diff --git a/.idea/workspace.xml b/.idea/workspace.xml
index 63f85e0..d14b2aa 100644
--- a/.idea/workspace.xml
+++ b/.idea/workspace.xml
@@ -2,14 +2,13 @@
-
-
-
-
+
+
+
+
-
-
+
@@ -20,10 +19,10 @@
@@ -56,7 +55,7 @@
-
+
@@ -95,13 +94,27 @@
-
+
+
+
+
+ 1589796661163
+
+
+
+ 1589796661163
+
+
+
+
+
+
@@ -111,10 +124,10 @@
-
+
-
+
@@ -127,58 +140,62 @@
-
+
-
-
+
+
-
-
+
+
-
-
+
+
-
-
+
+
-
-
+
+
-
-
+
+
-
-
+
+
-
-
+
+
-
-
+
+
-
-
+
+
-
-
+
+
-
-
+
+
-
+
+
+
+
+
@@ -187,9 +204,9 @@
-
+
-
+
\ No newline at end of file
diff --git a/src/main/kotlin/com/chantha/jdbc/config/WebConfig.java b/src/main/kotlin/com/chantha/jdbc/config/WebConfig.java
index fd9f8b4..f3620df 100644
--- a/src/main/kotlin/com/chantha/jdbc/config/WebConfig.java
+++ b/src/main/kotlin/com/chantha/jdbc/config/WebConfig.java
@@ -1,27 +1,40 @@
package com.chantha.jdbc.config;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
+@Configuration
+@EnableWebSecurity
public class WebConfig extends WebSecurityConfigurerAdapter {
- @Override
- public void configure(WebSecurity web) throws Exception {
+ private final UserDetailsService userDetailsService;
- UserDetails user= User.builder()
- .username("chantha")
- .password("chantha")
- .roles("ADMIN")
- .build();
+ @Autowired
+ public WebConfig(UserDetailsService userDetailsService){
+ this.userDetailsService=userDetailsService;
+ }
+
+ @Override
+ protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+ auth.userDetailsService(userDetailsService);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.formLogin();
- http.cors().disable();
+ http.logout().logoutRequestMatcher(new AntPathRequestMatcher("/logout"));
+ http.authorizeRequests()
+ .antMatchers("/**").hasAnyRole("ADMIN");
+ http.csrf().disable();
}
diff --git a/src/main/kotlin/com/chantha/jdbc/security/User.kt b/src/main/kotlin/com/chantha/jdbc/security/User.kt
new file mode 100644
index 0000000..5a1c2f7
--- /dev/null
+++ b/src/main/kotlin/com/chantha/jdbc/security/User.kt
@@ -0,0 +1,28 @@
+package com.chantha.jdbc.security
+
+import javax.persistence.*
+
+
+@Suppress("UNCHECKED_CAST")
+@Entity
+@Table(name = "tbUser")
+data class User(
+ @Id
+ @GeneratedValue
+ var userId:Long ,
+ @Column(nullable = false,unique = true)
+ var userName:String,
+ @Column(nullable = false,unique = true)
+ var password:String,
+ var roles:String,
+ var status:Int
+
+)
+{
+ fun getRolesList():List{
+ if(roles.isNotEmpty()){
+ return roles.split("_")
+ }
+ return listOf()
+ }
+}
\ No newline at end of file
diff --git a/src/main/kotlin/com/chantha/jdbc/security/UserDetailServiceImpl.kt b/src/main/kotlin/com/chantha/jdbc/security/UserDetailServiceImpl.kt
new file mode 100644
index 0000000..f466183
--- /dev/null
+++ b/src/main/kotlin/com/chantha/jdbc/security/UserDetailServiceImpl.kt
@@ -0,0 +1,14 @@
+package com.chantha.jdbc.security
+
+import org.springframework.beans.factory.annotation.Autowired
+import org.springframework.security.core.userdetails.UserDetails
+import org.springframework.security.core.userdetails.UserDetailsService
+import org.springframework.stereotype.Service
+
+@Service
+class UserDetailServiceImpl @Autowired constructor(private val userRepo: UserRepo):UserDetailsService {
+ override fun loadUserByUsername(p0: String?): UserDetails {
+ val user=userRepo.findByUsername(p0!!)
