API tools faq
paste
Guest User

Untitled

a guest
May 29th, 2018
121
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 26.03 KB | None | 0 0
raw download clone embed print report
  1. // RegistrationController.java
  2. @RestController
  3. public class DayLeasingUserController {
  4. @RequestMapping(value = "/registration/landowner/fileupload", method = RequestMethod.POST)
  5. public ResponseEntity<HashMap<String, Boolean>> handleFileUpload(
  6. @RequestParam(value="email")String email,@RequestParam("fname")String fname,@RequestParam("lname")String lname,
  7. @RequestParam("city")String city,@RequestParam("phone1")String phone1,@RequestParam("phone2")String phone2,
  8. @RequestParam("phone3")String phone3,@RequestParam("streetAddressLine1")String streetAddressLine1,
  9. @RequestParam(value="streetAddressLine2",required = false)String streetAddressLine2,@RequestParam("stripeApiKey")String stripeApiKey,
  10. @RequestParam("zipcode")String zipCode,@RequestParam(value="businessName",required=false)String businessName,
  11. @RequestParam("file") MultipartFile[] files,@RequestParam("landOwnerEditProfile")boolean landOwnerEditProfile,Model model) throws IOException {
  12. // @RequestParam("file") String[] files,@RequestParam("landOwnerEditProfile")boolean landOwnerEditProfile,Model model) throws IOException {
  13. // @RequestParam("file") MultipartFile multipartRequest)throws IOException{
  14. HashMap<String, Boolean> hashMap = new HashMap<String, Boolean>();
  15. DayLeasingUserDTO dayleasinguserDto =new DayLeasingUserDTO();
  16. try {
  17.  
  18.  
  19. dayleasinguserDto.setEmailId(email);
  20. dayleasinguserDto.setFname(fname);
  21. dayleasinguserDto.setLname(lname);
  22. dayleasinguserDto.setCity(city);
  23. dayleasinguserDto.setPhone(phone1+phone2+phone3);
  24. dayleasinguserDto.setAddress1(streetAddressLine1);
  25. dayleasinguserDto.setAddress2(streetAddressLine2);
  26. dayleasinguserDto.setStripeApiKey(stripeApiKey);
  27. dayleasinguserDto.setZipCode(zipCode);
  28. dayleasinguserDto.setBusinessName(businessName);
  29. dayLeasingUserService.userUpdateOnUserName(dayleasinguserDto, email);
  30. if(landOwnerEditProfile) {
  31. dayLeasingUserService.deleteDocumentsByUserName(email);
  32. }
  33.  
  34. /*for(String file : files) {
  35. userDocument.setFiledata(file.getBytes());
  36. userDocument.setFilename(file.toString());
  37. userDocument.setUsername(email);
  38. dayLeasingUserService.addDocument(userDocument);
  39. }*/
  40.  
  41. for(MultipartFile file : files) {
  42. userDocument.setFiledata(file.getBytes());
  43. userDocument.setFilename(file.getOriginalFilename());
  44. userDocument.setUsername(email);
  45. dayLeasingUserService.addDocument(userDocument);
  46. }
  47. hashMap.put("status",true);
  48. boolean detailsUpdated = userDao.enableUserDetails(email);
  49. hashMap.put("detailsUpdated",detailsUpdated);
  50.  
  51.  
  52. // storageService.store(file);
  53. // model.addAttribute("message", "You successfully uploaded " + file.getOriginalFilename() + "!");
  54. // files.add(file.getOriginalFilename());
  55. } catch (Exception e) {
  56. // dayLeasingUserService.userDeleteOnUserName(dayleasinguserDto, dayleasinguserDto.getEmailId());
  57. hashMap.put("status", false);
  58. }
  59.  
  60.  
  61. return new ResponseEntity<HashMap<String, Boolean>>(hashMap, HttpStatus.OK);
  62. }
  63. }
  64.  
  65.  
  66.  
  67.  
  68. // Configuration.java
  69.  
  70. package com.dayLeasing.configuration;
  71.  
  72.  
  73.  
  74. // TODO: Auto-generated Javadoc
  75.  
  76. @EnableScheduling
  77. @PropertySource("classpath:application.properties")
  78. @EnableTransactionManagement
  79. public class Configuration {
  80.  
  81. /** The Constant PROPERTY_NAME_DATABASE_DRIVER. */
  82. private static final String PROPERTY_NAME_DATABASE_DRIVER = "db.driver";
  83.  
