před 3 roky · ff85b75793
--- a/src/main/java/com/example/plantsforyou/filter/CustomAuthenticationFilter.java
+++ b/src/main/java/com/example/plantsforyou/filter/CustomAuthenticationFilter.java
@@ -13,6 +13,7 @@ import org.springframework.security.core.Authentication;
 
															 import org.springframework.security.core.AuthenticationException;
														
 
															 import org.springframework.security.core.GrantedAuthority;
														
 
															 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
														
 
															+import org.springframework.web.bind.annotation.CrossOrigin;
														
 
															 import javax.servlet.FilterChain;
														
 
															 import javax.servlet.ServletException;
														
@@ -37,8 +38,8 @@ public class CustomAuthenticationFilter extends UsernamePasswordAuthenticationFi
 
															     }
														
 
															     @Override
														
 
															-    public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException {
														
 
															-
														
 
															+    public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) {
														
 
															+        log.info("New login request!");
														
 
															         try {
														
 
															             BufferedReader reader = request.getReader();
														
 
															             StringBuilder stringBuilder = new StringBuilder();
														
@@ -55,6 +56,10 @@ public class CustomAuthenticationFilter extends UsernamePasswordAuthenticationFi
 
															             UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(email, password);
														
 
															             return authenticationManager.authenticate(authenticationToken);
														
 
															         }
														
 
															+        catch (AuthenticationException e){
														
 
															+            log.error("Error on auth");
														
 
															+            throw new IllegalStateException(e.getMessage());
														
 
															+        }
														
 
															         catch(IOException e){
														
 
															             throw new IllegalArgumentException(e.getMessage());
														
 
															         }
														
--- a/src/main/java/com/example/plantsforyou/security/config/WebSecurityConfig.java
+++ b/src/main/java/com/example/plantsforyou/security/config/WebSecurityConfig.java
@@ -35,10 +35,10 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
 
															     @Override
														
 
															     protected void configure(HttpSecurity http) throws Exception {
														
 
															+        http.csrf().disable();
														
 
															+        http.cors();
														
 
															         http.authorizeRequests().antMatchers("/login").permitAll();
														
 
															         http.authorizeRequests().antMatchers("/api/v*/registration/**", "/api/v*/users/token/refresh/**", "/api/v*/plants/no-auth").permitAll();
														
 
															-        http.cors();
														
 
															-        http.csrf().disable();
														
 
															         http.sessionManagement().sessionCreationPolicy(STATELESS);
														
 
															         http.authorizeRequests().antMatchers("/api/v*/**").hasAnyAuthority("USER");
														
 
															         http.addFilter(new CustomAuthenticationFilter(authenticationManagerBean()));