Внимание: курс в процессе доработки

Spring Security

1. Подключение Security. Аутентификация по умолчанию

2. Конфигурирование в коде приложения. Password Encoding

3. Аутентификация пользователя из БД. AuthUser

4. Role and GrantedAuthority

5. Basic authorization. Кастомизация Json

  • GET http://localhost:8080/api/account
  • GET http://localhost:8080/api/users
  • curl -s http://localhost:8080/api/account --user user@gmail.com:password
  • POST http://localhost:8080/api/users
    Content-Type: application/json
    Authorization: Basic admin@javaops.ru admin
    
    {
     "email": "test@test.com",
     "firstName": "Test",
     "lastName": "Test",
     "password": "test",
     "roles": [ "USER","ADMIN"]
    }
    

REST. AccountController

6. REST AccountController

  • ###
    PUT http://localhost:8080/api/account
    Content-Type: application/json
    Authorization: Basic user@gmail.com password
    
    {
      "email": "user@gmail.com",
      "firstName": "New_First",
      "lastName": "New_Last"
    }
    ###
    GET http://localhost:8080/api/account
    Authorization: Basic user@gmail.com password
    
    ###
    POST http://localhost:8080/api/account/register
    Content-Type: application/json
    
    {
      "email": "test@test.com",
      "firstName": "Test",
      "lastName": "Test",
      "password": "test"
    }
    ###
    GET http://localhost:8080/api/account
    Authorization: Basic test@test.com test
    

7. Error handling