+ return UserPrincipal(user)
+ }
+}
\ No newline at end of file
diff --git a/src/main/kotlin/com/chantha/jdbc/security/UserPrincipal.kt b/src/main/kotlin/com/chantha/jdbc/security/UserPrincipal.kt
new file mode 100644
index 0000000..c7997dd
--- /dev/null
+++ b/src/main/kotlin/com/chantha/jdbc/security/UserPrincipal.kt
@@ -0,0 +1,47 @@
+package com.chantha.jdbc.security
+
+import org.springframework.beans.factory.annotation.Autowired
+import org.springframework.security.core.GrantedAuthority
+import org.springframework.security.core.authority.SimpleGrantedAuthority
+import org.springframework.security.core.userdetails.UserDetails
+import org.springframework.stereotype.Component
+import org.springframework.stereotype.Controller
+import org.springframework.stereotype.Service
+
+
+
+class UserPrincipal constructor(private val user: User):UserDetails{
+ override fun getAuthorities(): List {
+ val listGrantedAuthority= mutableListOf()
+ user.getRolesList().map {
+ val roles=SimpleGrantedAuthority("ROLE_$it")
+ listGrantedAuthority.add(roles)
+ }
+ return listGrantedAuthority
+ }
+
+ override fun isEnabled(): Boolean {
+ return user.status == 1
+ }
+
+ override fun getUsername(): String {
+ return user.userName
+ }
+
+ override fun isCredentialsNonExpired(): Boolean {
+ return true
+ }
+
+ override fun getPassword(): String {
+ return "{noop}${user.password}"
+ }
+
+ override fun isAccountNonExpired(): Boolean {
+ return true
+ }
+
+ override fun isAccountNonLocked(): Boolean {
+ return true
+ }
+
+}
\ No newline at end of file
diff --git a/src/main/kotlin/com/chantha/jdbc/security/UserRepo.kt b/src/main/kotlin/com/chantha/jdbc/security/UserRepo.kt
new file mode 100644
index 0000000..612b59e
--- /dev/null
+++ b/src/main/kotlin/com/chantha/jdbc/security/UserRepo.kt
@@ -0,0 +1,11 @@
+package com.chantha.jdbc.security
+
+import org.springframework.data.jpa.repository.Query
+import org.springframework.data.repository.CrudRepository
+import org.springframework.stereotype.Repository
+
+@Repository
+interface UserRepo : CrudRepository{
+ @Query("SELECT * FROM tb_user WHERE user_name = :user ",nativeQuery = true)
+ fun findByUsername(user:String):User
+}
\ No newline at end of file
diff --git a/target/classes/application.properties b/target/classes/application.properties
index c76806f..ad18dc6 100644
--- a/target/classes/application.properties
+++ b/target/classes/application.properties
@@ -4,7 +4,7 @@ spring.datasource.password=root
spring.jpa.hibernate.ddl-auto=update
spring.jpa.open-in-view=true
-
+server.port=8081
diff --git a/target/classes/com/chantha/jdbc/config/WebConfig.class b/target/classes/com/chantha/jdbc/config/WebConfig.class
new file mode 100644
index 0000000..d6c3180
Binary files /dev/null and b/target/classes/com/chantha/jdbc/config/WebConfig.class differ
diff --git a/target/classes/com/chantha/jdbc/security/User.class b/target/classes/com/chantha/jdbc/security/User.class
new file mode 100644
index 0000000..6721d64
Binary files /dev/null and b/target/classes/com/chantha/jdbc/security/User.class differ
diff --git a/target/classes/com/chantha/jdbc/security/UserDetailServiceImpl.class b/target/classes/com/chantha/jdbc/security/UserDetailServiceImpl.class
new file mode 100644
index 0000000..6f6a9d1
Binary files /dev/null and b/target/classes/com/chantha/jdbc/security/UserDetailServiceImpl.class differ
diff --git a/target/classes/com/chantha/jdbc/security/UserPrincipal.class b/target/classes/com/chantha/jdbc/security/UserPrincipal.class
new file mode 100644
index 0000000..6338e3b
Binary files /dev/null and b/target/classes/com/chantha/jdbc/security/UserPrincipal.class differ
diff --git a/target/classes/com/chantha/jdbc/security/UserRepo.class b/target/classes/com/chantha/jdbc/security/UserRepo.class
new file mode 100644
index 0000000..470dcc3
Binary files /dev/null and b/target/classes/com/chantha/jdbc/security/UserRepo.class differ