Skip to content
Snippets Groups Projects
Select Git revision
  • f20066b1c872d88b651641e33382380a6fc4cfe2
  • main default
  • Hayat2
  • branch_aichatou
  • Hayat
5 results

SecurityConfig.java

Blame
  • Code owners
    Assign users and groups as approvers for specific file changes. Learn more.
    SecurityConfig.java 3.96 KiB
    package com.projet.projetIndu.security;
    
    import com.projet.projetIndu.repositories.UserRepository;
    import org.springframework.context.annotation.Bean;
    import org.springframework.context.annotation.Configuration;
    import org.springframework.security.authentication.AuthenticationManager;
    import org.springframework.security.authentication.ProviderManager;
    import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
    import org.springframework.security.config.annotation.web.builders.HttpSecurity;
    import org.springframework.security.config.core.GrantedAuthorityDefaults;
    import org.springframework.security.core.userdetails.UserDetailsService;
    import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
    import org.springframework.security.web.SecurityFilterChain;
    import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
    
    @Configuration
    public class SecurityConfig {
    
        @Bean
        public BCryptPasswordEncoder passwordEncoder() {
            return new BCryptPasswordEncoder();
        }
    
    
        @Bean
        public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
            http.authorizeHttpRequests(auth -> auth
                            .requestMatchers("/", "/login", "/register", "/css/**", "/js/**").permitAll()
                            .requestMatchers("/admin/**").hasAuthority("ADMIN")
                            .requestMatchers("/doctors/**").hasAuthority("DOCTOR")
                            .requestMatchers("/patients/**").hasAuthority("PATIENT")
                            .anyRequest().authenticated()
                    )
    
                    .formLogin(form -> form
                            .loginPage("/login")
                            .usernameParameter("email")
                            .passwordParameter("password")
                            .defaultSuccessUrl("/", false) // Redirige vers l'accueil en évitant la boucle infinie
                            .successHandler((request, response, authentication) -> {
                                if (response.isCommitted()) return; // Évite une double redirection
    
                                String role = authentication.getAuthorities().iterator().next().getAuthority();
    
                                switch (role) {
                                    case "ADMIN" -> response.sendRedirect("/admin/dashboard");
                                    case "DOCTOR" -> response.sendRedirect("/doctors/dashboard");
                                    case "PATIENT" -> response.sendRedirect("/patients/dashboard");
                                    default -> response.sendRedirect("/");
                                }
                            })
    
                            .failureHandler((request, response, exception) -> {
                                response.sendRedirect("/login?error=true");
                            })
                            .permitAll()
                    )
    
                    .sessionManagement(session -> session
                            .maximumSessions(1)
                            .expiredUrl("/login?expired=true") // Redirige proprement si la session expire
                    )
    
                    .logout(logout -> logout
                            .logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
                            .logoutSuccessUrl("/login?logout")
                            .permitAll()
                    );
    
            return http.build();
        }
    
        @Bean
        public UserDetailsService userDetailsService(UserRepository userRepository) {
            return new CustomUserDetailsService(userRepository);
        }
    
    
        @Bean
        public AuthenticationManager authenticationManager(UserDetailsService userDetailsService, BCryptPasswordEncoder passwordEncoder) {
            DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
            provider.setUserDetailsService(userDetailsService);
            provider.setPasswordEncoder(passwordEncoder);
            return new ProviderManager(provider);
        }
    
        @Bean
        public GrantedAuthorityDefaults grantedAuthorityDefaults() {
            return new GrantedAuthorityDefaults("");
        }
    
    
    }