From e6de608e65e3b5f710c00ac7eb130b0a0321366b Mon Sep 17 00:00:00 2001
From: KronosDP <darrel.danadyaksa19@gmail.com>
Date: Fri, 7 Mar 2025 10:00:43 +0700
Subject: [PATCH] [REFACTOR] Add PasswordEncoderConfig and SecurityConfig for
 authentication setup

---
 .../security/PasswordEncoderConfig.java       | 14 ++++++++
 .../security/SecurityConfig.java              | 34 +++++++++++++++++++
 2 files changed, 48 insertions(+)
 create mode 100644 src/main/java/com/safetypin/authentication/security/PasswordEncoderConfig.java
 create mode 100644 src/main/java/com/safetypin/authentication/security/SecurityConfig.java

diff --git a/src/main/java/com/safetypin/authentication/security/PasswordEncoderConfig.java b/src/main/java/com/safetypin/authentication/security/PasswordEncoderConfig.java
new file mode 100644
index 0000000..1dbb102
--- /dev/null
+++ b/src/main/java/com/safetypin/authentication/security/PasswordEncoderConfig.java
@@ -0,0 +1,14 @@
+package com.safetypin.authentication.security;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+@Configuration
+public class PasswordEncoderConfig {
+    @Bean
+    public PasswordEncoder passwordEncoder() {
+        return new BCryptPasswordEncoder();
+    }
+}
\ No newline at end of file
diff --git a/src/main/java/com/safetypin/authentication/security/SecurityConfig.java b/src/main/java/com/safetypin/authentication/security/SecurityConfig.java
new file mode 100644
index 0000000..cf7421e
--- /dev/null
+++ b/src/main/java/com/safetypin/authentication/security/SecurityConfig.java
@@ -0,0 +1,34 @@
+package com.safetypin.authentication.security;
+
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.web.SecurityFilterChain;
+
+@Configuration
+public class SecurityConfig {
+
+    @Bean
+    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+        http
+                // CSRF protection is enabled by default, so we don't disable it here
+                .authorizeHttpRequests(auth -> auth
+                        .requestMatchers("/**").permitAll() // Allow all requests
+                )
+                .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) // No session
+                .formLogin(AbstractHttpConfigurer::disable) // Disable login page
+                .httpBasic(AbstractHttpConfigurer::disable); // Disable basic authentication
+
+        return http.build();
+    }
+
+    @Bean
+    public AuthenticationManager authenticationManager(AuthenticationConfiguration authenticationConfiguration) throws Exception {
+        return authenticationConfiguration.getAuthenticationManager();
+    }
+}
\ No newline at end of file
-- 
GitLab