backend

2020-01-30 18:10:16 +09:00
parent 59348aeb9b
commit 11c94ae8d6
4 changed files with 104 additions and 0 deletions
--- a/src/main/java/com/example/vue/config/SecurityConfiguration.java
+++ b/src/main/java/com/example/vue/config/SecurityConfiguration.java
@@ -0,0 +1,52 @@
+package com.example.vue.config;
+
+import com.example.vue.security.UserDetailsAuthenticationProvider;
+import com.example.vue.service.UserDetailsServiceImpl;
+import lombok.RequiredArgsConstructor;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationProvider;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.web.servlet.config.annotation.EnableWebMvc;
+
+@Configuration
+@EnableWebMvc
+@EnableWebSecurity
+@RequiredArgsConstructor
+public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
+
+    private final UserDetailsServiceImpl userDetailService;
+
+    @Override
+    protected void configure(AuthenticationManagerBuilder auth) {
+        auth.authenticationProvider(authenticationProvider());
+    }
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+
+        http.cors().disable()
+            .authorizeRequests()
+            .antMatchers("/auth/login").permitAll()
+            .antMatchers("/auth/register").permitAll()
+            .and()
+            .formLogin().disable()
+            .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
+
+    }
+
+    @Bean
+    public BCryptPasswordEncoder bCryptPasswordEncoder() {
+        return new BCryptPasswordEncoder();
+    }
+
+    @Bean
+    public AuthenticationProvider authenticationProvider() {
+        return new UserDetailsAuthenticationProvider(userDetailService, bCryptPasswordEncoder());
+    }
+}