gitea/hospital-management-api
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[R9] Add filter in security filter chain

Browse Source
This commit is contained in:
Mirna Gama 2024-01-11 21:25:35 -03:00 committed by Mirna Gama
parent 373e82cebf
commit 93dadf2913
1 changed files with 14 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/main/java/com/mirna/hospitalmanagementapi/infra/security/config/WebSecurityConfiguration.java
View File

@ -1,7 +1,9 @@
package com.mirna.hospitalmanagementapi.infra.security.config; package com.mirna.hospitalmanagementapi.infra.security.config;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration; import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@ -10,15 +12,26 @@ import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import com.mirna.hospitalmanagementapi.infra.security.filters.AuthTokenFilter;
@Configuration @Configuration
@EnableWebSecurity @EnableWebSecurity
public class WebSecurityConfiguration { public class WebSecurityConfiguration {
@Autowired
private AuthTokenFilter authTokenFilter;
@Bean @Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
return http.csrf(csrf -> csrf.disable()) return http.csrf(csrf -> csrf.disable())
.sessionManagement(sm -> sm.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) .sessionManagement(sm -> sm.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
.authorizeHttpRequests(req -> {
req.requestMatchers(HttpMethod.POST, "/api/auth").permitAll();
req.anyRequest().authenticated();
})
.addFilterBefore(authTokenFilter, UsernamePasswordAuthenticationFilter.class)
.build(); .build();
} }