Fix: added BCryptPasswordEncoder, updateed data.sql with bcrypt-hashed passwords

MatriXDharaN · arey · commit 186ef0f6480d · 2025-05-14T08:32:43.000+02:00
diff --git a/src/main/java/org/springframework/samples/petclinic/security/BasicAuthenticationConfig.java b/src/main/java/org/springframework/samples/petclinic/security/BasicAuthenticationConfig.java
@@ -9,6 +9,7 @@
 import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.crypto.password.DelegatingPasswordEncoder;
 import org.springframework.security.crypto.password.NoOpPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
@@ -27,12 +28,11 @@ public class BasicAuthenticationConfig {
 
     @Bean
     public PasswordEncoder passwordEncoder() {
-        var encoders = Map.of("noop", NoOpPasswordEncoder.getInstance());
-        var passwordEncoder = new DelegatingPasswordEncoder("noop", encoders);
-        passwordEncoder.setDefaultPasswordEncoderForMatches(NoOpPasswordEncoder.getInstance());
-        return passwordEncoder;
+        return new BCryptPasswordEncoder();
     }
 
+
+
     @Bean
     public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
         // @formatter:off
diff --git a/src/main/resources/db/h2/data.sql b/src/main/resources/db/h2/data.sql
@@ -67,11 +67,11 @@ INSERT INTO visits (pet_id, visit_date, description) VALUES
 (7, '2013-01-04', 'spayed');
 
 -- Insert Admin User
-INSERT INTO users (username, password, enabled) VALUES 
-('admin', 'admin', TRUE);
+INSERT INTO users (username, password, enabled) VALUES
+('admin', '$2a$10$ymaklWBnpBKlgdMgkjWVF.GMGyvH8aDuTK.glFOaKw712LHtRRymS', TRUE);
 
 -- Assign Roles to Admin
 INSERT INTO roles (username, role) VALUES 
 ('admin', 'ROLE_OWNER_ADMIN'),
 ('admin', 'ROLE_VET_ADMIN'),
-('admin', 'ROLE_ADMIN');
+('admin', 'ROLE_ADMIN');
diff --git a/src/main/resources/db/hsqldb/data.sql b/src/main/resources/db/hsqldb/data.sql
@@ -52,7 +52,8 @@ INSERT INTO visits VALUES (2, 8, '2013-01-02', 'rabies shot');
 INSERT INTO visits VALUES (3, 8, '2013-01-03', 'neutered');
 INSERT INTO visits VALUES (4, 7, '2013-01-04', 'spayed');
 
-INSERT INTO users(username,password,enabled) VALUES ('admin','{noop}admin', true);
+INSERT INTO users(username, password, enabled) VALUES
+('admin', '$2a$10$ymaklWBnpBKlgdMgkjWVF.GMGyvH8aDuTK.glFOaKw712LHtRRymS', TRUE);
 
 INSERT INTO roles (username, role) VALUES ('admin', 'ROLE_OWNER_ADMIN');
 INSERT INTO roles (username, role) VALUES ('admin', 'ROLE_VET_ADMIN');
diff --git a/src/main/resources/db/hsqldb/schema.sql b/src/main/resources/db/hsqldb/schema.sql
@@ -67,7 +67,7 @@ CREATE INDEX visits_pet_id ON visits (pet_id);
 
 CREATE  TABLE users (
   username    VARCHAR(20) NOT NULL ,
-  password    VARCHAR(20) NOT NULL ,
+  password    VARCHAR(60) NOT NULL ,
   enabled     BOOLEAN DEFAULT TRUE NOT NULL ,
   PRIMARY KEY (username)
 );
diff --git a/src/main/resources/db/mysql/data.sql b/src/main/resources/db/mysql/data.sql
@@ -52,7 +52,8 @@ INSERT IGNORE INTO visits VALUES (2, 8, '2011-03-04', 'rabies shot');
 INSERT IGNORE INTO visits VALUES (3, 8, '2009-06-04', 'neutered');
 INSERT IGNORE INTO visits VALUES (4, 7, '2008-09-04', 'spayed');
 
-INSERT IGNORE INTO users(username,password,enabled) VALUES ('admin','{noop}admin', true);
+INSERT IGNORE INTO users (username, password, enabled) VALUES
+('admin', '$2a$10$ymaklWBnpBKlgdMgkjWVF.GMGyvH8aDuTK.glFOaKw712LHtRRymS', TRUE);
 
 INSERT IGNORE INTO roles (username, role) VALUES ('admin', 'ROLE_OWNER_ADMIN');
 INSERT IGNORE INTO roles (username, role) VALUES ('admin', 'ROLE_VET_ADMIN');
diff --git a/src/main/resources/db/mysql/schema.sql b/src/main/resources/db/mysql/schema.sql
@@ -56,7 +56,7 @@ CREATE TABLE IF NOT EXISTS visits (
 
 CREATE TABLE IF NOT EXISTS users (
   username VARCHAR(20) NOT NULL ,
-  password VARCHAR(20) NOT NULL ,
+  password VARCHAR(60) NOT NULL ,
   enabled TINYINT NOT NULL DEFAULT 1 ,
   PRIMARY KEY (username)
 ) engine=InnoDB;
diff --git a/src/main/resources/db/postgres/data.sql b/src/main/resources/db/postgres/data.sql
@@ -52,7 +52,8 @@ INSERT INTO visits (pet_id, visit_date, description) SELECT 8, '2011-03-04', 'ra
 INSERT INTO visits (pet_id, visit_date, description) SELECT 8, '2009-06-04', 'neutered' WHERE NOT EXISTS (SELECT * FROM visits WHERE id=3);
 INSERT INTO visits (pet_id, visit_date, description) SELECT 7, '2008-09-04', 'spayed' WHERE NOT EXISTS (SELECT * FROM visits WHERE id=4);
 
-INSERT INTO users(username,password,enabled) SELECT 'admin','{noop}admin', true WHERE NOT EXISTS (SELECT * FROM users WHERE username='admin');
+INSERT INTO users(username, password, enabled) VALUES
+('admin', '$2a$10$ymaklWBnpBKlgdMgkjWVF.GMGyvH8aDuTK.glFOaKw712LHtRRymS', TRUE);
 
 INSERT INTO roles (username, role) SELECT 'admin', 'ROLE_OWNER_ADMIN' WHERE NOT EXISTS (SELECT * FROM roles WHERE id=1);
 INSERT INTO roles (username, role) SELECT 'admin', 'ROLE_VET_ADMIN' WHERE NOT EXISTS (SELECT * FROM roles WHERE id=2);
diff --git a/src/main/resources/db/postgres/schema.sql b/src/main/resources/db/postgres/schema.sql
@@ -53,7 +53,7 @@ CREATE INDEX ON visits (pet_id);
 
 CREATE TABLE IF NOT EXISTS users (
   username VARCHAR(20) NOT NULL ,
-  password VARCHAR(20) NOT NULL ,
+  password VARCHAR(60) NOT NULL ,
   enabled boolean NOT NULL DEFAULT true ,
   CONSTRAINT pk_users PRIMARY KEY (username)
 );
