develop #22
|
@ -8,7 +8,10 @@ import dev.fyloz.colorrecipesexplorer.service.CreUserDetailsService
|
|||
import dev.fyloz.colorrecipesexplorer.service.UserService
|
||||
import org.slf4j.Logger
|
||||
import org.springframework.boot.context.properties.EnableConfigurationProperties
|
||||
import org.springframework.context.annotation.*
|
||||
import org.springframework.context.annotation.Bean
|
||||
import org.springframework.context.annotation.Configuration
|
||||
import org.springframework.context.annotation.Lazy
|
||||
import org.springframework.context.annotation.Profile
|
||||
import org.springframework.core.env.Environment
|
||||
import org.springframework.http.HttpMethod
|
||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
|
||||
|
@ -99,11 +102,9 @@ class SecurityConfig(
|
|||
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
|
||||
|
||||
if (!debugMode) {
|
||||
http.authorizeRequests()
|
||||
.antMatchers("/api/login").permitAll()
|
||||
.antMatchers("/api/logout").fullyAuthenticated()
|
||||
.antMatchers("/api/user/current").fullyAuthenticated()
|
||||
.anyRequest().fullyAuthenticated()
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().permitAll()
|
||||
} else {
|
||||
http
|
||||
.cors()
|
||||
|
|
|
@ -32,6 +32,7 @@ class UserController(private val userService: UserService) {
|
|||
ok(userService.getByIdForOutput(id))
|
||||
|
||||
@GetMapping("current")
|
||||
@PreAuthorize("isFullyAuthenticated()")
|
||||
fun getCurrent(loggedInUser: Principal?) =
|
||||
if (loggedInUser != null)
|
||||
ok(
|
||||
|
@ -161,6 +162,7 @@ class GroupsController(
|
|||
@Profile("!emergency")
|
||||
class LogoutController(private val userService: UserService) {
|
||||
@GetMapping("logout")
|
||||
@PreAuthorize("isFullyAuthenticated()")
|
||||
fun logout(request: HttpServletRequest) =
|
||||
ok {
|
||||
userService.logout(request)
|
||||
|
|
Loading…
Reference in New Issue