role Based Authentication

pom.xml

@@ -25,12 +25,21 @@
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-security</artifactId>
 		</dependency>
-
+		<dependency>
+			<groupId>com.google.guava</groupId>
+			<artifactId>guava</artifactId>
+			<version>28.1-jre</version>
+		</dependency>
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-test</artifactId>
 			<scope>test</scope>
 		</dependency>
+		<dependency>
+			<groupId>com.google.guava</groupId>
+			<artifactId>guava</artifactId>
+			<version>28.2-android</version>
+		</dependency>
 	</dependencies>
 
 	<build>

src/main/java/com/dico/authedemo/security/ApplicationSecurityConfig.java

@@ -1,22 +1,37 @@
 package com.dico.authedemo.security;
 
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.provisioning.InMemoryUserDetailsManager;
+
+import static com.dico.authedemo.security.UserRole.STUDENT;
 
 @Configuration
 @EnableWebSecurity
 public class ApplicationSecurityConfig extends WebSecurityConfigurerAdapter {
+
+    private final PasswordEncoder passwordEncoder;
+    @Autowired
+    public ApplicationSecurityConfig(PasswordEncoder passwordEncoder) {
+        this.passwordEncoder = passwordEncoder;
+    }
+
     @Override
     protected void configure(HttpSecurity http) throws Exception {
         http
                 //ensure authourization
                 .authorizeRequests()
-                //disable authourization
-                .antMatchers("/", "index","/css/*", "/js/*")
-                //permit all url specified in antmatcher
-                .permitAll()
+                //disable authourization for this set of guys
+                .antMatchers("/", "index","/css/*", "/js/*").permitAll()
+                .antMatchers("/api/**").hasRole(STUDENT.name())
                 //ensure it's done on any request
                 .anyRequest()
                 //then authenticate the request
@@ -26,4 +41,25 @@ protected void configure(HttpSecurity http) throws Exception {
                 //then use basic authentication type for access
                 .httpBasic();
     }
+
+    @Override
+    @Bean
+    protected UserDetailsService userDetailsService() {
+        UserDetails UserIkenna =  User.builder()
+                .username("ikenna")
+                .password(passwordEncoder.encode("password"))
+                .roles(UserRole.ADMIN.name())
+                .build();
+
+        UserDetails UserLinda = User.builder()
+                .username("linda")
+                .password(passwordEncoder.encode("password1"))
+                .roles(STUDENT.name())
+                .build();
+                return new InMemoryUserDetailsManager(
+                        UserLinda,
+                        UserIkenna
+    );
+
+    }
 }

src/main/java/com/dico/authedemo/security/UserPermission.java

@@ -0,0 +1,19 @@
+package com.dico.authedemo.security;
+
+
+public enum UserPermission {
+
+    STUDENT_READ("student:read"),
+    STUDENT_WRITE("student:write"),
+    COURSE_READ("course:read"),
+    COURSE_WRITE("course:write");
+    private final String permission;
+
+    public String getPermission() {
+        return permission;
+    }
+
+    UserPermission(String permission) {
+        this.permission = permission;
+    }
+}

src/main/java/com/dico/authedemo/security/UserRole.java

@@ -0,0 +1,24 @@
+package com.dico.authedemo.security;
+
+
+import com.google.common.collect.Sets;
+
+import java.util.Set;
+
+import static com.dico.authedemo.security.UserPermission.*;
+
+public enum UserRole {
+
+    STUDENT(Sets.newHashSet()),
+    ADMIN(Sets.newHashSet(COURSE_READ,COURSE_WRITE,STUDENT_READ,STUDENT_WRITE));
+
+    public Set<UserPermission> getPermissions() {
+        return permissions;
+    }
+
+    private final Set<UserPermission> permissions;
+
+    UserRole(Set<UserPermission> permissions) {
+        this.permissions = permissions;
+    }
+}

src/main/java/com/dico/authedemo/security/passwordConfig.java

@@ -0,0 +1,16 @@
+package com.dico.authedemo.security;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+@Configuration
+public class passwordConfig {
+
+    @Bean
+    public PasswordEncoder passwordEncoder(){
+        return  new BCryptPasswordEncoder( 10);
+    }
+
+}