package com.geosegbar.configs.security; import java.io.IOException; import java.util.Collections; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.stereotype.Component; import org.springframework.web.filter.OncePerRequestFilter; import com.geosegbar.entities.UserEntity; import com.geosegbar.exceptions.NotFoundException; import com.geosegbar.infra.user.persistence.jpa.UserRepository; import jakarta.servlet.FilterChain; import jakarta.servlet.ServletException; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; @Component public class SecurityFilter extends OncePerRequestFilter{ @Autowired private TokenService tokenService; @Autowired private UserRepository userRepository; @Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { var token = this.recoverToken(request); var login = tokenService.validateToken(token); if(login != null){ UserEntity user = userRepository.findByEmail(login).orElseThrow(() -> new NotFoundException("Usuário não encontrado!")); var authorities = Collections.singletonList(new SimpleGrantedAuthority("ROLE_USER")); var authentication = new UsernamePasswordAuthenticationToken(user, null, authorities); SecurityContextHolder.getContext().setAuthentication(authentication); } filterChain.doFilter(request, response); } private String recoverToken(HttpServletRequest request) { var authHeader = request.getHeader("Authorization"); if (authHeader == null || !authHeader.startsWith("Bearer ")) { return null; } return authHeader.replace("Bearer ", ""); } }