From 5db196eebb04155491630b5396d1b7a7f2eab4e6 Mon Sep 17 00:00:00 2001
From: William Harrington <kb0iic@berzerkula.org>
Date: Tue, 11 Feb 2025 21:30:34 -0600
Subject: Push initial release 1.0.0

---
 .../berzerkula/builddb/config/SecurityConfig.java  | 79 ++++++++++++++++++++++
 1 file changed, 79 insertions(+)
 create mode 100644 src/main/java/org/berzerkula/builddb/config/SecurityConfig.java

(limited to 'src/main/java/org/berzerkula/builddb/config/SecurityConfig.java')

diff --git a/src/main/java/org/berzerkula/builddb/config/SecurityConfig.java b/src/main/java/org/berzerkula/builddb/config/SecurityConfig.java
new file mode 100644
index 0000000..dbaacd5
--- /dev/null
+++ b/src/main/java/org/berzerkula/builddb/config/SecurityConfig.java
@@ -0,0 +1,79 @@
+package org.berzerkula.builddb.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.web.SecurityFilterChain;
+
+@Configuration
+@EnableWebSecurity
+@EnableMethodSecurity
+public class SecurityConfig {
+
+	@Bean
+    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+        return http
+                .authorizeHttpRequests( auth -> auth
+                		.requestMatchers("/").permitAll()
+						.requestMatchers("/actuator/**").hasRole("admin")
+						.requestMatchers("/env/**").hasRole("admin")
+						.requestMatchers("/health/**").hasRole("admin")
+						.requestMatchers("/info/**").hasRole("admin")
+                		.requestMatchers("/contact").permitAll()
+	                    .requestMatchers("/pkgs/**").hasRole("client")
+	                    .requestMatchers("/register").permitAll()
+	                    .requestMatchers("/login").permitAll()
+	                    .requestMatchers("/logout").permitAll()
+	                    .anyRequest().authenticated()
+                )
+                .formLogin(form -> form
+                		.loginPage("/login")
+                		.usernameParameter("email")
+                		.passwordParameter("password")
+                		.defaultSuccessUrl("/", true)
+                )
+                .logout(config -> config.logoutSuccessUrl("/"))
+        		.build();
+    }
+	
+	
+	@Bean
+	public PasswordEncoder passwordEncoder() {
+	    return new BCryptPasswordEncoder();
+	}
+}
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-- 
cgit v1.2.3-54-g00ecf