in Memory users

df6c0198 · Patryk Czarnik · 74e47dcb · df6c0198 · df6c0198
Commit df6c0198 authored Jun 27, 2024 by Patryk Czarnik
Hide whitespace changes
Inline Side-by-side

Showing with 20 additions and 1 deletions

Customer.java PC33-SklepSpring/src/main/java/sklep/model/Customer.java +2 -0

SecurityConfig.java ...epSpring/src/main/java/sklep/security/SecurityConfig.java +18 -1

No files found.
--- a/PC33-SklepSpring/src/main/java/sklep/model/Customer.java
+++ b/PC33-SklepSpring/src/main/java/sklep/model/Customer.java
 package sklep.model;
+import com.fasterxml.jackson.annotation.JsonIgnore;
 import jakarta.persistence.*;
 import jakarta.validation.constraints.Email;
 import jakarta.validation.constraints.Pattern;
@@ -32,6 +33,7 @@ public class Customer {
    private String city;
    @OneToMany(mappedBy = "customer")
+    @JsonIgnore
    private Set<Order> orders = new LinkedHashSet<>();
    public String getCustomerEmail() {

--- a/PC33-SklepSpring/src/main/java/sklep/security/SecurityConfig.java
+++ b/PC33-SklepSpring/src/main/java/sklep/security/SecurityConfig.java
@@ -2,7 +2,11 @@ package sklep.security;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.provisioning.InMemoryUserDetailsManager;
 import org.springframework.web.servlet.handler.HandlerMappingIntrospector;
 import org.springframework.security.web.SecurityFilterChain;
@@ -11,10 +15,23 @@ public class SecurityConfig {
    @Bean
    SecurityFilterChain configHttpSecurity(HttpSecurity httpSecurity, HandlerMappingIntrospector hmi) throws Exception {
-        httpSecurity.authorizeHttpRequests(auth -> auth.anyRequest().permitAll())
+        httpSecurity
+                .authorizeHttpRequests(auth -> auth
+                        .anyRequest().authenticated())
+                .formLogin(Customizer.withDefaults())
+                // .httpBasic(Customizer.withDefaults())
                .csrf(config -> config.disable())
                .cors(config -> config.disable());
        return httpSecurity.build();
    }
+    @Bean
+    InMemoryUserDetailsManager userDetailsService() {
+        UserDetails[] users = {
+                User.withUsername("ala").password("{noop}ala123").roles("manager", "worker").build(),
+                User.withUsername("ola").password("{noop}ola123").roles("worker").build(),
+        };
+        return new InMemoryUserDetailsManager(users);
+    }
 }