Package edu.ucsb.cs156.dining.config
Class SecurityConfig
java.lang.Object
edu.ucsb.cs156.dining.config.SecurityConfig
The `SecurityConfig` class in Java configures web security with OAuth2 login,
CSRF protection, and
role-based authorization based on user email addresses.
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionorg.springframework.security.web.SecurityFilterChain
filterChain
(org.springframework.security.config.annotation.web.builders.HttpSecurity http) The `filterChain` method in this Java code configures various security settings for an HTTP request, including authorization, exception handling, OAuth2 login, CSRF protection, and logout behavior.boolean
This method checks if the given email belongs to an admin user either from a predefined list or by querying the user repository.org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer
The `webSecurityCustomizer` method is used to configure web security in Java, specifically ignoring requests to the "/h2-console/**" path.
-
Constructor Details
-
SecurityConfig
public SecurityConfig()
-
-
Method Details
-
filterChain
@Bean public org.springframework.security.web.SecurityFilterChain filterChain(org.springframework.security.config.annotation.web.builders.HttpSecurity http) throws Exception The `filterChain` method in this Java code configures various security settings for an HTTP request, including authorization, exception handling, OAuth2 login, CSRF protection, and logout behavior.- Parameters:
http
- injected HttpSecurity object (injected by Spring framework) //- Throws:
Exception
-
webSecurityCustomizer
@Bean public org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer webSecurityCustomizer()The `webSecurityCustomizer` method is used to configure web security in Java, specifically ignoring requests to the "/h2-console/**" path. -
getAdmin
This method checks if the given email belongs to an admin user either from a predefined list or by querying the user repository.- Parameters:
email
- email address of the user- Returns:
- whether the user with the given email is an admin
-