  84. /** The Constant PROPERTY_NAME_DATABASE_PASSWORD. */
  85. private static final String PROPERTY_NAME_DATABASE_PASSWORD = "db.password";
  86.  
  87. /** The Constant PROPERTY_NAME_DATABASE_URL. */
  88. private static final String PROPERTY_NAME_DATABASE_URL = "db.url";
  89.  
  90. /** The Constant PROPERTY_NAME_DATABASE_USERNAME. */
  91. private static final String PROPERTY_NAME_DATABASE_USERNAME = "db.username";
  92.  
  93. /** The Constant PROPERTY_NAME_HIBERNATE_DIALECT. */
  94. private static final String PROPERTY_NAME_HIBERNATE_DIALECT = "hibernate.dialect";
  95.  
  96. /** The Constant PROPERTY_NAME_HIBERNATE_SHOW_SQL. */
  97. private static final String PROPERTY_NAME_HIBERNATE_SHOW_SQL = "hibernate.show_sql";
  98. // private static final String PROPERTY_NAME_ENTITYMANAGER_PACKAGES_TO_SCAN
  99. // =
  100. // "entitymanager.packages.to.scan";
  101.  
  102. /** The env. */
  103. @Resource
  104. private Environment env;
  105.  
  106. /** The day leasing user service. */
  107. @Autowired
  108. DayLeasingUserService dayLeasingUserService;
  109.  
  110. /** The mail util. */
  111. @Autowired
  112. MailUtil mailUtil;
  113.  
  114. /** The property reservation service. */
  115. @Autowired
  116. public PropertyReservationService propertyReservationService;
  117.  
  118. /*
  119. * @Override public void addResourceHandlers(ResourceHandlerRegistry
  120. * registry) {
  121. * registry.addResourceHandler("/resources/**").addResourceLocations
  122. * ("/resources/"); }
  123. */
  124.  
  125. /*
  126. * @Bean public LocalContainerEntityManagerFactoryBean
  127. * entityManagerFactory() throws IllegalStateException,
  128. * PropertyVetoException { final LocalContainerEntityManagerFactoryBean em =
  129. * new LocalContainerEntityManagerFactoryBean();
  130. * em.setDataSource(dataSource()); em.setPackagesToScan(new String[] {
  131. * "com.gi.insite.persistence.model" }); final HibernateJpaVendorAdapter
  132. * vendorAdapter = new HibernateJpaVendorAdapter();
  133. * em.setJpaVendorAdapter(vendorAdapter);
  134. * em.setJpaProperties(additionalProperties()); return em; }
  135. */
  136.  
  137. /*
  138. * @Bean(destroyMethod="") public DataSource dataSource() { final
  139. * JndiDataSourceLookup dsLookup = new JndiDataSourceLookup();
  140. * dsLookup.setResourceRef(true); DataSource dataSource =
  141. * dsLookup.getDataSource("java:comp/env/jdbc/DGSDB"); return dataSource; }
  142. */
  143.  
  144. @Bean
  145. public DataSource dataSource() throws IllegalStateException,
  146. PropertyVetoException {
  147. ComboPooledDataSource comboPooledDataSource = new ComboPooledDataSource();
  148. comboPooledDataSource.setDriverClass(env
  149. .getRequiredProperty(PROPERTY_NAME_DATABASE_DRIVER));
  150. comboPooledDataSource.setJdbcUrl(env
  151. .getRequiredProperty(PROPERTY_NAME_DATABASE_URL));
  152. comboPooledDataSource.setUser(env
  153. .getRequiredProperty(PROPERTY_NAME_DATABASE_USERNAME));
  154. comboPooledDataSource.setPassword(env
  155. .getRequiredProperty(PROPERTY_NAME_DATABASE_PASSWORD));
  156. comboPooledDataSource.setInitialPoolSize(5);
  157. comboPooledDataSource.setMinPoolSize(5);
  158. comboPooledDataSource.setMaxPoolSize(50000);
  159.  
  160. comboPooledDataSource.setAcquireIncrement(20);
  161. comboPooledDataSource.setMaxStatements(100);
  162. comboPooledDataSource.setAcquireRetryAttempts(100);
  163. comboPooledDataSource.setAcquireRetryDelay(10);
  164.  
