Add files via upload

2023-08-13 01:14:30 +01:00
parent d75e84bdff
commit cd2728105e
4 changed files with 223 additions and 0 deletions
--- a/src/main/java/stirling/software/SPDF/config/security/SecurityConfiguration.java
+++ b/src/main/java/stirling/software/SPDF/config/security/SecurityConfiguration.java
@@ -0,0 +1,78 @@
+package stirling.software.SPDF.config.security;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
+
+@Configuration
+public class SecurityConfiguration {
+
+    @Autowired
+    private UserDetailsService userDetailsService;
+
+    @Bean
+    public PasswordEncoder passwordEncoder() {
+        return new BCryptPasswordEncoder();
+    }
+
+    @Autowired
+    @Qualifier("loginEnabled")
+    public boolean loginEnabledValue;
+    
+    @Bean
+    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception  {
+    	if(loginEnabledValue) {
+	    	http.csrf().disable();
+	        http
+	            .formLogin(formLogin -> formLogin
+	                .loginPage("/login")
+	                .defaultSuccessUrl("/")
+	                .failureHandler(new CustomAuthenticationFailureHandler())
+	                .permitAll()
+	            )
+	            .logout(logout -> logout
+	            		.logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
+	                    .logoutSuccessUrl("/login?logout=true")
+	                    .invalidateHttpSession(true)        // Invalidate session
+	                    .deleteCookies("JSESSIONID") 
+	            )
+	            .authorizeHttpRequests(authz -> authz
+	                    .requestMatchers(req -> req.getRequestURI().startsWith("/login") || req.getRequestURI().endsWith(".svg") || req.getRequestURI().startsWith("/register") || req.getRequestURI().startsWith("/error") || req.getRequestURI().startsWith("/images/") ||  req.getRequestURI().startsWith("/public/") || req.getRequestURI().startsWith("/css/") || req.getRequestURI().startsWith("/js/"))
+	                    .permitAll()
+	                    .anyRequest().authenticated()
+	                )
+	            .userDetailsService(userDetailsService)
+	            .authenticationProvider(authenticationProvider());
+    	} else {
+    		 http
+             .csrf().disable()
+             .authorizeHttpRequests(authz -> authz
+                 .anyRequest().permitAll()
+             );
+    	}
+        return http.build();
+    }
+
+
+    
+    @Bean
+    public DaoAuthenticationProvider authenticationProvider() {
+        DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider();
+        authProvider.setUserDetailsService(userDetailsService);
+        authProvider.setPasswordEncoder(passwordEncoder());
+        return authProvider;
+    }
+    
+}
+