Task: Add security configuration and implement for auth service and configs
This commit is contained in:
parent
0c2669d153
commit
9202c52640
@ -1,5 +1,9 @@
|
|||||||
package com.cubetiqs.graphql.demo.config
|
package com.cubetiqs.graphql.demo.config
|
||||||
|
|
||||||
|
import com.cubetiqs.graphql.demo.secutiry.AuthService
|
||||||
|
import com.cubetiqs.security.jwt.AuthenticationExceptionEntryPoint
|
||||||
|
import com.cubetiqs.security.jwt.JwtSecurityConfigurer
|
||||||
|
import org.springframework.beans.factory.annotation.Autowired
|
||||||
import org.springframework.context.annotation.Configuration
|
import org.springframework.context.annotation.Configuration
|
||||||
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity
|
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity
|
||||||
@ -11,11 +15,22 @@ import org.springframework.security.config.http.SessionCreationPolicy
|
|||||||
@EnableWebSecurity
|
@EnableWebSecurity
|
||||||
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
|
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
|
||||||
class WebSecurityConfig : WebSecurityConfigurerAdapter() {
|
class WebSecurityConfig : WebSecurityConfigurerAdapter() {
|
||||||
|
@Autowired
|
||||||
|
private lateinit var authService: AuthService
|
||||||
|
|
||||||
override fun configure(http: HttpSecurity) {
|
override fun configure(http: HttpSecurity) {
|
||||||
http.csrf().disable()
|
http.csrf()
|
||||||
|
.and()
|
||||||
|
.httpBasic()
|
||||||
|
.disable()
|
||||||
.sessionManagement()
|
.sessionManagement()
|
||||||
.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
|
.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
|
||||||
.and()
|
.and()
|
||||||
|
.exceptionHandling()
|
||||||
|
.authenticationEntryPoint(AuthenticationExceptionEntryPoint())
|
||||||
|
.and()
|
||||||
|
.apply(JwtSecurityConfigurer(authService))
|
||||||
|
.and()
|
||||||
.authorizeRequests()
|
.authorizeRequests()
|
||||||
.anyRequest()
|
.anyRequest()
|
||||||
.permitAll()
|
.permitAll()
|
||||||
|
@ -0,0 +1,12 @@
|
|||||||
|
package com.cubetiqs.graphql.demo.secutiry
|
||||||
|
|
||||||
|
import org.springframework.security.core.userdetails.UserDetails
|
||||||
|
import org.springframework.security.core.userdetails.UserDetailsService
|
||||||
|
import org.springframework.stereotype.Service
|
||||||
|
|
||||||
|
@Service
|
||||||
|
class AuthService : UserDetailsService {
|
||||||
|
override fun loadUserByUsername(username: String?): UserDetails {
|
||||||
|
TODO("Not yet implemented")
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user