  165. comboPooledDataSource.setBreakAfterAcquireFailure(false);
  166. comboPooledDataSource.setMaxIdleTime(200);
  167. comboPooledDataSource.setMaxConnectionAge(30000);
  168. comboPooledDataSource.setMaxIdleTimeExcessConnections(3000);
  169. //comboPooledDataSource.setCheckoutTimeout(1000);
  170. //comboPooledDataSource.setIdleConnectionTestPeriod(100);
  171. comboPooledDataSource.setTestConnectionOnCheckout(true);
  172. comboPooledDataSource.setPreferredTestQuery("SELECT 1");
  173. comboPooledDataSource.setTestConnectionOnCheckin(true);
  174.  
  175. return comboPooledDataSource;
  176. }
  177.  
  178.  
  179.  
  180.  
  181. @Bean(name = "sessionFactory1")
  182. public SessionFactory getSessionFactory(DataSource dataSource) {
  183. LocalSessionFactoryBuilder sessionBuilder = new LocalSessionFactoryBuilder(
  184. dataSource);
  185.  
  186. sessionBuilder.addProperties(hibernateProperties());
  187.  
  188. sessionBuilder
  189. .scanPackages(new String[] { "com.dayLeasing.dao.model" });
  190.  
  191. return sessionBuilder.buildSessionFactory();
  192. }
  193.  
  194. /**
  195. * Hibernate properties.
  196. *
  197. * @return the properties
  198. */
  199. private Properties hibernateProperties() {
  200. Properties properties = new Properties();
  201. properties.put(PROPERTY_NAME_HIBERNATE_DIALECT,
  202. env.getRequiredProperty(PROPERTY_NAME_HIBERNATE_DIALECT));
  203. properties.put(PROPERTY_NAME_HIBERNATE_SHOW_SQL,
  204. env.getRequiredProperty(PROPERTY_NAME_HIBERNATE_SHOW_SQL));
  205. return properties;
  206. }
  207.  
  208. /**
  209. * Transaction manager.
  210. *
  211. * @param sessionFactory
  212. * the session factory
  213. * @return the hibernate transaction manager
  214. */
  215. @Bean(name = "transactionManager")
  216. public HibernateTransactionManager transactionManager(
  217. SessionFactory sessionFactory) {
  218.  
  219. HibernateTransactionManager transactionManager = new HibernateTransactionManager(
  220. sessionFactory);
  221.  
  222. return transactionManager;
  223. }
  224.  
  225. /**
  226. * Content negotiating view resolver.
  227. *
  228. * @param manager
  229. * the manager
  230. * @return the view resolver
  231. */
  232. @Bean
  233. public ViewResolver contentNegotiatingViewResolver(
  234. ContentNegotiationManager manager) {
  235.  
  236. List<ViewResolver> resolvers = new ArrayList<ViewResolver>();
  237.  
  238. InternalResourceViewResolver r1 = new InternalResourceViewResolver();
  239. r1.setPrefix("/WEB-INF/pages/");
  240. r1.setSuffix(".jsp");
  241. r1.setViewClass(JstlView.class);
  242. resolvers.add(r1);
  243.  
  244. JsonViewResolver r2 = new JsonViewResolver();
  245. resolvers.add(r2);
  246.  
  247. ContentNegotiatingViewResolver resolver = new ContentNegotiatingViewResolver();
  248. resolver.setViewResolvers(resolvers);
  249. resolver.setContentNegotiationManager(manager);
  250. return resolver;
  251.  
  252. }
  253.  
  254. /**
  255. * Gets the multipart resolver.
  256. *
  257. * @return the multipart resolver
  258. */
  259.  
  260. /*
  261. This part is added for multipartfile upload.
  262.  
  263. */
  264. // @Bean(name = "multipartResolver")
  265. // public CommonsMultipartResolver getMultipartResolver() {
  266. // /* return new CommonsMultipartResolver(); */
  267. //
  268. // CommonsMultipartResolver multipartResolver = new CommonsMultipartResolver();
  269. // multipartResolver.setMaxUploadSize(20971520); // 20MB
  270. // multipartResolver.setMaxInMemorySize(1048576); // 1MB
  271. // return multipartResolver;
  272. // }
  273.  
  274. @Bean(name = "multipartResolver")
  275.  
  276. public CommonsMultipartResolver multipartResolver() {
  277.  
  278. CommonsMultipartResolver multipartResolver = new CommonsMultipartResolver();
  279.  
  280. multipartResolver.setMaxUploadSize(100000);
  281.  
  282. return multipartResolver;
  283.  
  284. }
  285.  
