perf(SecurityConfig): creada configuración para la seguridad con beans

1ffd543f · Alba María Álvarez · 267042d4 · 1ffd543f
Commit 1ffd543f authored May 07, 2025 by Alba María Álvarez
Showing with 34 additions and 0 deletions
src/main/java/com/example/apprecetas/user/infrastructure/config/SecurityConfig.java
--- a/src/main/java/com/example/apprecetas/user/infrastructure/config/SecurityConfig.java
+++ b/src/main/java/com/example/apprecetas/user/infrastructure/config/SecurityConfig.java
+package com.example.apprecetas.user.infrastructure.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.http.HttpMethod;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.web.SecurityFilterChain;
+
+@Configuration
+public class SecurityConfig {
+
+    @Bean
+    public PasswordEncoder passwordEncoder() {
+        return new BCryptPasswordEncoder();
+    }
+
+    @Bean
+    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
+        return http
+                .csrf(AbstractHttpConfigurer::disable)
+                .headers(AbstractHttpConfigurer::disable)  // necesario para h2-console
+                .sessionManagement(AbstractHttpConfigurer::disable)
+                .httpBasic(AbstractHttpConfigurer::disable)
+                .authorizeHttpRequests(request -> request
+                        .anyRequest().permitAll()      // permite TODO sin autenticación
+                )
+                .build();
+    }
+
+}
+