init

2025-01-07 12:35:17 +03:00
commit afd8e9f6d7
72 changed files with 4606 additions and 0 deletions
--- a/src/main/kotlin/space/luminic/budgerapp/configs/SecurityConfig.kt
+++ b/src/main/kotlin/space/luminic/budgerapp/configs/SecurityConfig.kt
@@ -0,0 +1,62 @@
+package space.luminic.budgerapp.configs
+
+import org.springframework.context.annotation.Bean
+import org.springframework.context.annotation.Configuration
+import org.springframework.http.HttpMethod
+import org.springframework.security.config.web.server.SecurityWebFiltersOrder
+import org.springframework.security.config.web.server.ServerHttpSecurity
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
+import org.springframework.security.crypto.password.PasswordEncoder
+import org.springframework.security.web.server.SecurityWebFilterChain
+import space.luminic.budgerapp.controllers.CustomAuthenticationEntryPoint
+
+
+import space.luminic.budgerapp.services.AuthService
+
+@Configuration
+class SecurityConfig(
+    private val authService: AuthService
+) {
+    @Bean
+    fun securityWebFilterChain(
+        http: ServerHttpSecurity,
+        bearerTokenFilter: BearerTokenFilter,
+        customAuthenticationEntryPoint: CustomAuthenticationEntryPoint
+    ): SecurityWebFilterChain {
+        return http
+            .csrf { it.disable() }
+            .cors { it.configurationSource(corsConfigurationSource()) }
+
+            .logout { it.disable() }
+            .authorizeExchange {
+                it.pathMatchers(HttpMethod.POST, "/auth/login").permitAll()
+                it.pathMatchers("/actuator/**").permitAll()
+                it.anyExchange().authenticated()
+            }
+            .addFilterAt(
+                bearerTokenFilter,
+                SecurityWebFiltersOrder.AUTHENTICATION
+            ) // BearerTokenFilter только для authenticated
+            .build()
+    }
+
+
+    @Bean
+    fun passwordEncoder(): PasswordEncoder {
+        return BCryptPasswordEncoder()
+    }
+
+    @Bean
+    fun corsConfigurationSource(): org.springframework.web.cors.reactive.CorsConfigurationSource {
+        val corsConfig = org.springframework.web.cors.CorsConfiguration()
+        corsConfig.allowedOrigins =
+            listOf("https://luminic.space", "http://localhost:5173") // Ваши разрешённые источники
+        corsConfig.allowedMethods = listOf("GET", "POST", "PUT", "DELETE", "OPTIONS", "PATCH")
+        corsConfig.allowedHeaders = listOf("*")
+        corsConfig.allowCredentials = true
+
+        val source = org.springframework.web.cors.reactive.UrlBasedCorsConfigurationSource()
+        source.registerCorsConfiguration("/**", corsConfig)
+        return source
+    }
+}