  286. @Bean(name = "verifymail")
  287. public String getMailVerificationString(){
  288. Path path;
  289. try {
  290. path = Paths.get(getClass().getClassLoader()
  291. .getResource("Verify.txt").toURI());
  292. byte[] fileBytes = Files.readAllBytes(path);
  293. String data = new String(fileBytes);
  294. return data;
  295. } catch (URISyntaxException e) {
  296. // TODO Auto-generated catch block
  297. e.printStackTrace();
  298. return "texttoreplacehere";
  299. } catch (IOException e) {
  300. // TODO Auto-generated catch block
  301. e.printStackTrace();
  302. return "texttoreplacehere";
  303. }
  304.  
  305. }
  306.  
  307.  
  308. /**
  309. * View resolver for returning JSON in a view-based system. Always returns a
  310. * {@link MappingJacksonJsonView}.
  311. */
  312.  
  313. public class JsonViewResolver implements ViewResolver {
  314.  
  315. /*
  316. * (non-Javadoc)
  317. *
  318. * @see
  319. * org.springframework.web.servlet.ViewResolver#resolveViewName(java
  320. * .lang.String, java.util.Locale)
  321. */
  322. @Override
  323. public View resolveViewName(String viewName, Locale locale)
  324. throws Exception {
  325. MappingJackson2JsonView view = new MappingJackson2JsonView();
  326. view.setPrettyPrint(true);
  327. return view;
  328. }
  329.  
  330. /*
  331. * @Bean public ViewResolver jsonViewResolver() { return new
  332. * JsonViewResolver(); }
  333. */
  334.  
  335. }
  336.  
  337. /**
  338. * Property place holder configurer.
  339. *
  340. * @return the property sources placeholder configurer
  341. */
  342. @Bean
  343. public static PropertySourcesPlaceholderConfigurer propertyPlaceHolderConfigurer() {
  344. return new PropertySourcesPlaceholderConfigurer();
  345. }
  346.  
  347. /**
  348. * Locale resolver.
  349. *
  350. * @return the locale resolver
  351. */
  352. @Bean
  353. public LocaleResolver localeResolver() {
  354. final CookieLocaleResolver cookieLocaleResolver = new CookieLocaleResolver();
  355. cookieLocaleResolver.setDefaultLocale(Locale.ENGLISH);
  356. return cookieLocaleResolver;
  357. }
  358.  
  359.  
  360. }
  361. }
  362.  
  363. }
  364.  
  365.  
  366. // JWTLoginFilter.java
  367.  
  368.  
  369. package com.dayLeasing.configuration.security;
  370.  
  371. import com.dayLeasing.dao.DayLeasingUserDao;
  372. import com.dayLeasing.dao.model.DayleasingUsers;
  373. import com.fasterxml.jackson.databind.ObjectMapper;
  374.  
  375. import org.springframework.beans.factory.annotation.Autowired;
  376. import org.springframework.security.authentication.AuthenticationManager;
  377. import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
  378. import org.springframework.security.core.Authentication;
  379. import org.springframework.security.core.AuthenticationException;
  380. import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
  381. import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
  382.  
  383. import javax.servlet.FilterChain;
  384. import javax.servlet.ServletException;
  385. import javax.servlet.ServletInputStream;
  386. import javax.servlet.http.HttpServletRequest;
  387. import javax.servlet.http.HttpServletResponse;
  388.  
  389. import java.io.IOException;
  390. import java.util.Collections;
  391. import java.util.Enumeration;
  392. import java.util.Map;
  393.  
  394. // TODO: Auto-generated Javadoc
  395.  
  396.  
  397. public class JWTLoginFilter extends AbstractAuthenticationProcessingFilter {
  398.  
  399. static final String ORIGIN = "Origin";
  400.  
  401.  
  402. public JWTLoginFilter(String url, AuthenticationManager authManager) {
  403. super(new AntPathRequestMatcher(url));
  404. setAuthenticationManager(authManager);
  405. }
  406.  
  407.  
  408. @Override
  409. public Authentication attemptAuthentication(HttpServletRequest req,
  410. HttpServletResponse res) throws AuthenticationException,
  411. IOException, ServletException {
  412.  
  413. ServletInputStream inputStream = req.getInputStream();
  414. HttpServletRequest request = (HttpServletRequest) req;
  415. System.out.println("CORSFilter HTTP Request: " + request.getMethod());
  416.  
  417. // Authorize (allow) all domains to consume the content
  418. ((HttpServletResponse) res).addHeader("Access-Control-Allow-Origin",
  419. "*");
  420. ((HttpServletResponse) res).addHeader("Access-Control-Allow-Methods",
  421. "GET, OPTIONS, HEAD, PUT, POST,DELETE");
  422. ((HttpServletResponse) res).addHeader("Access-Control-Allow-Headers",
  423. request.getHeader("Access-Control-Request-Headers"));
  424.  
