2021-08-08 12:33:34 +07:00
|
|
|
package com.cubetiqs.graphql.demo.config
|
|
|
|
|
2021-08-08 18:55:52 +07:00
|
|
|
import com.cubetiqs.graphql.demo.security.AuthService
|
2021-08-08 17:40:08 +07:00
|
|
|
import com.cubetiqs.security.jwt.AuthenticationExceptionEntryPoint
|
|
|
|
import com.cubetiqs.security.jwt.JwtSecurityConfigurer
|
|
|
|
import org.springframework.beans.factory.annotation.Autowired
|
2021-08-08 12:33:34 +07:00
|
|
|
import org.springframework.context.annotation.Configuration
|
|
|
|
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity
|
|
|
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity
|
|
|
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
|
|
|
|
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
|
2022-05-27 12:30:12 +07:00
|
|
|
import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer
|
2021-08-08 12:33:34 +07:00
|
|
|
import org.springframework.security.config.http.SessionCreationPolicy
|
|
|
|
|
|
|
|
@Configuration
|
|
|
|
@EnableWebSecurity
|
2021-08-08 18:55:52 +07:00
|
|
|
@EnableGlobalMethodSecurity(prePostEnabled = true)
|
2021-08-08 12:33:34 +07:00
|
|
|
class WebSecurityConfig : WebSecurityConfigurerAdapter() {
|
2021-08-08 17:40:08 +07:00
|
|
|
@Autowired
|
|
|
|
private lateinit var authService: AuthService
|
|
|
|
|
2021-08-08 12:33:34 +07:00
|
|
|
override fun configure(http: HttpSecurity) {
|
2021-08-08 18:55:52 +07:00
|
|
|
http.csrf().disable()
|
2021-08-08 12:33:34 +07:00
|
|
|
.sessionManagement()
|
|
|
|
.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
|
2021-08-08 18:55:52 +07:00
|
|
|
|
|
|
|
http
|
2021-08-08 17:40:08 +07:00
|
|
|
.exceptionHandling()
|
|
|
|
.authenticationEntryPoint(AuthenticationExceptionEntryPoint())
|
2021-08-08 18:55:52 +07:00
|
|
|
|
|
|
|
http
|
2021-08-08 17:40:08 +07:00
|
|
|
.apply(JwtSecurityConfigurer(authService))
|
2021-08-08 18:55:52 +07:00
|
|
|
|
|
|
|
http
|
2021-08-08 12:33:34 +07:00
|
|
|
.authorizeRequests()
|
2021-08-08 18:55:52 +07:00
|
|
|
.anyRequest().permitAll()
|
2021-08-08 12:33:34 +07:00
|
|
|
}
|
|
|
|
}
|