package com.formulasearchengine.mathosphere.restd;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.google.common.base.Charsets;
import com.google.common.collect.ImmutableSet;
import restx.config.ConfigLoader;
import restx.config.ConfigSupplier;
import restx.factory.Module;
import restx.factory.Provides;
import restx.security.*;
import javax.inject.Named;
import java.nio.file.Paths;
@Module
public class AppModule {
@Provides
public SignatureKey signatureKey() {
return new SignatureKey( "6527500837392160508 BaseXMathSearch 9ce54d33-6085-4281-ada9-26cd95a80a10 restd".getBytes( Charsets.UTF_8 ) );
}
@Provides
@Named("restx.admin.password")
public String restxAdminPassword() {
return System.getProperty( "password" , "mathosphere" );
}
@Provides
public ConfigSupplier appConfigSupplier( ConfigLoader configLoader ) {
// Load settings.properties in com.formulasearchengine.backend.basex package as a set of config entries
return configLoader.fromResource( "com/formulasearchengine/backend/basex/settings" );
}
@Provides
public CredentialsStrategy credentialsStrategy() {
return new BCryptCredentialsStrategy();
}
@Provides
public BasicPrincipalAuthenticator basicPrincipalAuthenticator(
SecuritySettings securitySettings, CredentialsStrategy credentialsStrategy,
@Named("restx.admin.passwordHash") String defaultAdminPasswordHash, ObjectMapper mapper ) {
return new StdBasicPrincipalAuthenticator( new StdUserService<>(
// use file based users repository.
// Developer's note: prefer another storage mechanism for your users if you need real user management
// and better perf
new FileBasedUserRepository<>(
StdUser.class, // this is the class for the User objects, that you can get in your app code
// with RestxSession.current().getPrincipal().get()
// it can be a custom user class, it just need to be json deserializable
mapper,
// this is the default restx admin, useful to access the restx admin console.
// if one user with restx-admin role is defined in the repository, this default user won't be
// available anymore
new StdUser( "admin", ImmutableSet.<String>of( "*" ) ),
// the path where users are stored
Paths.get( "data/users.json" ),
// the path where credentials are stored. isolating both is a good practice in terms of security
// it is strongly recommended to follow this approach even if you use your own repository
Paths.get( "data/credentials.json" ),
// tells that we want to reload the files dynamically if they are touched.
// this has a performance impact, if you know your users / credentials never change without a
// restart you can disable this to get better perfs
true ),
credentialsStrategy, defaultAdminPasswordHash ),
securitySettings );
}
}