jdbcAuthentication

PC30-SklepSpring/src/main/java/sklep/security/SecurityConfig.java

 package sklep.security;
 
+import javax.sql.DataSource;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationContext;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.config.annotation.ObjectPostProcessor;
+import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.core.userdetails.User;
-import org.springframework.security.core.userdetails.UserDetails;
-import org.springframework.security.provisioning.InMemoryUserDetailsManager;
 import org.springframework.security.web.SecurityFilterChain;
 
 @Configuration
 @EnableWebSecurity
 public class SecurityConfig {
+	@Autowired
+	// Spring wstrzyknie tu domyślne połączenie z bazą danych - to sonfigurowane w application.properties
+	private DataSource dataSource;
+	
 	@Bean
 	SecurityFilterChain setHttpSecurity(HttpSecurity httpSecurity) throws Exception {
 		httpSecurity
@@ -22,28 +30,24 @@ public class SecurityConfig {
 		return httpSecurity.build();
 	}
 	
-//	@Bean
-//	AuthenticationManager authenticationManager(AuthenticationConfiguration authenticationConfiguration, ApplicationContext applicationContext) throws Exception {
-//        ObjectPostProcessor<Object> objectPostProcessor = new ObjectPostProcessor<Object>() {
-//			public <O> O postProcess(O object) {
-//				return object;
-//			}
-//		};
-//		
-//		return authenticationConfiguration.authenticationManagerBuilder(objectPostProcessor, applicationContext)
-//				.inMemoryAuthentication()
-//				.withUser("ala").password("{noop}ala123").roles("manager", "worker").and()
-//				.withUser("ola").password("{noop}ola123").roles("worker").and()
-//			.and()
-//			.build();
-//	}
-	
 	@Bean
-	public InMemoryUserDetailsManager userDetailsService() {
-		UserDetails[] users = {
-				User.withUsername("ala").password("{noop}ala123").roles("manager", "worker").build(),
-				User.withUsername("ola").password("{noop}ola123").roles("worker").build(),
+	AuthenticationManager authenticationManager(AuthenticationConfiguration authenticationConfiguration, ApplicationContext applicationContext) throws Exception {
+        ObjectPostProcessor<Object> objectPostProcessor = new ObjectPostProcessor<Object>() {
+			public <O> O postProcess(O object) {
+				return object;
+			}
 		};
-		return new InMemoryUserDetailsManager(users);
+		
+		return authenticationConfiguration.authenticationManagerBuilder(objectPostProcessor, applicationContext)
+				.jdbcAuthentication()
+				.dataSource(dataSource)
+				// mamy podać zapytanie SQL, które pozwoli Springowi odczytać informacje o userze na podstawie nazwy usera
+		        // w wyniku ma zwrócić rekord z trzeba kolumnami: nazwa, hasło, czy aktywny (0/1)
+		        .usersByUsernameQuery("SELECT username, password, enabled FROM spring_accounts WHERE username = ?")
+		        // dla użytkownika zwraca info o uprawnieniach (rolach) danego użytkownika; wynik może składać się z wielu rekordów
+		        .authoritiesByUsernameQuery("SELECT username, role FROM spring_account_roles WHERE username = ?")	
+			.and()
+			.build();
 	}
+	
 }