diff --git a/src/main/java/com/projet/projetIndu/controllers/LoginController.java b/src/main/java/com/projet/projetIndu/controllers/LoginController.java
new file mode 100644
index 0000000000000000000000000000000000000000..4d5194abc42a48a6945d2688795e4841949e9f21
--- /dev/null
+++ b/src/main/java/com/projet/projetIndu/controllers/LoginController.java
@@ -0,0 +1,13 @@
+package com.projet.projetIndu.controllers;
+
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.GetMapping;
+
+@Controller
+public class LoginController {
+ @GetMapping("/login")
+ public String loginPage() {
+ return "login";
+ }
+}
+
diff --git a/src/main/java/com/projet/projetIndu/security/CustomUserDetailsService.java b/src/main/java/com/projet/projetIndu/security/CustomUserDetailsService.java
index 5f8186108fe6c897ba0933f64f10eb6ba3c6ebc9..d67019bfdb1f1202f52b63cac1be2a0fea65434c 100644
--- a/src/main/java/com/projet/projetIndu/security/CustomUserDetailsService.java
+++ b/src/main/java/com/projet/projetIndu/security/CustomUserDetailsService.java
@@ -34,9 +34,9 @@ public class CustomUserDetailsService implements UserDetailsService {
System.out.println("Utilisateur trouvé : " + user.getEmail() + " | Rôle : " + user.getRole());
return org.springframework.security.core.userdetails.User.builder()
- .username(user.getEmail()) // L'email sert d'identifiant
- .password(user.getPassword()) // Mot de passe hashé en BDD
- .roles("ROLE_" + user.getRole())
+ .username(user.getEmail())
+ .password(user.getPassword())
+ .authorities("ROLE_" + user.getRole())
.build();
}
diff --git a/src/main/java/com/projet/projetIndu/security/SecurityConfig.java b/src/main/java/com/projet/projetIndu/security/SecurityConfig.java
index a792fe8299610ebe2a9edde860394260983d3c03..bbfd926c27006d5b1ac5e6e5975a932e3ab774a5 100644
--- a/src/main/java/com/projet/projetIndu/security/SecurityConfig.java
+++ b/src/main/java/com/projet/projetIndu/security/SecurityConfig.java
@@ -4,9 +4,9 @@ import com.projet.projetIndu.repositories.UserRepository;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
-import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.authentication.ProviderManager;
+import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.web.SecurityFilterChain;
@@ -25,34 +25,41 @@ public class SecurityConfig {
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
http.authorizeHttpRequests(auth -> auth
.requestMatchers("/", "/login", "/register", "/css/**", "/js/**").permitAll()
- .requestMatchers("/admin/**").hasAuthority("ROLE_ADMIN")
- .requestMatchers("/doctors/**").hasAuthority("ROLE_DOCTOR")
- .requestMatchers("/patients/**").hasAuthority("ROLE_PATIENT")
- .anyRequest().authenticated()
+ .requestMatchers("/admin/**").hasRole("ADMIN")
+ .requestMatchers("/doctors/**").hasRole("DOCTOR")
+ .requestMatchers("/patients/**").hasRole("PATIENT")
+ .anyRequest().permitAll()
)
.formLogin(form -> form
.loginPage("/login")
.usernameParameter("email")
.passwordParameter("password")
+ .defaultSuccessUrl("/", false) // Redirige vers l'accueil en évitant la boucle infinie
.successHandler((request, response, authentication) -> {
- // Gestion des redirections selon les rôles
- String role = authentication.getAuthorities().stream()
- .map(GrantedAuthority::getAuthority)
- .findFirst()
- .orElse(""); // Prévient une exception si aucun rôle
- if (role.equals("ROLE_ADMIN")) {
- response.sendRedirect("/admin/dashboard");
- } else if (role.equals("ROLE_DOCTOR")) {
- response.sendRedirect("/doctors/dashboard");
- } else if (role.equals("ROLE_PATIENT")) {
- response.sendRedirect("/patients/dashboard");
- } else {
- response.sendRedirect("/"); // URL par défaut
+ if (response.isCommitted()) return; // Évite une double redirection
+
+ String role = authentication.getAuthorities().iterator().next().getAuthority();
+
+ switch (role) {
+ case "ROLE_ADMIN" -> response.sendRedirect("/admin/dashboard");
+ case "ROLE_DOCTOR" -> response.sendRedirect("/doctors/dashboard");
+ case "ROLE_PATIENT" -> response.sendRedirect("/patients/dashboard");
+ default -> response.sendRedirect("/");
}
})
- .failureUrl("/login?error=true") // En cas d'échec d'authentification
+
+
+ .failureHandler((request, response, exception) -> {
+ response.sendRedirect("/login?error=true");
+ })
.permitAll()
)
+
+ .sessionManagement(session -> session
+ .maximumSessions(1)
+ .expiredUrl("/login?expired=true") // Redirige proprement si la session expire
+ )
+
.logout(logout -> logout
.logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
.logoutSuccessUrl("/login?logout")
@@ -69,13 +76,11 @@ public class SecurityConfig {
@Bean
- public AuthenticationManager authenticationManager(HttpSecurity http, BCryptPasswordEncoder passwordEncoder, UserDetailsService userDetailsService) throws Exception {
- AuthenticationManagerBuilder authenticationManagerBuilder = http.getSharedObject(AuthenticationManagerBuilder.class);
- authenticationManagerBuilder
- .userDetailsService(userDetailsService)
- .passwordEncoder(passwordEncoder);
-
- return authenticationManagerBuilder.build();
+ public AuthenticationManager authenticationManager(UserDetailsService userDetailsService, BCryptPasswordEncoder passwordEncoder) {
+ DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
+ provider.setUserDetailsService(userDetailsService);
+ provider.setPasswordEncoder(passwordEncoder);
+ return new ProviderManager(provider);
}