|
|
@ -1,23 +1,24 @@ |
|
|
|
package com.cristobalbernal.foro.seguridad; |
|
|
|
|
|
|
|
import com.cristobalbernal.foro.seguridad.models.CustomUserDetailService; |
|
|
|
import com.cristobalbernal.foro.seguridad.models.UserDetailsImpl; |
|
|
|
import com.cristobalbernal.foro.seguridad.models.UserDetailsServiceImpl; |
|
|
|
import org.springframework.context.annotation.Bean; |
|
|
|
import org.springframework.context.annotation.Configuration; |
|
|
|
import org.springframework.security.authentication.dao.DaoAuthenticationProvider; |
|
|
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity; |
|
|
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; |
|
|
|
import org.springframework.security.config.annotation.web.configurers.LogoutConfigurer; |
|
|
|
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; |
|
|
|
import org.springframework.security.crypto.password.PasswordEncoder; |
|
|
|
import org.springframework.security.web.SecurityFilterChain; |
|
|
|
|
|
|
|
|
|
|
|
@Configuration |
|
|
|
|
|
|
|
@EnableWebSecurity |
|
|
|
public class SegurityConfig { |
|
|
|
@Bean |
|
|
|
public CustomUserDetailService userDetailsService(){ |
|
|
|
return new CustomUserDetailService(); |
|
|
|
public UserDetailsServiceImpl userDetailsService(){ |
|
|
|
return new UserDetailsServiceImpl(); |
|
|
|
} |
|
|
|
@Bean |
|
|
|
public PasswordEncoder passwordEncoder() { |
|
|
@ -39,21 +40,20 @@ public class SegurityConfig { |
|
|
|
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { |
|
|
|
http |
|
|
|
.authorizeHttpRequests() |
|
|
|
.requestMatchers("/crearPregunta","/miperfil").authenticated() |
|
|
|
.anyRequest().permitAll() |
|
|
|
.requestMatchers("/crearPregunta","/miperfil").authenticated() |
|
|
|
.anyRequest().permitAll() |
|
|
|
.and() |
|
|
|
.formLogin() |
|
|
|
.usernameParameter("email") |
|
|
|
.loginPage("/login") |
|
|
|
.defaultSuccessUrl("/home") |
|
|
|
.permitAll() |
|
|
|
.usernameParameter("email") |
|
|
|
.loginPage("/login") |
|
|
|
.defaultSuccessUrl("/") //TODO: |
|
|
|
.permitAll() |
|
|
|
.and() |
|
|
|
.logout(LogoutConfigurer::permitAll); |
|
|
|
.logout().logoutSuccessUrl("/").permitAll(); |
|
|
|
|
|
|
|
return http.build(); |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
} |