|
|
|
@ -13,8 +13,10 @@ import org.springframework.security.config.annotation.web.builders.WebSecurity;
|
|
|
|
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
|
|
|
|
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
|
|
|
|
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
|
|
|
|
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
|
|
|
|
|
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
|
|
|
|
|
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
|
|
|
|
|
import ru.ulstu.core.model.AuthFailureHandler;
|
|
|
|
|
import ru.ulstu.user.controller.UserController;
|
|
|
|
|
import ru.ulstu.user.model.UserRoleConstants;
|
|
|
|
|
import ru.ulstu.user.service.UserService;
|
|
|
|
@ -35,17 +37,20 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
|
|
|
|
|
private final AuthenticationSuccessHandler authenticationSuccessHandler;
|
|
|
|
|
private final LogoutSuccessHandler logoutSuccessHandler;
|
|
|
|
|
private final ApplicationProperties applicationProperties;
|
|
|
|
|
private final AuthenticationFailureHandler authenticationFailureHandler;
|
|
|
|
|
|
|
|
|
|
public SecurityConfiguration(UserService userService,
|
|
|
|
|
BCryptPasswordEncoder bCryptPasswordEncoder,
|
|
|
|
|
AuthenticationSuccessHandler authenticationSuccessHandler,
|
|
|
|
|
LogoutSuccessHandler logoutSuccessHandler,
|
|
|
|
|
ApplicationProperties applicationProperties) {
|
|
|
|
|
ApplicationProperties applicationProperties,
|
|
|
|
|
AuthFailureHandler authenticationFailureHandler) {
|
|
|
|
|
this.userService = userService;
|
|
|
|
|
this.bCryptPasswordEncoder = bCryptPasswordEncoder;
|
|
|
|
|
this.authenticationSuccessHandler = authenticationSuccessHandler;
|
|
|
|
|
this.logoutSuccessHandler = logoutSuccessHandler;
|
|
|
|
|
this.applicationProperties = applicationProperties;
|
|
|
|
|
this.authenticationFailureHandler = authenticationFailureHandler;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Override
|
|
|
|
@ -66,6 +71,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
|
|
|
|
|
.antMatchers(UserController.ACTIVATE_URL).permitAll()
|
|
|
|
|
.antMatchers(Constants.PASSWORD_RESET_REQUEST_PAGE).permitAll()
|
|
|
|
|
.antMatchers(Constants.PASSWORD_RESET_PAGE).permitAll()
|
|
|
|
|
.antMatchers("/users/block").permitAll()
|
|
|
|
|
.antMatchers(UserController.URL + UserController.REGISTER_URL).permitAll()
|
|
|
|
|
.antMatchers(UserController.URL + UserController.ACTIVATE_URL).permitAll()
|
|
|
|
|
.antMatchers(UserController.URL + UserController.PASSWORD_RESET_REQUEST_URL).permitAll()
|
|
|
|
@ -76,6 +82,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
|
|
|
|
|
.formLogin()
|
|
|
|
|
.loginPage("/login")
|
|
|
|
|
.successHandler(authenticationSuccessHandler)
|
|
|
|
|
.failureHandler(authenticationFailureHandler)
|
|
|
|
|
.permitAll()
|
|
|
|
|
.and()
|
|
|
|
|
.logout()
|
|
|
|
|