Api related to logout,reset and change password in user api controller

2024-08-26 12:27:12 +05:30
parent 0f7574499c
commit a45dd56432
17 changed files with 393 additions and 36 deletions
--- a/src/main/java/net/gepafin/tendermanagement/config/SecurityConfig.java
+++ b/src/main/java/net/gepafin/tendermanagement/config/SecurityConfig.java
@@ -39,13 +39,12 @@ import net.gepafin.tendermanagement.config.jwt.TokenProvider;
 public class SecurityConfig {

    private final TokenProvider tokenProvider;
-    
-    private final CorsFilter corsFilter;
+    private final CorsConfigurationSource corsConfigurationSource;

    @Autowired
-    public SecurityConfig(TokenProvider tokenProvider, CorsFilter corsFilter) {
+    public SecurityConfig(TokenProvider tokenProvider, CorsConfigurationSource corsConfigurationSource) {
        this.tokenProvider = tokenProvider;
-        this.corsFilter = corsFilter;
+        this.corsConfigurationSource = corsConfigurationSource;
    }

    @Bean
@@ -59,20 +58,19 @@ public class SecurityConfig {
    }

    @Bean
-    MvcRequestMatcher.Builder mvc(HandlerMappingIntrospector introspector) {
+    public MvcRequestMatcher.Builder mvc(HandlerMappingIntrospector introspector) {
        return new MvcRequestMatcher.Builder(introspector);
    }
-    
+
    @Bean
    public WebSecurityCustomizer webSecurityCustomizer(MvcRequestMatcher.Builder mvc) {
        return (web) -> web.ignoring().requestMatchers(mvc.pattern(HttpMethod.OPTIONS, "/**"))
-        		.requestMatchers(new AntPathRequestMatcher("/i18n/**"))
-        		.requestMatchers(new AntPathRequestMatcher("/content/**"))
-        		.requestMatchers(new AntPathRequestMatcher("/swagger-ui/index.html"))
-        		.requestMatchers(new AntPathRequestMatcher("/swagger-ui/**"));
+                .requestMatchers(new AntPathRequestMatcher("/i18n/**"))
+                .requestMatchers(new AntPathRequestMatcher("/content/**"))
+                .requestMatchers(new AntPathRequestMatcher("/swagger-ui/index.html"))
+                .requestMatchers(new AntPathRequestMatcher("/swagger-ui/**"));
    }

-
 //    @Bean
 //    public CorsConfigurationSource corsConfigurationSource() {
 //        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
@@ -85,9 +83,14 @@ public class SecurityConfig {
 //        return source;
 //    }

+    @Bean
+    public CorsFilter corsFilter() {
+        return new CorsFilter(corsConfigurationSource);
+    }
+
    @Bean
    public SecurityFilterChain securityFilterChain(HttpSecurity http, MvcRequestMatcher.Builder mvc) throws Exception {
-    			http
+        http
                .csrf(AbstractHttpConfigurer::disable)
                .authorizeHttpRequests(auth -> auth
                        .requestMatchers(mvc.pattern(HttpMethod.POST, "/v1/user/login")).permitAll()
@@ -99,7 +102,7 @@ public class SecurityConfig {
                .sessionManagement(session -> session
                        .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
                )
-                .addFilterBefore(corsFilter, UsernamePasswordAuthenticationFilter.class)
+                .addFilterBefore(corsFilter(), UsernamePasswordAuthenticationFilter.class)
                .addFilterBefore(new JWTFilter(tokenProvider), UsernamePasswordAuthenticationFilter.class);

        return http.build();