  425. HttpServletResponse resp = (HttpServletResponse) res;
  426.  
  427. // For HTTP OPTIONS verb/method reply with ACCEPTED status code -- per
  428. // CORS handshake
  429. if (request.getMethod().equals("OPTIONS")) {
  430.  
  431. resp.setStatus(HttpServletResponse.SC_ACCEPTED);
  432. return null;
  433. }
  434.  
  435. // pass the request along the filter chain
  436.  
  437. Enumeration<String> headerNames = req.getHeaderNames();
  438. String string = inputStream.toString();
  439. Map<String, String[]> parameter = req.getParameterMap();
  440. AccountCredentials creds;
  441. try {
  442. creds = new ObjectMapper().readValue(req.getInputStream(),
  443. AccountCredentials.class);
  444.  
  445. return getAuthenticationManager().authenticate(
  446. new UsernamePasswordAuthenticationToken(
  447. creds.getUsername(), creds.getPassword(),
  448. Collections.emptyList()));
  449. } catch (Exception e) {
  450. resp.setStatus(HttpServletResponse.SC_FORBIDDEN);
  451. return null;
  452. }
  453. }
  454.  
  455. /*
  456. * (non-Javadoc)
  457. * @see org.springframework.security.web.authentication.
  458. * AbstractAuthenticationProcessingFilter#
  459. * successfulAuthentication(javax.servlet.http.HttpServletRequest,
  460. * javax.servlet.http.HttpServletResponse, javax.servlet.FilterChain,
  461. * org.springframework.security.core.Authentication)
  462. */
  463. @Override
  464. protected void successfulAuthentication(HttpServletRequest req,
  465. HttpServletResponse res, FilterChain chain, Authentication auth)
  466. throws IOException, ServletException {
  467.  
  468. TokenAuthenticationService.addAuthentication(res, auth.getName(),
  469. auth.getCredentials(), auth.getAuthorities());
  470. }
  471. }
  472.  
  473. // JWTAuthenticationFilter.java
  474.  
  475.  
  476. package com.dayLeasing.configuration.security;
  477.  
  478. import org.springframework.security.core.context.SecurityContextHolder;
  479. import org.springframework.web.filter.GenericFilterBean;
  480. import org.springframework.security.core.Authentication;
  481.  
  482. import javax.servlet.FilterChain;
  483. import javax.servlet.ServletException;
  484. import javax.servlet.ServletRequest;
  485. import javax.servlet.ServletResponse;
  486. import javax.servlet.http.HttpServletRequest;
  487. import javax.servlet.http.HttpServletResponse;
  488.  
  489. import java.io.IOException;
  490. import java.util.Enumeration;
  491.  
  492. // TODO: Auto-generated Javadoc
  493.  
  494.  
  495. public class JWTAuthenticationFilter extends GenericFilterBean {
  496.  
  497. /*
  498. * (non-Javadoc)
  499. * @see javax.servlet.Filter#doFilter(javax.servlet.ServletRequest,
  500. * javax.servlet.ServletResponse, javax.servlet.FilterChain)
  501. */
  502. @Override
  503. public void doFilter(ServletRequest req, ServletResponse res,
  504. FilterChain filterChain) throws IOException, ServletException {
  505. HttpServletRequest request = (HttpServletRequest) req;
  506. System.out.println("CORSFilter HTTP Request: " + request.getMethod());
  507.  
  508. // Authorize (allow) all domains to consume the content
  509. ((HttpServletResponse) res).addHeader("Access-Control-Allow-Origin",
  510. "*");
  511. ((HttpServletResponse) res).addHeader("Access-Control-Allow-Methods",
  512. "GET, OPTIONS, HEAD, PUT, POST,DELETE");
  513. ((HttpServletResponse) res).addHeader("Access-Control-Allow-Headers",
  514. request.getHeader("Access-Control-Request-Headers"));
  515.  
  516. HttpServletResponse resp = (HttpServletResponse) res;
  517.  
  518. // For HTTP OPTIONS verb/method reply with ACCEPTED status code -- per
  519. // CORS handshake
  520. if (request.getMethod().equals("OPTIONS")) {
  521.  
