManagerBuilder) {
auth.userDetailsService(customUserDetailsService).passwordEncoder(passwordEncoder())
}
@Bean(BeanIds.AUTHENTICATION_MANAGER)
override fun authenticationManagerBean(): AuthenticationManager {
return super.authenticationManagerBean()
}
@Bean
fun passwordEncoder(): PasswordEncoder {
return NoPasswordEncoder("")
}
override fun configure(http: HttpSecurity) {
http
.cors()
.and()
.csrf()
.disable()
.exceptionHandling()
.authenticationEntryPoint(unauthorizedHandler)
.and()
.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.authorizeRequests()
.antMatchers("/")
.permitAll()
.antMatchers(HttpMethod.POST,"/api/user**")
.permitAll()
.anyRequest()
.authenticated()
// Add our custom JWT security filter
http.addFilterBefore(jwtAuthenticationFilter(), UsernamePasswordAuthenticationFilter::class.java)
}
}
You can’t perform that action at this time.