Untitled

mail@pastecode.io avatar
unknown
plain_text
a year ago
5.7 kB
4
Indexable
Never
package com.shahil.security;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.security.servlet.UserDetailsServiceAutoConfiguration;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.User.UserBuilder;
import org.springframework.security.core.userdetails.UserDetails;
//import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
import org.springframework.security.web.SecurityFilterChain;

import com.shahil.entity.Users;

@Configuration
@EnableWebSecurity
//@EnableMethodSecurity(prePostEnabled = true)
public class securityConfig 
{
	@Autowired
	private UserDetailsService userDetailsService;

	
	@Bean
	public AuthenticationProvider ac() {
		
		DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider();
		daoAuthenticationProvider.setUserDetailsService(userDetailsService);
		daoAuthenticationProvider.setPasswordEncoder(encoder());
		
		return daoAuthenticationProvider;
		
	}
	@Bean 
	public InMemoryUserDetailsManager detailsManager(BCryptPasswordEncoder encode) {
		UserDetails admin = User.withUsername("khan").password(encode.encode("7997699")).roles("ADMIN").build();
		return new InMemoryUserDetailsManager(admin)
;	}
	
	@Bean
	public BCryptPasswordEncoder encoder() {
		return new BCryptPasswordEncoder();
	}
	@Bean
	public SecurityFilterChain sc(HttpSecurity http) throws Exception {
		
		http
                .csrf().disable()
                .authorizeHttpRequests()
                .requestMatchers("/newpost","/edit/**","/updatePost/**","/delete/**")
                .hasRole("AUTHOR")
                .requestMatchers("/","/post/**","/sign","/register").permitAll()
                .anyRequest()
                .authenticated()
                .and()
                .formLogin()
                .loginPage("/login")
                .usernameParameter("name")
                .loginProcessingUrl("/performlogin")
                .defaultSuccessUrl("/")
                .permitAll();

        return http.build();

		
	}
}





package com.shahil.security;

import java.util.Arrays;
import java.util.Collection;
import java.util.HashSet;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.stereotype.Service;

import com.shahil.entity.Users;


public class UserInfoUserDetails implements UserDetails{




	public UserInfoUserDetails() {
		
	}

	@Autowired
	private Users user;



	public UserInfoUserDetails(Users user) {
		this.user=user;


	}

	@Override
	public Collection<? extends GrantedAuthority> getAuthorities() {
		HashSet<SimpleGrantedAuthority> hashSet = new HashSet<>();
		hashSet.add(new SimpleGrantedAuthority(user.getRole()));


		return hashSet;
	}

	@Override
	public String getPassword() {
		// TODO Auto-generated method stub
		return user.getPassword();
	}

	@Override
	public String getUsername() {
		// TODO Auto-generated method stub
		
		return user.getName();
	}

	@Override
	public boolean isAccountNonExpired() {
		// TODO Auto-generated method stub
		return true;
	}

	@Override
	public boolean isAccountNonLocked() {
		// TODO Auto-generated method stub
		return true;
	}

	@Override
	public boolean isCredentialsNonExpired() {
		// TODO Auto-generated method stub
		return true;
	}

	@Override
	public boolean isEnabled() {
		// TODO Auto-generated method stub
		return true;
	}

}



package com.shahil.security;

import java.util.Optional;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.security.servlet.UserDetailsServiceAutoConfiguration;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;

import com.shahil.entity.Users;
import com.shahil.repositary.UserRepositary;

@Service
public class UserInfoUserDetailsService implements UserDetailsService
{

	@Autowired
	private UserRepositary repo;
	@Override
	public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
		System.out.println(username);
		Users findByName = repo.findByName(username);
		
		
		if(findByName==null) {
			
			throw new UsernameNotFoundException("no user");
		}

		return new UserInfoUserDetails(findByName);
	}

	//	@Override
	//	public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
	//		
	//		return Users.map(UserInfoUserDetails::new);
	//	}

}