From 0c05edf95cba5d439875c3e16693b424b816b372 Mon Sep 17 00:00:00 2001
From: KronosDP <darrel.danadyaksa19@gmail.com>
Date: Wed, 26 Feb 2025 13:52:56 +0700
Subject: [PATCH] Add security configuration and password encoder for
 authentication

---
 .../security/PasswordEncoderConfig.java       | 14 ++++++++
 .../security/SecurityConfig.java              | 34 +++++++++++++++++++
 2 files changed, 48 insertions(+)
 create mode 100644 src/main/java/com/safetypin/authentication/security/PasswordEncoderConfig.java
 create mode 100644 src/main/java/com/safetypin/authentication/security/SecurityConfig.java

diff --git a/src/main/java/com/safetypin/authentication/security/PasswordEncoderConfig.java b/src/main/java/com/safetypin/authentication/security/PasswordEncoderConfig.java
new file mode 100644
index 0000000..a4e107f
--- /dev/null
+++ b/src/main/java/com/safetypin/authentication/security/PasswordEncoderConfig.java
@@ -0,0 +1,14 @@
+package com.safetypin.authentication.security;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+@Configuration
+public class PasswordEncoderConfig {
+    @Bean
+    public PasswordEncoder passwordEncoder() {
+        return new BCryptPasswordEncoder();
+    }
+}
diff --git a/src/main/java/com/safetypin/authentication/security/SecurityConfig.java b/src/main/java/com/safetypin/authentication/security/SecurityConfig.java
new file mode 100644
index 0000000..c79b353
--- /dev/null
+++ b/src/main/java/com/safetypin/authentication/security/SecurityConfig.java
@@ -0,0 +1,34 @@
+package com.safetypin.authentication.security;
+
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.web.SecurityFilterChain;
+
+@Configuration
+public class SecurityConfig {
+
+    @Bean
+    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+        http
+                .csrf(AbstractHttpConfigurer::disable)  // Disable CSRF protection (not recommended for production)
+                .authorizeHttpRequests(auth -> auth
+                        .requestMatchers("/**").permitAll() // Allow all requests
+                )
+                .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) // No session
+                .formLogin(AbstractHttpConfigurer::disable) // Disable login page
+                .httpBasic(AbstractHttpConfigurer::disable); // Disable basic authentication
+
+        return http.build();
+    }
+
+    @Bean
+    public AuthenticationManager authenticationManager(AuthenticationConfiguration authenticationConfiguration) throws Exception {
+        return authenticationConfiguration.getAuthenticationManager();
+    }
+}
-- 
GitLab