formatting (#98)

* changed cookies setting --------- Co-authored-by: Štěpán Moc <[email protected]>
MocStepan · May 16, 2024 · 77d799c · 77d799c
1 parent 18872c8
commit 77d799c
Show file tree

Hide file tree

Showing 6 changed files with 15 additions and 14 deletions.
diff --git a/backend/src/main/kotlin/com/tul/backend/auth/base/config/JwtAuthenticationFilter.kt b/backend/src/main/kotlin/com/tul/backend/auth/base/config/JwtAuthenticationFilter.kt
@@ -8,9 +8,6 @@ import org.springframework.security.authentication.UsernamePasswordAuthenticatio
 import org.springframework.security.core.context.SecurityContextHolder
 import org.springframework.stereotype.Component
 import org.springframework.web.filter.OncePerRequestFilter
-import io.github.oshai.kotlinlogging.KotlinLogging
-
-private val log = KotlinLogging.logger {}
 
 @Component
 class JwtAuthenticationFilter(
@@ -23,7 +20,7 @@ class JwtAuthenticationFilter(
  filterChain: FilterChain
  ) {
  val validClaims = tokenFilter.validateRequest(request)
- log.error { "Claims: $validClaims" }
+
  if (validClaims != null) {
  val authToken = UsernamePasswordAuthenticationToken(validClaims, null, listOf(validClaims.authUserRole))
  SecurityContextHolder.getContext().authentication = authToken

diff --git a/backend/src/main/kotlin/com/tul/backend/auth/base/config/SecurityConfiguration.kt b/backend/src/main/kotlin/com/tul/backend/auth/base/config/SecurityConfiguration.kt
@@ -5,6 +5,7 @@ import com.tul.backend.auth.base.dto.ErrorDTO
 import com.tul.backend.auth.base.valueobject.AuthUserRole
 import jakarta.servlet.http.HttpServletRequest
 import jakarta.servlet.http.HttpServletResponse
+import org.springframework.beans.factory.annotation.Value
 import org.springframework.context.annotation.Bean
 import org.springframework.context.annotation.Configuration
 import org.springframework.http.MediaType
@@ -25,7 +26,8 @@ import org.springframework.web.cors.CorsConfigurationSource
 @EnableMethodSecurity
 class SecurityConfiguration(
  private val objectMapper: ObjectMapper,
- private val jwtAuthenticationFilter: JwtAuthenticationFilter
+ private val jwtAuthenticationFilter: JwtAuthenticationFilter,
+ @Value("\${spring.jwt.frontendUrl}") private val frontendUrl: String
 ) {
 
  private val userUnsecuredEndpoints =
@@ -76,6 +78,7 @@ class SecurityConfiguration(
  allowedHeaders = listOf("*")
  exposedHeaders = listOf("Content-Disposition")
  allowedOriginPatterns = listOf("*")
+ allowedOrigins = listOf(frontendUrl)
  allowCredentials = true
  }
  }

diff --git a/backend/src/main/kotlin/com/tul/backend/auth/base/service/TokenFilter.kt b/backend/src/main/kotlin/com/tul/backend/auth/base/service/TokenFilter.kt
@@ -4,9 +4,6 @@ import com.tul.backend.auth.base.dto.AccessTokenClaims
 import jakarta.servlet.http.HttpServletRequest
 import org.springframework.stereotype.Component
 import org.springframework.web.util.WebUtils
-import io.github.oshai.kotlinlogging.KotlinLogging
-
-private val log = KotlinLogging.logger {}
 
 @Component
 class TokenFilter(
@@ -15,7 +12,7 @@ class TokenFilter(
 
  fun validateRequest(request: HttpServletRequest): AccessTokenClaims? {
  val token = WebUtils.getCookie(request, accessTokenService.COOKIE_NAME)
- log.error { "Token: $token" }
+
  if (token != null) {
  return accessTokenService.extractClaims(token.value)
  }

diff --git a/backend/src/main/resources/application-prod.yml b/backend/src/main/resources/application-prod.yml
@@ -34,3 +34,4 @@ spring:
  sameSite: "Lax"
  duration: 86400000 # 1 day
  secret: ${JWT_SECRET}
+ frontendUrl: ${FRONTEND_URL}
diff --git a/backend/src/main/resources/application.yml b/backend/src/main/resources/application.yml
@@ -24,3 +24,4 @@ spring:
  sameSite: "Lax"
  duration: 86400000 # 1 day
  secret: "7A25432A462D4A614E645267556B58703272357538782F413F4428472B4B6250" # random string in base64, should be changed in production
+ frontendUrl: "http://localhost:4200"
diff --git a/backend/src/test/kotlin/com/tul/backend/auth/base/config/SecurityConfigurationTests.kt b/backend/src/test/kotlin/com/tul/backend/auth/base/config/SecurityConfigurationTests.kt
@@ -26,8 +26,9 @@ class SecurityConfigurationTests : FeatureSpec({
  val jwtAuthenticationFilter = mockk<JwtAuthenticationFilter>()
 
  val securityConfiguration = SecurityConfiguration(
- objectMapper,
- jwtAuthenticationFilter
+ objectMapper,
+ jwtAuthenticationFilter,
+ "http://localhost:4200"
  )
 
  val httpSecurity = mockk<HttpSecurity>()
@@ -50,8 +51,9 @@ class SecurityConfigurationTests : FeatureSpec({
  val jwtAuthenticationFilter = mockk<JwtAuthenticationFilter>()
 
  val securityConfiguration = SecurityConfiguration(
- objectMapper,
- jwtAuthenticationFilter
+ objectMapper,
+ jwtAuthenticationFilter,
+ "http://localhost:4200"
  )
  val errorDTO = ErrorDTO("Unauthorized")
 
@@ -76,4 +78,4 @@ class SecurityConfigurationTests : FeatureSpec({
  response.status shouldBe HttpServletResponse.SC_UNAUTHORIZED
  }
  }
-})
+})