jdbcAuthentication

d5772c19 · Patryk Czarnik · 3e38ebf1 · d5772c19
Commit d5772c19 authored May 24, 2023 by Patryk Czarnik
Show whitespace changes
Inline Side-by-side

Showing with 28 additions and 24 deletions

SecurityConfig.java ...epSpring/src/main/java/sklep/security/SecurityConfig.java +28 -24

No files found.
--- a/PC30-SklepSpring/src/main/java/sklep/security/SecurityConfig.java
+++ b/PC30-SklepSpring/src/main/java/sklep/security/SecurityConfig.java
 package sklep.security;
+import javax.sql.DataSource;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationContext;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.config.annotation.ObjectPostProcessor;
+import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.core.userdetails.User;
-import org.springframework.security.core.userdetails.UserDetails;
-import org.springframework.security.provisioning.InMemoryUserDetailsManager;
 import org.springframework.security.web.SecurityFilterChain;
 @Configuration
 @EnableWebSecurity
 public class SecurityConfig {
+	@Autowired
+	// Spring wstrzyknie tu domyślne połączenie z bazą danych - to sonfigurowane w application.properties
+	private DataSource dataSource;
 	@Bean
 	SecurityFilterChain setHttpSecurity(HttpSecurity httpSecurity) throws Exception {
 		httpSecurity
@@ -22,28 +30,24 @@ public class SecurityConfig {
 		return httpSecurity.build();
 	}
-//	@Bean
-//	AuthenticationManager authenticationManager(AuthenticationConfiguration authenticationConfiguration, ApplicationContext applicationContext) throws Exception {
-//        ObjectPostProcessor<Object> objectPostProcessor = new ObjectPostProcessor<Object>() {
-//			public <O> O postProcess(O object) {
-//				return object;
-//			}
-//		};
-//		
-//		return authenticationConfiguration.authenticationManagerBuilder(objectPostProcessor, applicationContext)
-//				.inMemoryAuthentication()
-//				.withUser("ala").password("{noop}ala123").roles("manager", "worker").and()
-//				.withUser("ola").password("{noop}ola123").roles("worker").and()
-//			.and()
-//			.build();
-//	}
 	@Bean
-	public InMemoryUserDetailsManager userDetailsService() {
+	AuthenticationManager authenticationManager(AuthenticationConfiguration authenticationConfiguration, ApplicationContext applicationContext) throws Exception {
-		UserDetails[] users = {
+        ObjectPostProcessor<Object> objectPostProcessor = new ObjectPostProcessor<Object>() {
-				User.withUsername("ala").password("{noop}ala123").roles("manager", "worker").build(),
+			public <O> O postProcess(O object) {
-				User.withUsername("ola").password("{noop}ola123").roles("worker").build(),
+				return object;
+			}
 		};
-		return new InMemoryUserDetailsManager(users);
+		return authenticationConfiguration.authenticationManagerBuilder(objectPostProcessor, applicationContext)
+				.jdbcAuthentication()
+				.dataSource(dataSource)
+				// mamy podać zapytanie SQL, które pozwoli Springowi odczytać informacje o userze na podstawie nazwy usera
+		        // w wyniku ma zwrócić rekord z trzeba kolumnami: nazwa, hasło, czy aktywny (0/1)
+		        .usersByUsernameQuery("SELECT username, password, enabled FROM spring_accounts WHERE username = ?")
+		        // dla użytkownika zwraca info o uprawnieniach (rolach) danego użytkownika; wynik może składać się z wielu rekordów
+		        .authoritiesByUsernameQuery("SELECT username, role FROM spring_account_roles WHERE username = ?")	
+			.and()
+			.build();
 	}
 }