Skip to content

Initial Commit #1

New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Open
wants to merge 4 commits into
base: 3.3.0
Choose a base branch
from
Open

Initial Commit #1

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
ea5766d
Initial Commit
nivinjohn37 Jul 28, 2024
d98760f
inital commit
nivinjohn37 Jul 28, 2024
a559db9
Password Handling
nivinjohn37 Sep 23, 2024
4de1db8
password handling
nivinjohn37 Sep 24, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion ...secsection1/src/main/java/com/eazybytes/springsecsection1/EazyBankBackendApplication.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@
@SpringBootApplication
// @ComponentScan("com.eazybytes.springsecsection1.controller")
public class EazyBankBackendApplication {

//Initial Commit
public static void main(String[] args) {
SpringApplication.run(EazyBankBackendApplication.class, args);
}
Expand Down
2 changes: 1 addition & 1 deletion section2/springsecsection2/pom.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@
<name>springsecsection2</name>
<description>Demo project for Spring Boot and Spring Security</description>
<properties>
<java.version>21</java.version>
<java.version>17</java.version>
</properties>
<dependencies>
<dependency>
Expand Down
33 changes: 32 additions & 1 deletion section2/springsecsection2/src/main/java/com/eazybytes/config/ProjectSecurityConfig.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,20 @@

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.password.CompromisedPasswordChecker;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.factory.PasswordEncoderFactories;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
import org.springframework.security.provisioning.UserDetailsManager;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.password.HaveIBeenPwnedRestApiPasswordChecker;

import java.util.Properties;

import static org.springframework.security.config.Customizer.withDefaults;

Expand All @@ -15,11 +27,30 @@ SecurityFilterChain defaultSecurityFilterChain(HttpSecurity http) throws Excepti
/*http.authorizeHttpRequests((requests) -> requests.anyRequest().permitAll());*/
/*http.authorizeHttpRequests((requests) -> requests.anyRequest().denyAll());*/
http.authorizeHttpRequests((requests) -> requests
.requestMatchers("/myAccount", "/myBalance", "/myLoans", "/myCards").authenticated()
.requestMatchers("/login", "/myAccount", "/myBalance", "/myLoans", "/myCards").authenticated()
.requestMatchers("/notices", "/contact", "/error").permitAll());
http.formLogin(withDefaults());
http.httpBasic(withDefaults());
//http.formLogin(AbstractHttpConfigurer::disable);
//http.httpBasic(AbstractHttpConfigurer::disable);
return http.build();
}

@Bean
public UserDetailsService userDetailsService() {
UserDetails user = User.withUsername("user").password("{bcrypt}$2a$12$tvuWBmpxQtFpJmXbrpPsc.mBYqKGD8gA8H/0PY.6GqQMYqRFonU1a").authorities("read").build();
UserDetails admin = User.withUsername("admin").password("{bcrypt}$2a$12$h4zkrTtDoa5eDIXhWekMOuNeqcADiDze2EfAgnCQpEKajwZejI7PS").authorities("admin").build();
return new InMemoryUserDetailsManager(user, admin);
}

@Bean
public PasswordEncoder passwordEncoder() {
return PasswordEncoderFactories.createDelegatingPasswordEncoder();
}

@Bean
public CompromisedPasswordChecker compromisedPasswordChecker() {
return new HaveIBeenPwnedRestApiPasswordChecker();
}

}
4 changes: 2 additions & 2 deletions section2/springsecsection2/src/main/resources/application.properties
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
spring.application.name=${SPRING_APP_NAME:eazybankbackend}
spring.security.user.name=${SECURITY_USERNAME:eazybytes}
spring.security.user.password=${SECURITY_PASSWORD:12345}
#spring.security.user.name=${SECURITY_USERNAME:admin}
#spring.security.user.password=${SECURITY_PASSWORD:admin}
logging.level.org.springframework.security=${SPRING_SECURITY_LOG_LEVEL:TRACE}

logging.pattern.console = ${LOGPATTERN_CONSOLE:%green(%d{HH:mm:ss.SSS}) %blue(%-5level) %red([%thread]) %yellow(%logger{15}) - %msg%n}