исправил конфигурацию сервиса безопасности

7 months ago · 928e7a1e30
parent 82dfb189dd
commit 928e7a1e30
1 changed files with 12 additions and 4 deletions
--- a/src/main/java/com/gipro/giprolab/config/SecurityConfiguration.java
+++ b/src/main/java/com/gipro/giprolab/config/SecurityConfiguration.java
@ -16,6 +16,7 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
 import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.authentication.AuthenticationSuccessHandler;

@Configuration
@EnableWebSecurity
@ -24,11 +25,16 @@ public class SecurityConfiguration {
    private final Logger log = LoggerFactory.getLogger(SecurityConfiguration.class);
    private final UserService userService;
    private final BCryptPasswordEncoder bCryptPasswordEncoder;
+    private final AuthenticationSuccessHandler authenticationSuccessHandler;
+    //private final LogoutSuccessHandler logoutSuccessHandler;
+

    public SecurityConfiguration(UserService userService,
-                                 BCryptPasswordEncoder bCryptPasswordEncoder) {
+                                 BCryptPasswordEncoder bCryptPasswordEncoder,
+                                 AuthenticationSuccessHandler authenticationSuccessHandler) {
        this.userService = userService;
        this.bCryptPasswordEncoder = bCryptPasswordEncoder;
+        this.authenticationSuccessHandler = authenticationSuccessHandler;
    }

    @Bean
@ -39,6 +45,7 @@ public class SecurityConfiguration {
                        //.requestMatchers(UserController.ACTIVATE_URL).permitAll()
                        .requestMatchers(Constants.PASSWORD_RESET_REQUEST_PAGE).permitAll()
                        .requestMatchers(Constants.PASSWORD_RESET_PAGE).permitAll()
+                        .requestMatchers(Constants.CONTACTS_PAGE).permitAll()
                        //.requestMatchers(UserController.URL + UserController.REGISTER_URL).permitAll()
                        //.requestMatchers(UserController.URL + UserController.ACTIVATE_URL).permitAll()
                        //.requestMatchers(UserController.URL + UserController.PASSWORD_RESET_REQUEST_URL).permitAll()
@ -46,8 +53,9 @@ public class SecurityConfiguration {
                        .requestMatchers("/swagger-ui.html").hasAuthority(UserRoleConstants.ADMIN)
                        .anyRequest().authenticated())
                .formLogin(fl -> fl
-                        .loginPage("/login")
-                        //.successHandler(authenticationSuccessHandler)
+                        .loginPage("/logform")
+                        .successHandler(authenticationSuccessHandler)
+                        .defaultSuccessUrl("/", true)
                        .permitAll())
                .csrf(AbstractHttpConfigurer::disable)
                .logout(l -> l
@ -62,7 +70,7 @@ public class SecurityConfiguration {

    @Bean
    public WebSecurityCustomizer webSecurityCustomizer() {
-        return (web) -> web.ignoring().requestMatchers("/css/**", "/js/**", "/templates/**", "/webjars/**");
+        return (web) -> web.ignoring().requestMatchers("/assets.js/**", "/bootstrap_theme/**", "/bootstrap/**", "/css/**", "/js/**", "/templates/**", "/webjars/**");
    }

    @Autowired