diff --git a/pom.xml b/pom.xml
index 014a09e..d17c193 100644
--- a/pom.xml
+++ b/pom.xml
@@ -99,6 +99,10 @@
spring-rabbit-test
test
+
+ org.springframework.boot
+ spring-boot-starter-security
+
org.testcontainers
junit-jupiter
diff --git a/src/main/java/com/stktrk/app/BasicConfiguration.java b/src/main/java/com/stktrk/app/BasicConfiguration.java
new file mode 100644
index 0000000..514dd99
--- /dev/null
+++ b/src/main/java/com/stktrk/app/BasicConfiguration.java
@@ -0,0 +1,51 @@
+package com.stktrk.app;
+
+import jakarta.annotation.Nonnull;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.Customizer;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.crypto.factory.PasswordEncoderFactories;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.provisioning.InMemoryUserDetailsManager;
+import org.springframework.security.web.SecurityFilterChain;
+
+/**
+ * Code was copied from here
+ */
+@Configuration
+@EnableWebSecurity
+public class BasicConfiguration {
+
+ @Bean
+ @Nonnull
+ public InMemoryUserDetailsManager userDetailsService(@Nonnull PasswordEncoder passwordEncoder) {
+ UserDetails user = User.withUsername("Rasmus")
+ .password(passwordEncoder.encode("password"))
+ .roles("USER")
+ .build();
+ UserDetails admin = User.withUsername("Christian")
+ .password(passwordEncoder.encode("password"))
+ .roles("USER", "ADMIN")
+ .build();
+ return new InMemoryUserDetailsManager(user, admin);
+ }
+
+ @Bean
+ @Nonnull
+ public SecurityFilterChain filterChain(@Nonnull HttpSecurity http) throws Exception {
+ return http.authorizeHttpRequests(request -> request.anyRequest()
+ .authenticated())
+ .httpBasic(Customizer.withDefaults())
+ .build();
+ }
+
+ @Bean
+ @Nonnull
+ public PasswordEncoder passwordEncoder() {
+ return PasswordEncoderFactories.createDelegatingPasswordEncoder();
+ }
+}
\ No newline at end of file
diff --git a/src/main/java/com/stktrk/app/application/profile/ProfileController.java b/src/main/java/com/stktrk/app/application/profile/ProfileController.java
index 907215a..bab7ba3 100644
--- a/src/main/java/com/stktrk/app/application/profile/ProfileController.java
+++ b/src/main/java/com/stktrk/app/application/profile/ProfileController.java
@@ -9,10 +9,14 @@ import lombok.AllArgsConstructor;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
+import org.springframework.security.access.annotation.Secured;
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.security.core.Authentication;
import org.springframework.validation.FieldError;
import org.springframework.web.bind.MethodArgumentNotValidException;
import org.springframework.web.bind.annotation.*;
+import javax.annotation.security.RolesAllowed;
import java.security.InvalidKeyException;
import java.util.HashMap;
import java.util.List;
@@ -27,11 +31,10 @@ public class ProfileController {
@Nonnull
private final ProfileService profileService;
-
// TODO figure out how to handle the exception.
@Nonnull
@GetMapping("/")
- public List findAll() {
+ public List findAll(@Nonnull Authentication authentication) {
return profileService.findAll();
}
@@ -57,7 +60,6 @@ public class ProfileController {
.body("Created Profile");
}
-
@ResponseStatus(HttpStatus.BAD_REQUEST)
@ExceptionHandler(MethodArgumentNotValidException.class)
@Nonnull