Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- //LoginFilter.java
- public class LoginFilter extends AbstractAuthenticationProcessingFilter {
- public LoginFilter(String url, AuthenticationManager authenticationManager) {
- super(new AntPathRequestMatcher(url));
- setAuthenticationManager(authenticationManager);
- }
- @Override
- public Authentication attemptAuthentication(HttpServletRequest req, HttpServletResponse res) throws AuthenticationException, IOException, ServletException {
- AccountCredentials cred = new ObjectMapper().readValue(req.getInputStream(), AccountCredentials.class);
- return getAuthenticationManager().authenticate(
- new UsernamePasswordAuthenticationToken(cred.getUsername(), cred.getPassword(), Collections.emptyList()));
- }
- @Override
- protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, FilterChain chain, Authentication authResult) throws IOException, ServletException {
- AuthenticationService.addToken(response, authResult.getName());
- }
- }
- //SecurityConfig.java
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- http.cors().and().authorizeRequests()
- .antMatchers(HttpMethod.POST, "/login").permitAll()
- .anyRequest().authenticated()
- .and()
- .addFilterBefore(new LoginFilter("/login", authenticationManager()), UsernamePasswordAuthenticationFilter.class)
- .addFilterBefore(new AuthenticationFilter(), UsernamePasswordAuthenticationFilter.class);
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement