Integrate AngularJS with Spring Boot without Security

stormpath · Oct 18, 2016 · 88f43da · 88f43da
1 parent f223f26
commit 88f43da
Show file tree

Hide file tree

Showing 3 changed files with 36 additions and 8 deletions.
diff --git a/app/search/search.service.js b/app/search/search.service.js
@@ -8,11 +8,17 @@
     SearchService.$inject = ['$resource'];
 
     function SearchService($resource) {
-        var Search = $resource('/api/search/people.json');
+        var Search = $resource('http://localhost:8080/api/people', {}, {
+            'query': {isArray: false}
+        });
 
         Search.search = function (term, callback) {
+            if (term == undefined) {
+                term = '';
+            }
             Search.query(function (response) {
-                var results = response.filter(function (item) {
+                var people = response._embedded.people;
+                var results = people.filter(function (item) {
                     return JSON.stringify(item).toLowerCase().includes(term.toLowerCase());
                 });
                 return callback(results);

diff --git a/src/main/java/com/example/CorsFilter.java b/src/main/java/com/example/CorsFilter.java
@@ -0,0 +1,27 @@
+package com.example;
+
+import org.springframework.stereotype.Component;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+/**
+ * Code borrowed from https://jira.spring.io/browse/DATAREST-573 to
+ * workaround Spring Data REST not supporting @CrossOrigin.
+ */
+@Component
+public class CorsFilter extends OncePerRequestFilter {
+
+    public void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
+            throws IOException, ServletException {
+        response.setHeader("Access-Control-Allow-Origin", "http://localhost:3000");
+        response.setHeader("Access-Control-Allow-Methods", "POST, GET, PUT, OPTIONS, DELETE");
+        response.setHeader("Access-Control-Max-Age", "3600");
+        response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
+        chain.doFilter(request, response);
+    }
+}
diff --git a/src/main/java/com/example/SecurityConfiguration.java b/src/main/java/com/example/SecurityConfiguration.java
@@ -4,15 +4,10 @@
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 
-import static com.stormpath.spring.config.StormpathWebSecurityConfigurer.stormpath;
-
 @Configuration
 public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
     @Override
     protected void configure(HttpSecurity http) throws Exception {
-        http.apply(stormpath()).and()
-            .authorizeRequests()
-            .antMatchers("/api/**").fullyAuthenticated()
-            .antMatchers("/**").permitAll();
+        http.authorizeRequests().antMatchers("/**").permitAll();
     }
 }