added login security on nflow ui

This commit is contained in:
2025-10-27 23:57:56 +02:00
parent 506d8a8e41
commit 7f2a5f6e6f
2 changed files with 9 additions and 6 deletions

View File

@@ -10,13 +10,14 @@ import org.springframework.security.config.annotation.authentication.configurati
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import zw.qantra.tm.domain.services.UserService; import zw.qantra.tm.domain.services.UserService;
import static org.springframework.security.config.Customizer.withDefaults;
@Configuration @Configuration
@EnableWebSecurity @EnableWebSecurity
@RequiredArgsConstructor @RequiredArgsConstructor
@@ -31,17 +32,14 @@ public class SecurityConfig {
.authorizeHttpRequests(auth -> auth .authorizeHttpRequests(auth -> auth
.requestMatchers("/configs/seed/**").permitAll() .requestMatchers("/configs/seed/**").permitAll()
.requestMatchers("/test/**").permitAll() .requestMatchers("/test/**").permitAll()
.requestMatchers("/explorer/**").permitAll()
.requestMatchers("/nflow/**").permitAll() .requestMatchers("/nflow/**").permitAll()
.requestMatchers("/auth/**").permitAll() .requestMatchers("/auth/**").permitAll()
.requestMatchers("/public/**").permitAll() .requestMatchers("/public/**").permitAll()
.anyRequest().authenticated() .anyRequest().authenticated()
) )
.sessionManagement(session -> session
.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
)
.authenticationProvider(authenticationProvider(userService)) .authenticationProvider(authenticationProvider(userService))
.addFilterBefore(jwtAuthFilter, UsernamePasswordAuthenticationFilter.class); .addFilterBefore(jwtAuthFilter, UsernamePasswordAuthenticationFilter.class)
.formLogin(withDefaults());
return http.build(); return http.build();
} }

View File

@@ -35,6 +35,11 @@ public class OnboardingController {
private final WorkflowUtils workflowUtils; private final WorkflowUtils workflowUtils;
private final OtpService otpService; private final OtpService otpService;
@PostMapping("/system-user")
public ResponseEntity sys(@RequestBody RegisterRequest request) {
return ResponseEntity.ok(userService.register(request));
}
@PostMapping("/check/{username}") @PostMapping("/check/{username}")
public ResponseEntity check(@PathVariable String username) { public ResponseEntity check(@PathVariable String username) {
QueryWorkflowInstances query = new QueryWorkflowInstances.Builder() QueryWorkflowInstances query = new QueryWorkflowInstances.Builder()