From b73d2ceceb3c7967bea8f89955d71cb8b0547e3e Mon Sep 17 00:00:00 2001
From: Mirna Gama <mirnabeatrizgamav@gmail.com>
Date: Thu, 11 Jan 2024 14:50:16 -0300
Subject: [PATCH] [R9] Web security configuration class with session stateless
 config for API and bcrypt password encoder

---
 .../config/WebSecurityConfiguration.java      | 34 +++++++++++++++++++
 1 file changed, 34 insertions(+)
 create mode 100644 src/main/java/com/mirna/hospitalmanagementapi/infra/security/config/WebSecurityConfiguration.java

diff --git a/src/main/java/com/mirna/hospitalmanagementapi/infra/security/config/WebSecurityConfiguration.java b/src/main/java/com/mirna/hospitalmanagementapi/infra/security/config/WebSecurityConfiguration.java
new file mode 100644
index 0000000..af22d06
--- /dev/null
+++ b/src/main/java/com/mirna/hospitalmanagementapi/infra/security/config/WebSecurityConfiguration.java
@@ -0,0 +1,34 @@
+package com.mirna.hospitalmanagementapi.infra.security.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.web.SecurityFilterChain;
+
+@Configuration
+@EnableWebSecurity
+public class WebSecurityConfiguration {
+
+	@Bean
+	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+		return http.csrf(csrf -> csrf.disable())
+	            .sessionManagement(sm -> sm.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
+	            .build();
+	}
+	
+	@Bean
+	public AuthenticationManager authenticationManager(AuthenticationConfiguration configuration) throws Exception {
+		return configuration.getAuthenticationManager();
+	}
+	
+	@Bean
+	public PasswordEncoder passwordEncoder() {
+		return new BCryptPasswordEncoder();
+	}
+}