develop #22

Merged
william merged 44 commits from develop into master 2021-12-14 23:59:36 -05:00
2 changed files with 9 additions and 6 deletions
Showing only changes of commit 9a618258bf - Show all commits

View File

@ -8,7 +8,10 @@ import dev.fyloz.colorrecipesexplorer.service.CreUserDetailsService
import dev.fyloz.colorrecipesexplorer.service.UserService
import org.slf4j.Logger
import org.springframework.boot.context.properties.EnableConfigurationProperties
import org.springframework.context.annotation.*
import org.springframework.context.annotation.Bean
import org.springframework.context.annotation.Configuration
import org.springframework.context.annotation.Lazy
import org.springframework.context.annotation.Profile
import org.springframework.core.env.Environment
import org.springframework.http.HttpMethod
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
@ -99,11 +102,9 @@ class SecurityConfig(
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
if (!debugMode) {
http.authorizeRequests()
.antMatchers("/api/login").permitAll()
.antMatchers("/api/logout").fullyAuthenticated()
.antMatchers("/api/user/current").fullyAuthenticated()
.anyRequest().fullyAuthenticated()
http
.authorizeRequests()
.anyRequest().permitAll()
} else {
http
.cors()

View File

@ -32,6 +32,7 @@ class UserController(private val userService: UserService) {
ok(userService.getByIdForOutput(id))
@GetMapping("current")
@PreAuthorize("isFullyAuthenticated()")
fun getCurrent(loggedInUser: Principal?) =
if (loggedInUser != null)
ok(
@ -161,6 +162,7 @@ class GroupsController(
@Profile("!emergency")
class LogoutController(private val userService: UserService) {
@GetMapping("logout")
@PreAuthorize("isFullyAuthenticated()")
fun logout(request: HttpServletRequest) =
ok {
userService.logout(request)