3 files changed, 109 insertions, 0 deletions
diff --git a/src/main/java/com/mavlushechka/studentdatabase/config/CustomAuthenticationSuccessHandler.java b/src/main/java/com/mavlushechka/studentdatabase/config/CustomAuthenticationSuccessHandler.java
new file mode 100755
index 0000000..2239e91
--- /dev/null
+++ b/src/main/java/com/mavlushechka/studentdatabase/config/CustomAuthenticationSuccessHandler.java
@@ -0,0 +1,25 @@
+package com.mavlushechka.studentdatabase.config;
+
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
+import org.springframework.stereotype.Component;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+@Component
+public class CustomAuthenticationSuccessHandler implements AuthenticationSuccessHandler {
+    @Override
+    public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException {
+        response.setStatus(HttpServletResponse.SC_OK);
+
+        for (GrantedAuthority auth : authentication.getAuthorities()) {
+            switch (auth.getAuthority()) {
+                case "USER" -> response.sendRedirect("/");
+                case "ADMIN" -> response.sendRedirect("/admin-panel/information/students");
+            }
+        }
+    }
+}
diff --git a/src/main/java/com/mavlushechka/studentdatabase/config/MvcConfig.java b/src/main/java/com/mavlushechka/studentdatabase/config/MvcConfig.java
new file mode 100755
index 0000000..ac7abb8
--- /dev/null
+++ b/src/main/java/com/mavlushechka/studentdatabase/config/MvcConfig.java
@@ -0,0 +1,22 @@
+package com.mavlushechka.studentdatabase.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+@Configuration
+public class MvcConfig implements WebMvcConfigurer {
+    @Bean
+    public BCryptPasswordEncoder bCryptPasswordEncoder() {
+        return new BCryptPasswordEncoder();
+    }
+
+    public void addViewControllers(ViewControllerRegistry registry) {
+        registry.addViewController("/authentication/login").setViewName("authentication/login");
+        registry.addViewController("/authentication/change-password").setViewName("authentication/change-password");
+        registry.addViewController("/admin-panel/add-users").setViewName("/admin-panel/add-users");
+        registry.addViewController("/admin-panel/information/search").setViewName("/admin-panel/information/search");
+    }
+}
+\ No newline at end of file
diff --git a/src/main/java/com/mavlushechka/studentdatabase/config/WebSecurityConfig.java b/src/main/java/com/mavlushechka/studentdatabase/config/WebSecurityConfig.java
new file mode 100755
index 0000000..99733d6
--- /dev/null
+++ b/src/main/java/com/mavlushechka/studentdatabase/config/WebSecurityConfig.java
@@ -0,0 +1,62 @@
+package com.mavlushechka.studentdatabase.config;
+
+import com.mavlushechka.studentdatabase.service.CustomUserDetailsService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.builders.WebSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+
+@Configuration
+@EnableWebSecurity
+public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
+    @Autowired
+    private BCryptPasswordEncoder bCryptPasswordEncoder;
+    @Autowired
+    CustomAuthenticationSuccessHandler customAuthenticationSuccessHandler;
+
+    @Bean
+    public UserDetailsService mongoUserDetails() {
+        return new CustomUserDetailsService();
+    }
+
+    @Override
+    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+        UserDetailsService userDetailsService = mongoUserDetails();
+        auth
+                .userDetailsService(userDetailsService)
+                .passwordEncoder(bCryptPasswordEncoder);
+    }
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http
+                .authorizeRequests()
+                    .antMatchers("/admin-panel/**").hasAuthority("ADMIN")
+                    .anyRequest().authenticated()
+                    .and()
+                .csrf()
+                    .disable()
+                    .formLogin()
+                    .loginPage("/authentication/login")
+                    .permitAll()
+                    .and()
+                .logout()
+                    .logoutSuccessUrl("/")
+                    .permitAll()
+                    .and()
+                .exceptionHandling();
+    }
+
+    @Override
+    public void configure(WebSecurity web) {
+        web
+                .ignoring()
+                    .antMatchers("/js/**", "/css/**", "/img/**", "/fonts/**");
+    }
+}
+\ No newline at end of file