Mini refactor
This commit is contained in:
@ -39,13 +39,13 @@ public class SecurityConfig {
|
||||
|
||||
http
|
||||
.csrf(csrf -> csrf
|
||||
.ignoringRequestMatchers("/api/v1/**")
|
||||
.ignoringRequestMatchers("/**")
|
||||
.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())) // Disable CSRF for API routes
|
||||
.sessionManagement(sessionManagement -> sessionManagement
|
||||
.sessionCreationPolicy(SessionCreationPolicy.STATELESS) // No session will be created by Spring Security
|
||||
)
|
||||
.authorizeHttpRequests(authorize -> authorize
|
||||
.requestMatchers("/api/v1/secure/**").authenticated() // Secure these endpoints
|
||||
.requestMatchers("/secure/**").authenticated() // Secure these endpoints
|
||||
.anyRequest().permitAll() // All other requests are allowed without authentication
|
||||
)
|
||||
.headers(headers -> headers
|
||||
|
||||
14
src/main/java/de/w665/biblenotes/config/WebConfig.java
Normal file
14
src/main/java/de/w665/biblenotes/config/WebConfig.java
Normal file
@ -0,0 +1,14 @@
|
||||
package de.w665.biblenotes.config;
|
||||
|
||||
import org.springframework.web.servlet.config.annotation.CorsRegistry;
|
||||
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
|
||||
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
|
||||
|
||||
public class WebConfig implements WebMvcConfigurer {
|
||||
@Override
|
||||
public void addResourceHandlers(ResourceHandlerRegistry registry) {
|
||||
// Map static resources to the root path
|
||||
registry.addResourceHandler("/**")
|
||||
.addResourceLocations("classpath:/static/");
|
||||
}
|
||||
}
|
||||
@ -16,7 +16,7 @@ import java.util.Map;
|
||||
|
||||
@Slf4j
|
||||
@RestController
|
||||
@RequestMapping("/api/v1/auth")
|
||||
@RequestMapping("/auth")
|
||||
public class AuthenticationController {
|
||||
private final AuthenticationService authenticationService;
|
||||
|
||||
|
||||
@ -17,7 +17,8 @@ import org.springframework.web.bind.annotation.*;
|
||||
import java.util.Optional;
|
||||
|
||||
@RestController
|
||||
public class BibleReadingPlanMapping extends SecureApiRestController {
|
||||
@RequestMapping("/secure/bible-reading-plan")
|
||||
public class BibleReadingPlanMapping {
|
||||
|
||||
private final EntityManager entityManager;
|
||||
private final BibleReadingPlanRepository bibleReadingPlanRepository;
|
||||
@ -27,8 +28,8 @@ public class BibleReadingPlanMapping extends SecureApiRestController {
|
||||
this.bibleReadingPlanRepository = bibleReadingPlanRepository;
|
||||
}
|
||||
|
||||
@GetMapping("/bible-reading-plan")
|
||||
public ResponseEntity<Object> getBibleReadingPlans(@RequestParam(required = true) Long id) {
|
||||
@GetMapping
|
||||
public ResponseEntity<Object> getBibleReadingPlans(@RequestParam(name = "id", required = true) Long id) {
|
||||
Optional<BibleReadingPlan> brp = bibleReadingPlanRepository.findById(id);
|
||||
if(brp.isEmpty()) {
|
||||
return new ResponseEntity<>(HttpStatus.NOT_FOUND);
|
||||
@ -44,7 +45,7 @@ public class BibleReadingPlanMapping extends SecureApiRestController {
|
||||
return new ResponseEntity<>(bibleReadingPlanDTO, HttpStatus.OK);
|
||||
}
|
||||
|
||||
@PostMapping("/bible-reading-plan")
|
||||
@PostMapping
|
||||
public ResponseEntity<Object> createBibleReadingPlan(@RequestBody BibleReadingPlanDTO bibleReadingPlanDTO) {
|
||||
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
|
||||
|
||||
|
||||
@ -15,4 +15,7 @@ spring.jpa.database=postgresql
|
||||
logging.level.de.w665.biblenotes=DEBUG
|
||||
|
||||
# Static path
|
||||
spring.web.resources.static-locations=classpath:/static/
|
||||
spring.web.resources.static-locations=classpath:/static/
|
||||
|
||||
# If this is removed, this prefix must be added to the security config
|
||||
spring.mvc.servlet.path=/api/v1
|
||||
|
||||
Reference in New Issue
Block a user