package com.thinksincode.tailstreamer.config; import org.springframework.boot.context.properties.ConfigurationProperties; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.authentication.configurers.provisioning.InMemoryUserDetailsManagerConfigurer; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.config.annotation.web.servlet.configuration.EnableWebMvcSecurity; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import java.util.ArrayList; import java.util.List; import java.util.Map; @Configuration @ConfigurationProperties(prefix = "auth") @EnableWebMvcSecurity public class WebSecurityConfig extends WebSecurityConfigurerAdapter { private List<User> users = new ArrayList<>(); public void setUsers(List<User> users) { this.users = users; } public List<User> getUsers() { return users; } @Override protected void configure(HttpSecurity http) throws Exception { if (!users.isEmpty()) { http .authorizeRequests() .antMatchers("/css/*.css", "/fonts/*", "/logo.png", "/favicon.png").permitAll() .anyRequest().authenticated() .and() .formLogin() .loginPage("/login") .permitAll() .and() .logout() .permitAll(); } } @Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { if (!users.isEmpty()) { BCryptPasswordEncoder encoder = new BCryptPasswordEncoder(); InMemoryUserDetailsManagerConfigurer<AuthenticationManagerBuilder> configurer = auth.inMemoryAuthentication(); configurer.passwordEncoder(encoder); for (User user : users) { configurer.withUser(user.getUsername()).password(user.getPassword()).roles("USER"); } } } }