package app.mealsmadeeasy.api.recipe;

import app.mealsmadeeasy.api.security.EndpointAuthConfigurator;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer;
import org.springframework.stereotype.Component;

@Component
public class RecipesEndpointAuthConfigurator implements EndpointAuthConfigurator {

    @Override
    public void configure(AuthorizeHttpRequestsConfigurer<HttpSecurity>.AuthorizationManagerRequestMatcherRegistry registry) {
        registry.requestMatchers(HttpMethod.GET, "/recipes/**").permitAll();
        registry.requestMatchers(HttpMethod.POST, "/recipes").permitAll(); // search
        registry.requestMatchers(HttpMethod.POST, "/recipes/**").authenticated();
        registry.requestMatchers(HttpMethod.PUT, "/recipes/**").authenticated();
        registry.requestMatchers(HttpMethod.DELETE, "/recipes/**").authenticated();
    }

}