I have to work on an application that old interns started. The backend is made with spring-boot and using Kotlin, which I’m very new to both. The backed is a RESTful API and I need to implement an authentication and authorizations to limit the access to specific users the CRUD methods.
There’s basically two user roles I need to create, an admin and a moderator one that can have access to less methods.
Does anyone have a guide on to how to make it possible?
I’ve found this tutorial which seems like to do what I’m looking for but it’s in java and I’m not able to code everything back into Kotlin.
Also, add access restriction on a websocket as well?
Advertisement
Answer
There is official guide for configuring security on Kotlin: https://spring.io/blog/2020/03/04/spring-tips-kotlin-and-spring-security
Security for websockets has two parts for configuring:
- for controllers
- for message brokers
There is guide for that https://www.baeldung.com/spring-security-websockets on Java, but following the example in security configuration on Kotlin you will be able to convert Java to Kotlin, anyway you can always convert Java classes in Kotlin classes in your Intellij Idea as on image: