From 7f2a5f6e6fab702a7648ff51a6a97e3a9f46cbab Mon Sep 17 00:00:00 2001 From: Vusumuzi Khoza Date: Mon, 27 Oct 2025 23:57:56 +0200 Subject: [PATCH] added login security on nflow ui --- src/main/java/zw/qantra/tm/configs/SecurityConfig.java | 10 ++++------ .../tm/domain/controllers/OnboardingController.java | 5 +++++ 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/src/main/java/zw/qantra/tm/configs/SecurityConfig.java b/src/main/java/zw/qantra/tm/configs/SecurityConfig.java index ef9cb60..fbc73e6 100644 --- a/src/main/java/zw/qantra/tm/configs/SecurityConfig.java +++ b/src/main/java/zw/qantra/tm/configs/SecurityConfig.java @@ -10,13 +10,14 @@ import org.springframework.security.config.annotation.authentication.configurati import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; -import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; import zw.qantra.tm.domain.services.UserService; +import static org.springframework.security.config.Customizer.withDefaults; + @Configuration @EnableWebSecurity @RequiredArgsConstructor @@ -31,17 +32,14 @@ public class SecurityConfig { .authorizeHttpRequests(auth -> auth .requestMatchers("/configs/seed/**").permitAll() .requestMatchers("/test/**").permitAll() - .requestMatchers("/explorer/**").permitAll() .requestMatchers("/nflow/**").permitAll() .requestMatchers("/auth/**").permitAll() .requestMatchers("/public/**").permitAll() .anyRequest().authenticated() ) - .sessionManagement(session -> session - .sessionCreationPolicy(SessionCreationPolicy.STATELESS) - ) .authenticationProvider(authenticationProvider(userService)) - .addFilterBefore(jwtAuthFilter, UsernamePasswordAuthenticationFilter.class); + .addFilterBefore(jwtAuthFilter, UsernamePasswordAuthenticationFilter.class) + .formLogin(withDefaults()); return http.build(); } diff --git a/src/main/java/zw/qantra/tm/domain/controllers/OnboardingController.java b/src/main/java/zw/qantra/tm/domain/controllers/OnboardingController.java index 484c816..268c216 100644 --- a/src/main/java/zw/qantra/tm/domain/controllers/OnboardingController.java +++ b/src/main/java/zw/qantra/tm/domain/controllers/OnboardingController.java @@ -35,6 +35,11 @@ public class OnboardingController { private final WorkflowUtils workflowUtils; private final OtpService otpService; + @PostMapping("/system-user") + public ResponseEntity sys(@RequestBody RegisterRequest request) { + return ResponseEntity.ok(userService.register(request)); + } + @PostMapping("/check/{username}") public ResponseEntity check(@PathVariable String username) { QueryWorkflowInstances query = new QueryWorkflowInstances.Builder()