2023-08-13 01:14:30 +01:00
|
|
|
package stirling.software.SPDF.config.security;
|
|
|
|
|
|
|
|
|
|
import org.springframework.beans.factory.annotation.Autowired;
|
|
|
|
|
import org.springframework.beans.factory.annotation.Qualifier;
|
|
|
|
|
import org.springframework.context.annotation.Bean;
|
|
|
|
|
import org.springframework.context.annotation.Configuration;
|
2023-08-13 18:19:15 +01:00
|
|
|
import org.springframework.context.annotation.Lazy;
|
2023-08-13 01:14:30 +01:00
|
|
|
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
|
|
|
|
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
|
|
|
|
import org.springframework.security.core.userdetails.UserDetailsService;
|
|
|
|
|
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
|
|
|
|
import org.springframework.security.crypto.password.PasswordEncoder;
|
|
|
|
|
import org.springframework.security.web.SecurityFilterChain;
|
2023-08-27 00:39:22 +01:00
|
|
|
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
|
|
|
|
import org.springframework.security.web.authentication.rememberme.PersistentTokenRepository;
|
2023-08-13 01:14:30 +01:00
|
|
|
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
2023-08-25 23:39:18 +01:00
|
|
|
|
|
|
|
|
import stirling.software.SPDF.repository.JPATokenRepositoryImpl;
|
2023-08-13 01:14:30 +01:00
|
|
|
@Configuration
|
|
|
|
|
public class SecurityConfiguration {
|
|
|
|
|
|
|
|
|
|
@Autowired
|
|
|
|
|
private UserDetailsService userDetailsService;
|
|
|
|
|
|
|
|
|
|
@Bean
|
|
|
|
|
public PasswordEncoder passwordEncoder() {
|
|
|
|
|
return new BCryptPasswordEncoder();
|
|
|
|
|
}
|
2023-08-13 18:19:15 +01:00
|
|
|
@Autowired
|
|
|
|
|
@Lazy
|
|
|
|
|
private UserService userService;
|
|
|
|
|
|
2023-08-13 01:14:30 +01:00
|
|
|
@Autowired
|
|
|
|
|
@Qualifier("loginEnabled")
|
|
|
|
|
public boolean loginEnabledValue;
|
|
|
|
|
|
2023-08-13 18:19:15 +01:00
|
|
|
@Autowired
|
|
|
|
|
private UserAuthenticationFilter userAuthenticationFilter;
|
|
|
|
|
|
2023-08-13 01:14:30 +01:00
|
|
|
@Bean
|
|
|
|
|
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
2023-08-13 18:19:15 +01:00
|
|
|
http.addFilterBefore(userAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
|
|
|
|
|
|
2023-08-13 01:14:30 +01:00
|
|
|
if(loginEnabledValue) {
|
2023-08-13 18:19:15 +01:00
|
|
|
|
2023-08-25 23:39:18 +01:00
|
|
|
http.csrf(csrf -> csrf.disable());
|
2023-08-13 01:14:30 +01:00
|
|
|
http
|
|
|
|
|
.formLogin(formLogin -> formLogin
|
|
|
|
|
.loginPage("/login")
|
|
|
|
|
.defaultSuccessUrl("/")
|
|
|
|
|
.failureHandler(new CustomAuthenticationFailureHandler())
|
|
|
|
|
.permitAll()
|
|
|
|
|
)
|
|
|
|
|
.logout(logout -> logout
|
|
|
|
|
.logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
|
|
|
|
|
.logoutSuccessUrl("/login?logout=true")
|
|
|
|
|
.invalidateHttpSession(true) // Invalidate session
|
2023-08-25 23:39:18 +01:00
|
|
|
.deleteCookies("JSESSIONID", "remember-me")
|
|
|
|
|
).rememberMe(rememberMeConfigurer -> rememberMeConfigurer // Use the configurator directly
|
|
|
|
|
.key("uniqueAndSecret")
|
|
|
|
|
.tokenRepository(persistentTokenRepository())
|
|
|
|
|
.tokenValiditySeconds(1209600) // 2 weeks
|
|
|
|
|
)
|
2023-08-13 01:14:30 +01:00
|
|
|
.authorizeHttpRequests(authz -> authz
|
|
|
|
|
.requestMatchers(req -> req.getRequestURI().startsWith("/login") || req.getRequestURI().endsWith(".svg") || req.getRequestURI().startsWith("/register") || req.getRequestURI().startsWith("/error") || req.getRequestURI().startsWith("/images/") || req.getRequestURI().startsWith("/public/") || req.getRequestURI().startsWith("/css/") || req.getRequestURI().startsWith("/js/"))
|
|
|
|
|
.permitAll()
|
|
|
|
|
.anyRequest().authenticated()
|
|
|
|
|
)
|
|
|
|
|
.userDetailsService(userDetailsService)
|
|
|
|
|
.authenticationProvider(authenticationProvider());
|
|
|
|
|
} else {
|
2023-08-25 23:39:18 +01:00
|
|
|
http.csrf(csrf -> csrf.disable())
|
2023-08-13 01:14:30 +01:00
|
|
|
.authorizeHttpRequests(authz -> authz
|
|
|
|
|
.anyRequest().permitAll()
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
return http.build();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@Bean
|
|
|
|
|
public DaoAuthenticationProvider authenticationProvider() {
|
|
|
|
|
DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider();
|
|
|
|
|
authProvider.setUserDetailsService(userDetailsService);
|
|
|
|
|
authProvider.setPasswordEncoder(passwordEncoder());
|
|
|
|
|
return authProvider;
|
|
|
|
|
}
|
|
|
|
|
|
2023-08-25 23:39:18 +01:00
|
|
|
@Bean
|
|
|
|
|
public PersistentTokenRepository persistentTokenRepository() {
|
|
|
|
|
return new JPATokenRepositoryImpl();
|
|
|
|
|
}
|
2023-08-13 18:19:15 +01:00
|
|
|
|
2023-08-25 23:39:18 +01:00
|
|
|
|
2023-08-13 18:19:15 +01:00
|
|
|
|
2023-08-13 01:14:30 +01:00
|
|
|
}
|
|
|
|
|
|
