Skip to content
Snippets Groups Projects
Select Git revision
  • de1fcffdf138138dd942a40e8f75e2bd9cd71a96
  • main default protected
  • bugfix/fix-routing
  • bugfix/fix-html-and-css
  • bugfix/test
  • feature/add-signup-validation
  • feature/add-update-information-validator
  • feature/add-login-validator
  • feature/add-payment-validator
  • feature/add-admin-view
  • feature/add-orders-html
  • bugfix/fix-html-feedback
  • chore/refacto-code
  • feature/add-update-user-html
  • feature/add-product-html
  • feature/add-card-html
  • feature/add-sign-up-html
  • feature/add-login-html
  • bugfix/fix-pop-up
  • feature/add-routings-configuration
  • feature/add-cards-html
21 results

order.component.scss

Blame
  • Forked from Shop Sphere / frontend
    Source project has a limited visibility.
    Code owners
    Assign users and groups as approvers for specific file changes. Learn more.
    SecurityConfig.java 3.96 KiB
    package com.projet.projetIndu.security;
    
    import com.projet.projetIndu.repositories.UserRepository;
    import org.springframework.context.annotation.Bean;
    import org.springframework.context.annotation.Configuration;
    import org.springframework.security.authentication.AuthenticationManager;
    import org.springframework.security.authentication.ProviderManager;
    import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
    import org.springframework.security.config.annotation.web.builders.HttpSecurity;
    import org.springframework.security.config.core.GrantedAuthorityDefaults;
    import org.springframework.security.core.userdetails.UserDetailsService;
    import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
    import org.springframework.security.web.SecurityFilterChain;
    import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
    
    @Configuration
    public class SecurityConfig {
    
        @Bean
        public BCryptPasswordEncoder passwordEncoder() {
            return new BCryptPasswordEncoder();
        }
    
    
        @Bean
        public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
            http.authorizeHttpRequests(auth -> auth
                            .requestMatchers("/", "/login", "/register", "/css/**", "/js/**").permitAll()
                            .requestMatchers("/admin/**").hasAuthority("ADMIN")
                            .requestMatchers("/doctors/**").hasAuthority("DOCTOR")
                            .requestMatchers("/patients/**").hasAuthority("PATIENT")
                            .anyRequest().authenticated()
                    )
    
                    .formLogin(form -> form
                            .loginPage("/login")
                            .usernameParameter("email")
                            .passwordParameter("password")
                            .defaultSuccessUrl("/", false) // Redirige vers l'accueil en évitant la boucle infinie
                            .successHandler((request, response, authentication) -> {
                                if (response.isCommitted()) return; // Évite une double redirection
    
                                String role = authentication.getAuthorities().iterator().next().getAuthority();
    
                                switch (role) {
                                    case "ADMIN" -> response.sendRedirect("/admin/dashboard");
                                    case "DOCTOR" -> response.sendRedirect("/doctors/dashboard");
                                    case "PATIENT" -> response.sendRedirect("/patients/dashboard");
                                    default -> response.sendRedirect("/");
                                }
                            })
    
                            .failureHandler((request, response, exception) -> {
                                response.sendRedirect("/login?error=true");
                            })
                            .permitAll()
                    )
    
                    .sessionManagement(session -> session
                            .maximumSessions(1)
                            .expiredUrl("/login?expired=true") // Redirige proprement si la session expire
                    )
    
                    .logout(logout -> logout
                            .logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
                            .logoutSuccessUrl("/login?logout")
                            .permitAll()
                    );
    
            return http.build();
        }
    
        @Bean
        public UserDetailsService userDetailsService(UserRepository userRepository) {
            return new CustomUserDetailsService(userRepository);
        }
    
    
        @Bean
        public AuthenticationManager authenticationManager(UserDetailsService userDetailsService, BCryptPasswordEncoder passwordEncoder) {
            DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
            provider.setUserDetailsService(userDetailsService);
            provider.setPasswordEncoder(passwordEncoder);
            return new ProviderManager(provider);
        }
    
        @Bean
        public GrantedAuthorityDefaults grantedAuthorityDefaults() {
            return new GrantedAuthorityDefaults("");
        }
    
    
    }