diff --git a/.github/workflows/build-frontend.yml b/.github/workflows/build-frontend.yml index b83cf82..65266be 100644 --- a/.github/workflows/build-frontend.yml +++ b/.github/workflows/build-frontend.yml @@ -8,7 +8,7 @@ on: branches: [ "main" ] jobs: - build: + frontend: runs-on: ubuntu-latest permissions: contents: read diff --git a/.github/workflows/deploy-app.yml b/.github/workflows/deploy-app.yml index 6f666b1..5971e72 100644 --- a/.github/workflows/deploy-app.yml +++ b/.github/workflows/deploy-app.yml @@ -15,6 +15,7 @@ jobs: heroku_api_key: ${{secrets.HEROKU_API_KEY}} heroku_app_name: ${{ secrets.HEROKU_BACKEND_NAME }} heroku_email: ${{ secrets.HEROKU_EMAIL }} + branch: 'main' appdir: 'backend' procfile: 'web: java $JAVA_OPTS -Dserver.port=$PORT -jar build/libs/backend-1.0.0.jar --spring.profiles.active=prod' @@ -28,4 +29,5 @@ jobs: heroku_api_key: ${{secrets.HEROKU_API_KEY}} heroku_app_name: ${{ secrets.HEROKU_FRONTEND_NAME }} heroku_email: ${{ secrets.HEROKU_EMAIL }} + branch: 'main' appdir: 'frontend' diff --git a/backend/src/main/kotlin/com/tul/backend/auth/base/config/JwtAuthenticationFilter.kt b/backend/src/main/kotlin/com/tul/backend/auth/base/config/JwtAuthenticationFilter.kt index 63af61f..981e882 100644 --- a/backend/src/main/kotlin/com/tul/backend/auth/base/config/JwtAuthenticationFilter.kt +++ b/backend/src/main/kotlin/com/tul/backend/auth/base/config/JwtAuthenticationFilter.kt @@ -9,7 +9,6 @@ import org.springframework.security.core.context.SecurityContextHolder import org.springframework.stereotype.Component import org.springframework.web.filter.OncePerRequestFilter - @Component class JwtAuthenticationFilter( private val tokenFilter: TokenFilter diff --git a/backend/src/main/kotlin/com/tul/backend/auth/base/config/SecurityConfiguration.kt b/backend/src/main/kotlin/com/tul/backend/auth/base/config/SecurityConfiguration.kt index 227a982..4ceb4c1 100644 --- a/backend/src/main/kotlin/com/tul/backend/auth/base/config/SecurityConfiguration.kt +++ b/backend/src/main/kotlin/com/tul/backend/auth/base/config/SecurityConfiguration.kt @@ -5,6 +5,7 @@ import com.tul.backend.auth.base.dto.ErrorDTO import com.tul.backend.auth.base.valueobject.AuthUserRole import jakarta.servlet.http.HttpServletRequest import jakarta.servlet.http.HttpServletResponse +import org.springframework.beans.factory.annotation.Value import org.springframework.context.annotation.Bean import org.springframework.context.annotation.Configuration import org.springframework.http.MediaType @@ -25,7 +26,8 @@ import org.springframework.web.cors.CorsConfigurationSource @EnableMethodSecurity class SecurityConfiguration( private val objectMapper: ObjectMapper, - private val jwtAuthenticationFilter: JwtAuthenticationFilter + private val jwtAuthenticationFilter: JwtAuthenticationFilter, + @Value("\${spring.jwt.frontendUrl}") private val frontendUrl: String ) { private val userUnsecuredEndpoints = @@ -76,6 +78,7 @@ class SecurityConfiguration( allowedHeaders = listOf("*") exposedHeaders = listOf("Content-Disposition") allowedOriginPatterns = listOf("*") + allowedOrigins = listOf(frontendUrl) allowCredentials = true } } diff --git a/backend/src/main/kotlin/com/tul/backend/auth/base/service/JwtService.kt b/backend/src/main/kotlin/com/tul/backend/auth/base/service/JwtService.kt index 8b340a3..e1ff32b 100644 --- a/backend/src/main/kotlin/com/tul/backend/auth/base/service/JwtService.kt +++ b/backend/src/main/kotlin/com/tul/backend/auth/base/service/JwtService.kt @@ -6,7 +6,6 @@ import io.jsonwebtoken.Jwts import io.jsonwebtoken.io.Decoders import io.jsonwebtoken.security.Keys - class JwtService( secret: String ) { @@ -37,4 +36,4 @@ class JwtService( null } } -} \ No newline at end of file +} diff --git a/backend/src/main/resources/application-prod.yml b/backend/src/main/resources/application-prod.yml index df21e9c..085cc71 100644 --- a/backend/src/main/resources/application-prod.yml +++ b/backend/src/main/resources/application-prod.yml @@ -34,3 +34,4 @@ spring: sameSite: "Lax" duration: 86400000 # 1 day secret: ${JWT_SECRET} + frontendUrl: ${FRONTEND_URL} diff --git a/backend/src/main/resources/application.yml b/backend/src/main/resources/application.yml index b2a8f32..9175a55 100644 --- a/backend/src/main/resources/application.yml +++ b/backend/src/main/resources/application.yml @@ -24,3 +24,4 @@ spring: sameSite: "Lax" duration: 86400000 # 1 day secret: "7A25432A462D4A614E645267556B58703272357538782F413F4428472B4B6250" # random string in base64, should be changed in production + frontendUrl: "http://localhost:4200" diff --git a/backend/src/test/kotlin/com/tul/backend/auth/base/config/SecurityConfigurationTests.kt b/backend/src/test/kotlin/com/tul/backend/auth/base/config/SecurityConfigurationTests.kt index 6c0c05c..99a9f6b 100644 --- a/backend/src/test/kotlin/com/tul/backend/auth/base/config/SecurityConfigurationTests.kt +++ b/backend/src/test/kotlin/com/tul/backend/auth/base/config/SecurityConfigurationTests.kt @@ -26,8 +26,9 @@ class SecurityConfigurationTests : FeatureSpec({ val jwtAuthenticationFilter = mockk() val securityConfiguration = SecurityConfiguration( - objectMapper, - jwtAuthenticationFilter + objectMapper, + jwtAuthenticationFilter, + "http://localhost:4200" ) val httpSecurity = mockk() @@ -50,8 +51,9 @@ class SecurityConfigurationTests : FeatureSpec({ val jwtAuthenticationFilter = mockk() val securityConfiguration = SecurityConfiguration( - objectMapper, - jwtAuthenticationFilter + objectMapper, + jwtAuthenticationFilter, + "http://localhost:4200" ) val errorDTO = ErrorDTO("Unauthorized") @@ -76,4 +78,4 @@ class SecurityConfigurationTests : FeatureSpec({ response.status shouldBe HttpServletResponse.SC_UNAUTHORIZED } } -}) \ No newline at end of file +}) diff --git a/frontend/src/environments/environment.prod.ts b/frontend/src/environments/environment.prod.ts index c6774a6..112157a 100644 --- a/frontend/src/environments/environment.prod.ts +++ b/frontend/src/environments/environment.prod.ts @@ -1,5 +1,5 @@ export const environment = { - baseUrl: 'https://moc-backend-weather-app-d8c5764193db.herokuapp.com/', + baseUrl: 'https://www.weather-app-backend.moc-backend.cz/', production: true, version: '1.0.0' };