Commit a7a0df09 authored by Simone Vuotto's avatar Simone Vuotto

Add swagger-ui documentation

parent b1133016
......@@ -28,6 +28,8 @@ dependencies {
compile('org.springframework.boot:spring-boot-starter-data-rest')
compile('org.springframework.boot:spring-boot-starter-web')
compile("org.springframework.boot:spring-boot-starter-security")
compile("io.springfox:springfox-swagger2:2.8.0")
compile("io.springfox:springfox-swagger-ui:2.8.0")
compile("io.jsonwebtoken:jjwt:0.7.0")
compile project(':snl2fl')
runtime('org.postgresql:postgresql')
......
package it.unige.ReqV;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import springfox.documentation.builders.PathSelectors;
import springfox.documentation.builders.RequestHandlerSelectors;
import springfox.documentation.spi.DocumentationType;
import springfox.documentation.spring.web.plugins.Docket;
import springfox.documentation.swagger2.annotations.EnableSwagger2;
@Configuration
@EnableSwagger2
public class SwaggerConfig {
@Bean
public Docket api() {
return new Docket(DocumentationType.SWAGGER_2)
.select()
.apis(RequestHandlerSelectors.any())
.paths(PathSelectors.any())
.build();
}
}
......@@ -5,5 +5,17 @@ public class SecurityConstants {
public static final long EXPIRATION_TIME = 864_000_000; // 10 days
public static final String TOKEN_PREFIX = "Bearer ";
public static final String HEADER_STRING = "Authorization";
public static final String SIGN_UP_URL = "/user/sign-up";
public static final String[] AUTH_WHITELIST = {
// -- swagger ui
"/v2/api-docs",
"/swagger-resources",
"/swagger-resources/**",
"/configuration/ui",
"/configuration/security",
"/swagger-ui.html",
"/webjars/**",
// -- app public endpoints
"/user/sign-up"
};
}
......@@ -14,7 +14,7 @@ import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.CorsConfigurationSource;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import static it.unige.ReqV.security.SecurityConstants.SIGN_UP_URL;
import static it.unige.ReqV.security.SecurityConstants.AUTH_WHITELIST;
@EnableWebSecurity
public class WebSecurity extends WebSecurityConfigurerAdapter {
......@@ -31,7 +31,7 @@ public class WebSecurity extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable().cors().and().authorizeRequests()
.antMatchers(HttpMethod.POST, SIGN_UP_URL).permitAll()
.antMatchers(AUTH_WHITELIST).permitAll()
.anyRequest().authenticated()
.and()
.addFilter(new JWTAuthenticationFilter(authenticationManager()))
......
......@@ -24,7 +24,6 @@ public class UserService {
public User getAuthenticatedUser() {
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
if(auth.getPrincipal() != null) {
logger.info("Fetching User with username {}", auth.getPrincipal());
return userRepository.findByUsername(auth.getPrincipal().toString());
} else {
logger.info("User not authenticated");
......@@ -47,12 +46,10 @@ public class UserService {
}
public User findById(Long id) {
logger.info("Fetching User with id {}", id);
return userRepository.findById(id);
}
public User findByUsername(String username) {
logger.info("Fetching User with username {}", username);
return userRepository.findByUsername(username);
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment