Skip to content

Instantly share code, notes, and snippets.

@vitorgonzaga

vitorgonzaga/SecurityConfigurations.java

Created March 28, 2023 12:32
Show Gist options
  • Save vitorgonzaga/d8dfb961a9332a7b61243a83e60d3ddb to your computer and use it in GitHub Desktop.
Save vitorgonzaga/d8dfb961a9332a7b61243a83e60d3ddb to your computer and use it in GitHub Desktop.
Download ZIP
SecurityConfigurations.java
Raw
SecurityConfigurations.java
@Configuration
@EnableWebSecurity
public class SecurityConfigurations {
@Autowired
private SecurityFilter securityFilter;
@Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
return http.csrf().disable()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and().authorizeHttpRequests()
.requestMatchers(HttpMethod.POST, "/login").permitAll()
.requestMatchers(HttpMethod.DELETE, "/medicos").hasRole("ADMIN")
.requestMatchers(HttpMethod.DELETE, "/pacientes").hasRole("ADMIN")
.anyRequest().authenticated()
.and().addFilterBefore(securityFilter, UsernamePasswordAuthenticationFilter.class)
.build();
}
@Bean
public AuthenticationManager authenticationManager(AuthenticationConfiguration configuration) throws Exception {
return configuration.getAuthenticationManager();
}
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment