com.stephenschafer.budget.api/src/main/java/com/stephenschafer/budget/WebSecurityConfig.java

package com.stephenschafer.budget;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.ProviderManager;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

@Configuration
@EnableWebSecurity
public class WebSecurityConfig {
	@Autowired
	private JwtAuthenticationEntryPoint unauthorizedHandler;
	@Autowired
	CustomCorsConfiguration customCorsConfiguration;

	@Bean
	AuthenticationManager authenticationManager(final UserDetailsService userDetailsService,
			final PasswordEncoder passwordEncoder) {
		final var provider = new DaoAuthenticationProvider(userDetailsService);
		provider.setPasswordEncoder(passwordEncoder);
		return new ProviderManager(provider);
	}

	@Bean
	BCryptPasswordEncoder passwordEncoder() {
		return new BCryptPasswordEncoder();
	}

	@Bean
	JwtAuthenticationFilter authenticationTokenFilterBean() throws Exception {
		return new JwtAuthenticationFilter();
	}

	@Bean
	SecurityFilterChain filterChain(final HttpSecurity http) throws Exception {
		http.cors(c -> c.configurationSource(customCorsConfiguration)) //
				.csrf(AbstractHttpConfigurer::disable) //
				.authorizeHttpRequests(requests -> {
					requests.requestMatchers("/token/*",
						"/signup").permitAll().anyRequest().authenticated();
				}) //
				.exceptionHandling(
					configurer -> configurer.authenticationEntryPoint(unauthorizedHandler)) //
				.sessionManagement(configurer -> configurer.sessionCreationPolicy(
					SessionCreationPolicy.STATELESS));
		http.addFilterBefore(authenticationTokenFilterBean(),
			UsernamePasswordAuthenticationFilter.class);
		/*
		requests.requestMatchers("/token/*",
				"/signup").permitAll().anyRequest().authenticated();
		*/
		/*
		http.cors().and().csrf().disable().authorizeRequests().antMatchers("/token/*",
				"/signup").permitAll().anyRequest().authenticated().and().exceptionHandling().authenticationEntryPoint(
					unauthorizedHandler).and().sessionManagement().sessionCreationPolicy(
						SessionCreationPolicy.STATELESS);
			// @formatter:on
			http.addFilterBefore(authenticationTokenFilterBean(),
				UsernamePasswordAuthenticationFilter.class);
		*/
		return http.build();
	}
}
Initial commit. 2025-07-13 09:59:20 -06:00			`package com.stephenschafer.budget;`

			`import org.springframework.beans.factory.annotation.Autowired;`
			`import org.springframework.context.annotation.Bean;`
			`import org.springframework.context.annotation.Configuration;`
			`import org.springframework.security.authentication.AuthenticationManager;`
			`import org.springframework.security.authentication.ProviderManager;`
			`import org.springframework.security.authentication.dao.DaoAuthenticationProvider;`
			`import org.springframework.security.config.annotation.web.builders.HttpSecurity;`
			`import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;`
			`import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;`
			`import org.springframework.security.config.http.SessionCreationPolicy;`
			`import org.springframework.security.core.userdetails.UserDetailsService;`
			`import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;`
			`import org.springframework.security.crypto.password.PasswordEncoder;`
			`import org.springframework.security.web.SecurityFilterChain;`
			`import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;`

			`@Configuration`
			`@EnableWebSecurity`
			`public class WebSecurityConfig {`
			`@Autowired`
			`private JwtAuthenticationEntryPoint unauthorizedHandler;`
			`@Autowired`
			`CustomCorsConfiguration customCorsConfiguration;`

			`@Bean`
			`AuthenticationManager authenticationManager(final UserDetailsService userDetailsService,`
			`final PasswordEncoder passwordEncoder) {`
Update spring tools. Update spring boot version. Add -proc:full to maven compiler args. Change mysql connector to mariadb connector in pom. Add detail.hidden. Enhance report filtering. Add paid and paid-by to report. Change mysql driver to mariadb driver. 2026-06-12 14:39:43 -06:00			`final var provider = new DaoAuthenticationProvider(userDetailsService);`
Initial commit. 2025-07-13 09:59:20 -06:00			`provider.setPasswordEncoder(passwordEncoder);`
			`return new ProviderManager(provider);`
			`}`

			`@Bean`
			`BCryptPasswordEncoder passwordEncoder() {`
			`return new BCryptPasswordEncoder();`
			`}`

			`@Bean`
			`JwtAuthenticationFilter authenticationTokenFilterBean() throws Exception {`
			`return new JwtAuthenticationFilter();`
			`}`

			`@Bean`
			`SecurityFilterChain filterChain(final HttpSecurity http) throws Exception {`
			`http.cors(c -> c.configurationSource(customCorsConfiguration)) //`
			`.csrf(AbstractHttpConfigurer::disable) //`
			`.authorizeHttpRequests(requests -> {`
			`requests.requestMatchers("/token/*",`
			`"/signup").permitAll().anyRequest().authenticated();`
			`}) //`
			`.exceptionHandling(`
			`configurer -> configurer.authenticationEntryPoint(unauthorizedHandler)) //`
			`.sessionManagement(configurer -> configurer.sessionCreationPolicy(`
			`SessionCreationPolicy.STATELESS));`
			`http.addFilterBefore(authenticationTokenFilterBean(),`
			`UsernamePasswordAuthenticationFilter.class);`
			`/*`
			`requests.requestMatchers("/token/*",`
			`"/signup").permitAll().anyRequest().authenticated();`
			`*/`
			`/*`
			`http.cors().and().csrf().disable().authorizeRequests().antMatchers("/token/*",`
			`"/signup").permitAll().anyRequest().authenticated().and().exceptionHandling().authenticationEntryPoint(`
			`unauthorizedHandler).and().sessionManagement().sessionCreationPolicy(`
			`SessionCreationPolicy.STATELESS);`
			`// @formatter:on`
			`http.addFilterBefore(authenticationTokenFilterBean(),`
			`UsernamePasswordAuthenticationFilter.class);`
			`*/`
			`return http.build();`
			`}`
			`}`