// SPDX-License-Identifier: Apache-2.0 AND AGPL-3.0-or-later
// SPDX-FileCopyrightText: 2014-2023 the original author or authors.
// SPDX-FileCopyrightText: 2023 swt23w23
package catering;

import org.salespointframework.EnableSalespoint;
import org.springframework.boot.SpringApplication;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.FrameOptionsConfig;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;

/**
 * The main application class.
 */
@EnableSalespoint
public class Application {

	/**
	 * The main application method
	 *
	 * @param args application arguments
	 */
	public static void main(String[] args) {
		SpringApplication.run(Application.class, args);
	}

	@Configuration
	static class WebSecurityConfiguration {

		@Bean
		SecurityFilterChain WebSecurity(HttpSecurity http) throws Exception {

			return http
					.headers(headers -> headers.frameOptions(FrameOptionsConfig::sameOrigin))
					.csrf(csrf -> csrf.disable())
					.formLogin(login -> login.loginPage("/login").loginProcessingUrl("/login"))
					.logout(logout -> logout.logoutUrl("/logout").logoutSuccessUrl("/"))
					.exceptionHandling(exceptionHandling -> exceptionHandling.accessDeniedPage("/unauthorized"))
					.build();
		}
	}

	@Configuration
	static class WebConfiguration implements WebMvcConfigurer {
		@Override
		public void addViewControllers(ViewControllerRegistry registry) {
			registry.addViewController("/login").setViewName("login");
			registry.addViewController("/").setViewName("index");
		}
	}
}