Boa noite a todos. Tudo bem? Pode me ajudar com uma situação? Ao tentar efetuar o login, o projeto está dando erro 403 Forbidden, mesmo estando com o usuário criado na tabela. Segue classes criadas e demais evidências:
Classe Usuario
package com.jh.car.model;
import java.util.Collection;
import java.util.List;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import jakarta.persistence.*;
import lombok.AllArgsConstructor;
import lombok.EqualsAndHashCode;
import lombok.NoArgsConstructor;
@Table(name="usuarios")
@Entity(name="usuarios")
@NoArgsConstructor
@AllArgsConstructor
@EqualsAndHashCode(of = "id")
public class Usuario implements UserDetails{
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
private Long id;
private String login;
private String senha;
public Long getId() {
return id;
}
public void setId(Long id) {
this.id = id;
}
public String getLogin() {
return login;
}
public void setLogin(String login) {
this.login = login;
}
public String getSenha() {
return senha;
}
public void setSenha(String senha) {
this.senha = senha;
}
// configurações do UserDetails
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
return List.of(new SimpleGrantedAuthority("ROLE_USER"));
}
@Override
public String getPassword() {
return senha.trim();
}
@Override
public String getUsername() {
return login.trim();
}
@Override
public boolean isAccountNonExpired() {
return true;
}
@Override
public boolean isAccountNonLocked() {
return true;
}
@Override
public boolean isCredentialsNonExpired() {
return true;
}
@Override
public boolean isEnabled() {
return true;
}
}
AutenticacaoService
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
import com.jh.car.repository.UsuarioRepository;
@Service
public class AutenticacaoService implements UserDetailsService {
@Autowired
private UsuarioRepository repo;
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
// TODO Auto-generated method stub
return repo.findByLogin(username);
}
}
DadosAutenticacao
package com.jh.car.dto;
public record DadosAutenticacao(String login, String senha) {
}
AutenticacaoController
package com.jh.car.controller;
import javax.validation.Valid;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.ResponseEntity;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RestController;
import com.jh.car.config.TokenService;
import com.jh.car.dto.DadosAutenticacao;
import com.jh.car.model.Usuario;
import lombok.AllArgsConstructor;
@RestController
@AllArgsConstructor
public class AutenticacaoController {
@Autowired
private AuthenticationManager manager;
@Autowired
private TokenService jwtService;
@PostMapping("/login")
public ResponseEntity efetuarLogin(@RequestBody @Valid DadosAutenticacao dados) {
var token = new UsernamePasswordAuthenticationToken(dados.login(),dados.senha());
var authentication = manager.authenticate(token);
return ResponseEntity.ok(jwtService.gerarToken((Usuario) authentication.getPrincipal()));
}
}
UsuarioRepository
package com.jh.car.repository;
import org.springframework.data.jpa.repository.JpaRepository;
import org.springframework.security.core.userdetails.UserDetails;
import com.jh.car.model.Usuario;
public interface UsuarioRepository extends JpaRepository<Usuario, Long> {
UserDetails findByLogin(String login);
}