  522. resp.setStatus(HttpServletResponse.SC_ACCEPTED);
  523. return;
  524. }
  525. // Authentication authentication2 =
  526. // SecurityContextHolder.getContext().getAuthentication();
  527. else {
  528. Authentication authentication = TokenAuthenticationService
  529. .getAuthentication((HttpServletRequest) request);
  530.  
  531. SecurityContextHolder.getContext()
  532. .setAuthentication(authentication);
  533.  
  534. }
  535. filterChain.doFilter(req, res);
  536. }
  537. }
  538.  
  539.  
  540.  
  541. // SecurityApplicationInitializer.java
  542.  
  543. package com.dayLeasing.configuration.security;
  544.  
  545. import javax.servlet.ServletContext;
  546.  
  547. import org.springframework.core.annotation.Order;
  548. import org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer;
  549. import org.springframework.web.multipart.support.MultipartFilter;
  550.  
  551. public class SecurityApplicationInitializer extends AbstractSecurityWebApplicationInitializer {
  552.  
  553. @Override
  554. @Order
  555. protected void beforeSpringSecurityFilterChain(ServletContext servletContext) {
  556.  
  557. insertFilters(servletContext, new MultipartFilter());
  558.  
  559. }
  560.  
  561. }
  562.  
  563.  
  564.  
  565.  
  566.  
  567. // WebSecurityConfig.java
  568.  
  569.  
  570. package com.dayLeasing.configuration.security;
  571.  
  572.  
  573.  
  574. // TODO: Auto-generated Javadoc
  575.  
  576.  
  577. @Configuration
  578. @EnableWebSecurity
  579. public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
  580.  
  581. /** The user details service. */
  582. @Autowired
  583. @Qualifier("userDetailsService")
  584. UserDetailsService userDetailsService;
  585.  
  586. /*
  587. * (non-Javadoc)
  588. * @see
  589. * org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
  590. * #configure(org.springframework.security.config.annotation.web.builders.HttpSecurity)
  591. */
  592. @Override
  593. protected void configure(HttpSecurity http) throws Exception {
  594. http.csrf()
  595. .disable()
  596. .authorizeRequests()
  597. .antMatchers("/")
  598. .permitAll()
  599. .antMatchers("/registration/**")
  600. .permitAll()
  601. .antMatchers("/landOwners/**")
  602. .permitAll()
  603. .antMatchers("/town/**")
  604. .permitAll()
  605. .antMatchers("/check")
  606. .permitAll()
  607. .antMatchers("/sendVerification")
  608. .permitAll()
  609. .antMatchers(HttpMethod.POST,"/login")
  610. .permitAll()
  611. .antMatchers(HttpMethod.GET,"/hunter/**")
  612. .permitAll()
  613. .antMatchers(HttpMethod.POST,"/hunter/reservation")
  614. .permitAll()
  615. .antMatchers("/admin/**")
  616. .hasAuthority("ADMIN")
  617. .antMatchers("/user/**")
  618. .hasAuthority("USER")
  619. .antMatchers("/hunter/**")
  620. .hasAuthority("HUNTER")
  621. .anyRequest()
  622. .authenticated()
  623. .and()
  624. // We filter the api/login requests
  625. .addFilterBefore(new JWTLoginFilter("/login", authenticationManager()),
  626. UsernamePasswordAuthenticationFilter.class)
  627. // And filter other requests to check the presence of JWT in header
  628. .addFilterBefore(new JWTAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class);
  629. }
  630.  
  631. @Override
  632. public void configure(WebSecurity web) throws Exception {
  633. web.ignoring().antMatchers("/resources/**", "/v2/api-docs", "/configuration/ui",
  634. "/swagger-resources/**", "/configuration/security", "/swagger-ui.html", "/webjars/**",
  635. "/images/**"); // #3
  636.  
  637. }
  638.  
  639. /*
  640. * (non-Javadoc)
  641. * @see
  642. * org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
  643. * #configure(org.springframework.security.config.annotation.authentication.builders.
  644. * AuthenticationManagerBuilder)
  645. */
  646. @Override
  647. protected void configure(AuthenticationManagerBuilder auth) throws Exception {
  648. // Create a default account to test
  649. auth.userDetailsService(userDetailsService);
  650. }
  651.  
  652. /**
  653. * Password encoder.
  654. *
  655. * @return the password encoder
  656. */
  657. @Bean
  658. public PasswordEncoder passwordEncoder() {
  659. PasswordEncoder encoder = new BCryptPasswordEncoder();
  660. return encoder;
  661. }
  662. }
  663.  
  664.  
  665. [1]: https://i.stack.imgur.com/fHZ2g.png
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!