From 1db3da5c2630d1ca3a988fd277e987496b32df1d Mon Sep 17 00:00:00 2001 From: Hsbalazs Date: Tue, 2 Jul 2024 19:22:16 +0200 Subject: [PATCH] fix: security permition to all endpoints --- .../backend/config/ApplicationConfig.java | 1 + .../backend/config/SecurityConfig.java | 27 ++++++++++++ .../backend/services/UserServiceImpl.java | 42 +++++++++---------- 3 files changed, 49 insertions(+), 21 deletions(-) create mode 100644 backend/src/main/java/com/greenfoxacademy/backend/config/SecurityConfig.java diff --git a/backend/src/main/java/com/greenfoxacademy/backend/config/ApplicationConfig.java b/backend/src/main/java/com/greenfoxacademy/backend/config/ApplicationConfig.java index 438811df..7d0edae2 100644 --- a/backend/src/main/java/com/greenfoxacademy/backend/config/ApplicationConfig.java +++ b/backend/src/main/java/com/greenfoxacademy/backend/config/ApplicationConfig.java @@ -5,6 +5,7 @@ import org.springframework.context.annotation.Configuration; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; + /** * Configuration class for setting up application-wide beans. */ diff --git a/backend/src/main/java/com/greenfoxacademy/backend/config/SecurityConfig.java b/backend/src/main/java/com/greenfoxacademy/backend/config/SecurityConfig.java new file mode 100644 index 00000000..991ff043 --- /dev/null +++ b/backend/src/main/java/com/greenfoxacademy/backend/config/SecurityConfig.java @@ -0,0 +1,27 @@ +package com.greenfoxacademy.backend.config; + +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.web.SecurityFilterChain; + +import static org.springframework.security.config.Customizer.withDefaults; + +@Configuration +@EnableWebSecurity(debug = true) +public class SecurityConfig { + + @Bean + public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { + // @formatter:off + http + .authorizeHttpRequests((authorize) -> authorize + .anyRequest().permitAll() + ) + .httpBasic(withDefaults()) + .formLogin(withDefaults()); + // @formatter:on + return http.build(); + } +} \ No newline at end of file diff --git a/backend/src/main/java/com/greenfoxacademy/backend/services/UserServiceImpl.java b/backend/src/main/java/com/greenfoxacademy/backend/services/UserServiceImpl.java index 4fbb6214..828a0be6 100644 --- a/backend/src/main/java/com/greenfoxacademy/backend/services/UserServiceImpl.java +++ b/backend/src/main/java/com/greenfoxacademy/backend/services/UserServiceImpl.java @@ -14,27 +14,27 @@ @Service @RequiredArgsConstructor public class UserServiceImpl implements UserService { - private final PasswordEncoder passwordEncoder; - - private final UserRepository userRepository; - private ModelMapper modelMapper; - - @Override - public void register(RegisterUserDto userDto) { - User user = this.mapToEntity(userDto); - user.setPassword(passwordEncoder.encode(userDto.getPassword())); - userRepository.save(user); - } - - private RegisterUserDto mapToDto(User user) { - RegisterUserDto registerUserDto = modelMapper.map(user, RegisterUserDto.class); - return registerUserDto; - } - - private User mapToEntity(RegisterUserDto userDto) { - User user = modelMapper.map(userDto, User.class); - return user; - } + private final PasswordEncoder passwordEncoder; + + private final UserRepository userRepository; + private ModelMapper modelMapper; + + @Override + public void register(RegisterUserDto userDto) { + User user = this.mapToEntity(userDto); + user.setPassword(passwordEncoder.encode(userDto.getPassword())); + userRepository.save(user); + } + + private RegisterUserDto mapToDto(User user) { + RegisterUserDto registerUserDto = modelMapper.map(user, RegisterUserDto.class); + return registerUserDto; + } + + private User mapToEntity(RegisterUserDto userDto) { + User user = modelMapper.map(userDto, User.class); + return user; + } }