diff --git a/src/main/java/com/imprimelibros/erp/config/SecurityConfig.java b/src/main/java/com/imprimelibros/erp/config/SecurityConfig.java index 5408faa..9a0b3c0 100644 --- a/src/main/java/com/imprimelibros/erp/config/SecurityConfig.java +++ b/src/main/java/com/imprimelibros/erp/config/SecurityConfig.java @@ -1,7 +1,5 @@ package com.imprimelibros.erp.config; -import java.util.Locale; - import javax.sql.DataSource; import org.springframework.beans.factory.annotation.Value; @@ -9,13 +7,10 @@ import org.springframework.boot.autoconfigure.security.servlet.PathRequest; import org.springframework.context.MessageSource; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; -import org.springframework.context.i18n.LocaleContextHolder; import org.springframework.http.MediaType; -import org.springframework.security.authentication.AuthenticationProvider; import org.springframework.security.authentication.dao.DaoAuthenticationProvider; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.core.userdetails.UserDetailsService; -import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.web.SecurityFilterChain; @@ -29,8 +24,10 @@ import org.springframework.security.web.util.matcher.OrRequestMatcher; import org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher; import org.springframework.security.web.util.matcher.RequestMatcher; +import com.imprimelibros.erp.users.User; import com.imprimelibros.erp.users.UserDao; import com.imprimelibros.erp.users.UserDetailsImpl; +import com.imprimelibros.erp.users.UserServiceImpl; import jakarta.servlet.http.HttpServletRequest; @@ -45,19 +42,6 @@ public class SecurityConfig { // ========== Beans base ========== - @Bean - public UserDetailsService userDetailsService(UserDao repo, MessageSource messages) { - return username -> repo - .findByUserNameIgnoreCaseAndEnabledTrueAndDeletedFalse(username) // <-- @EntityGraph aplicado - .map(UserDetailsImpl::new) // dentro del ctor precalculamos authorities - .orElseThrow(() -> { - var locale = org.springframework.context.i18n.LocaleContextHolder.getLocale(); - String msg = messages.getMessage("usuarios.error.no-activo", null, - "Usuario no activo o no existe", locale); - return new org.springframework.security.core.userdetails.UsernameNotFoundException(msg); - }); - } - @Bean public PasswordEncoder passwordEncoder() { return new BCryptPasswordEncoder(); @@ -73,18 +57,6 @@ public class SecurityConfig { return repo; } - // Provider que soporta UsernamePasswordAuthenticationToken - @Bean - public AuthenticationProvider daoAuthenticationProvider( - UserDetailsService userDetailsService, - PasswordEncoder passwordEncoder) { - - // ✅ constructor recomendado (sin deprecations) - DaoAuthenticationProvider provider = new DaoAuthenticationProvider(userDetailsService); - provider.setPasswordEncoder(passwordEncoder); // este setter NO está deprecado - return provider; - } - // Provider que soporta UsernamePasswordAuthenticationToken private static RequestMatcher pathStartsWith(String... prefixes) { return new RequestMatcher() { @@ -108,10 +80,13 @@ public class SecurityConfig { @Value("${security.rememberme.key}") String keyRememberMe, UserDetailsService userDetailsService, PersistentTokenRepository tokenRepo, - AuthenticationProvider daoAuthenticationProvider) throws Exception { + PasswordEncoder passwordEncoder, UserServiceImpl userServiceImpl) throws Exception { + DaoAuthenticationProvider provider = new DaoAuthenticationProvider(userServiceImpl); + provider.setPasswordEncoder(passwordEncoder); + http.authenticationProvider(provider); http - .authenticationProvider(daoAuthenticationProvider) + .authenticationProvider(provider) .sessionManagement(session -> session .invalidSessionUrl("/login?expired") diff --git a/src/main/java/com/imprimelibros/erp/users/UserRole.java b/src/main/java/com/imprimelibros/erp/users/UserRole.java index 4a4e8f7..259947c 100644 --- a/src/main/java/com/imprimelibros/erp/users/UserRole.java +++ b/src/main/java/com/imprimelibros/erp/users/UserRole.java @@ -21,12 +21,12 @@ public class UserRole { // FK a users @ManyToOne(fetch = FetchType.LAZY) - @JoinColumn(name = "user_id", nullable = false) + @JoinColumn(name = "user_id", nullable = false, foreignKey = @ForeignKey(name = "FK_users_roles_user")) private User user; // FK a roles @ManyToOne(fetch = FetchType.LAZY) - @JoinColumn(name = "role_id", nullable = false) + @JoinColumn(name = "role_id", nullable = false, foreignKey = @ForeignKey(name = "FK_users_roles_role")) private Role role; @Column(nullable = false) diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index 2efda73..49b563b 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -17,7 +17,7 @@ spring.datasource.username=imprimelibros_user spring.datasource.password=om91irrDctd spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver -spring.jpa.hibernate.ddl-auto=update +#spring.jpa.hibernate.ddl-auto=update spring.jpa.show-sql=true